March 16th, 2012

Mobile World Congress: It’s All App-ening!

Layer 7 at Mobile World CongressMobile World Congress 2012, which took place in Barcelona a couple of weeks ago, attracted over 60,000 attendees from across the planet. Proving just how pervasive mobile technology has become, the keynote speakers included not just telecom leaders but also senior executives from Best Buy, eBay, Facebook, Ford, Google and Visa. Oh and Layer 7 was there too, of course!

Here are some takeaways from the conference:

  • It’s all about apps… – The hottest exhibition hall at MWC was the “App Planet”, which was primarily populated by app development companies. It’s clear that mobile apps are the draw when it comes to this era of mobile dominance we are entering and this hall emphasized that point clearly and gave a view into the future.
  • …and APIs – App Planet also had a lot of API enablers, such as Neustar, on display. Also, three of the keynote speakers — China Mobile, AT&T and Ford — all emphasized the importance of using APIs as a foundation for their mobile strategies. With apps driving mobile adoption, it’s evident that APIs are a fundamental enabler.
  • Increasing focus on enterprise – Although much of the focus in the app space was on the consumer market, there is a marked increase in enterprise options. Vendors like Roambi were showcasing their business apps and a number of exhibitors were emphasizing solutions for mobile device management and mobile identity.

All these trends and issues are discussed in Layer 7’s new white paper Secure Mobile Access for Enterprise Employees. The white paper explores how enterprises can use APIs to open internal information assets to mobile developers, to enable the creation of mission-critical apps that maximize employee productivity and availability.

I look forward to following up with all of the people I met in Barcelona and to injecting the lessons I learned into our product suite.

Download the white paper: Secure Mobile Access for Enterprise Employees.

March 13th, 2012

Join Layer 7 for Tech Talk Tuesday, Live on Facebook

Written by
 

Layer-7 Facebook Tech TalkWe are going live for an exclusive, interactive event through our Facebook page and we want you to join us. We’ll be livestreaming a conversation with Layer 7 Director of Solutions Engineering Francois Lascelles on our live Facebook channel, next Tuesday. This will be the first in a bi-weekly series of interactive town hall meetings we’re calling “Tech Talk Tuesday”.

Simply go to the Layer 7 Facebook page and click the Livestream icon to start watching live on Tuesday March 20 at 9am PDT (12pm EDT, 4pm GMT). We’ll be discussing the topic of OAuth Best Practices for API Access Control. We’ll start by talking about the broader aspects of API access control before diving deep into the specifics of OAuth.

And here’s where you come in… We’d love to answer any questions you have concerning OAuth, like: how to incorporate an existing API and identity provider or how to apply the different grant types used in OAuth. The more questions, the better! So be sure to tell your friends and join us on Tuesday March 20 at 9am PDT | 12pm EDT | 4pm GMT.

March 9th, 2012

Layer 7 at Cable Labs Winter Conference

Cable LabsThe term “open APIs” has long been a watchword among Bay Area start-ups. Open up your data and applications to outside developers -> encourage them to build new mobile and Web apps around your APIs ->  foster an ecosystem around your information -> create new value for your customers while opening new revenue streams and expanding your reach. This mantra is now being adopted across the entertainment, ecommerce and communications sectors.

To drive the point home, Layer 7 will be joining some of its customers at the semi-annual Cable Labs show in Philadelphia next week. The Cable Labs Winter Conference is an industry meet-up where cable operators from across the globe gather to discuss pressing industry issues. One of the agenda items this time around will be Managing Open APIs.

Layer 7 is proud that one of its customers will be speaking on this topic at the event. If you’re attending, please make sure to come by the Layer 7 booth and get a first-hand demo of our API Portal, API Proxy and OAuth Toolkit – carrier-specific solutions for managing Open APIs. Hope we see you there!

Developer Management for Open APIs Solution Brief

Download this Solution Brief in PDF Format

March 8th, 2012

QCon London 2012 is the Place to be this Week

QCon LogoI’m off to London for QCon 2012, the Sixth International Software Development Conference (March 7-9). I am one of the track chairs for this meeting. I’ve just learned that the show is now sold out but there is a waiting list if you haven’t already registered. All indications are that this is going to be an outstanding conference, so if there is any way you can attend, you should make the effort.

I’m hosting a track this Friday, called Industrial-Strength Architecture for Integration & Web Computing. Here’s how I described the track to potential speakers:

The enterprise is demanding more from the Web than ever before. No longer content with simple Web application delivery, the new enterprise Web has become an integration point between mobile devices, browsers, legacy systems and third-party Web apps. It is a difficult balancing act. The new enterprise Web is highly scalable but can also reconcile the different service level expectations across each participant. At its core, it enables agile product delivery while maintaining extreme reliability. In this track, we will study the architectural challenges faced by the enterprise that needs to harness the Web as a rich delivery channel — and highlight the real-world solutions that address these challenges. We will explore the intersection where trends such as virtualization, noSQL, JSON, OAuth, APIs and mobile apps meet. Join us to understand the fine tuning between milliseconds and dollars that can make the difference between wild success and disappointing mediocrity.

I’m fortunate to have a great roster of speakers, including Theo Schlossnagle from Omniti, Paul Fremantle from WSO2, John Davies from Incept5 and finally both Marcus Kern and David Dawson from Mobile Interactive Group.

I’m also going to chair a panel titled Integration at Scale: Lessons Learned from the New Enterprise Web. This one promises to be a very interesting discussion:

The mobile device revolution has upended our traditional view of the World Wide Web. The enterprise Web is now about integration: connecting any device to to any data, reliably and under wildly-fluctuating load. How has this affected Web architecture and what changes in the day-to-day operation of the Web resource? Join us for this panel of senior enterprise architects, each of whom has met the challenge of the new enterprise Web.

The panel line up consists of David Laing from CityIndex, Neels Burger from MoneySuperMarket.com, Neil Pellinacci form Tanzarine Technology and Parand Tony Darugar from Xpenser. Each brings tremendous experience to the panel and bringing them all together is going to make for a lively and informative debate. I’m looking forward to it.

Hope to see you in London!

March 8th, 2012

Reminder: Upcoming API Access Control Webinar

Layer 7 WebinarOAuth handshake patterns and OAuth token management are currently two of the hottest topics related to enterprise APIs. Although OAuth originated as a third-party authorization mechanism, it now addresses a multitude of patterns related to controlling access for RESTful APIs. With version 2.0 of the standard defining numerous grant types that accommodate both two and three-legged cases, OAuth is becoming the de-facto standard for any API access control.

Regardless of the specific access control scenario, any enterprise-scale OAuth implementation must leverage existing infrastructure and processes for managing and controlling identities. For example, OAuth should be implemented in a way that maintains any existing Single Sign-On user experience or it should simply reuse existing identities and their attributes as part of the authorization checks.

Next Wednesday, I’ll be joined by Steve Coplan of 451 Research for a webinar called Simplifying API Access Control with OAuth. We’ll be taking an in-depth look at just how OAuth can be integrated with existing systems for effective API access control. We’ve already had a lot of interest in the event but there are still a few free spots, so don’t hesitate to sign up for the webinar today.