Dimitri Sirota

Dimitri Sirota

Dimitri Sirota is an accomplished entrepreneur and a pioneer in the security field. Prior to co-founding Layer 7 Technologies, Dimitri co-created the award-winning Virtual Private Network provider eTunnels Inc. Dimitri spearheaded its early marketing and business development activities, establishing eTunnels as a leader in secure connectivity for the extended enterprise. He has also worked in senior product marketing and channel development roles at AT&T and Telus. Dimitri holds a Bachelor of Science degree in Physics from McGill University and a Master of Science in Engineering Physics from the University of British Columbia.

September 18th, 2012

Dispatches from Rome
History Repeats: The Search for Agility & Reuse Through APIs

SDP Global Summit RomeRome has seen its share of history. Therefore it shouldn’t have come as a surprise to hear telco after telco at last week’s SDP Global Summit echo the decade-old SOA mantra of abstraction, agility and reuse when talking about their new API initiatives. If they’d added a mention or two of loose coupling, the transportation back in time would have been complete.

On the surface, there’s no inconsistency between talking API and talking SOA: “API” usually denotes an implementation style; “SOA” an architectural approach to integration. A decade ago, SOAP and WS* formed an ideal implementation of SOA – or so thought the committees that drafted the supporting specifications behind what became known as Web services.

Like all well-intentioned products of committee, Web services represented an act of compromise, accommodating many competing interests. But their complexity became self-limiting and so Web APIs, with their familiar Web-like approach to handling machine-to-machine interactions, have become the latest hope for practical SOA among enterprises and telco carriers.

For carriers, the race to APIfication has a special urgency. With the explosion of apps running on smart phones, smart TVs and smart everything, the carrier is often relegated to providing a pipe and subsidizing devices. APIs give them hope by allowing them to expose their various assets as programmatic interfaces that can be leveraged by internal and external app developers.

This empowers carriers to stay competitive and relevant by giving them the ability to deliver software and services into the marketplace faster. APIs also allow carriers to adapt and react to failure more efficiently. If one idea doesn’t work, a telco can quickly retool and offer a new set of services that may have more appeal.

But if Web APIs are to deliver on the SOA vision of agility and reuse, they will need some of the same plumbing that made Web services work. Specifically, SOA Gateways were essential in making Web services practical. They provided a controlled, simple and economical way to connect services, regardless of differences in implementation.

Similarly, for APIs to be successful in the carrier market, telcos will need to implement API-ready SOA Gateways – or “API Gateways” – that can offload all the abstraction, adaptation, orchestration, security, SLA and identity brokering from the API logic. As with SOA, governance belongs not in the API but in an intermediary that mediates interactions with other applications. History repeats.

September 11th, 2012

Dispatches from Rome: Different Strokes for Different Folks Applies to APIs Too

SDP Global Summit 2012This week, I’m at the SDP Global Summit in Rome, which is focused on API publishing for telecom carriers. One of the comments I’m repeatedly hearing from speakers with carrier organizations is that they want to support different communities of API consumers without complicating their API publishing strategies.

Everyone wants to capture the long-tail developer but, for many carriers and non-carriers alike, developers in dorm rooms don’t generate revenue. Increasingly, the focus of many enterprise API publishers is on internal users, other enterprise customers and even partners. The mass market is great but, for APIs, it doesn’t always pay immediate benefits.

API goals around revenue, reach and retention are often realized faster by programs that expose APIs to internal developers who can turn around new services faster, customers that can build revenue-driving software faster or partners that can expand collaborative channels across mobile and cloud.

No two API consumers are the same, which means publishers need to build diversity into their API strategies from the get-go. But building flexibility without creating complexity can be tricky. And now for the Layer 7 plug…

API platforms like Layer7′s ease the whole diversification thing. Why build different APIs or API versions for different customers when you don’t have to? One of the popular features of the Layer 7 API Management Suite is the way customized versions of an API can be rendered virtually and exposed to target communities of API consumers, at will.

Something to consider – whether you’re a carrier or not!

July 17th, 2012

Developer Management & the Layer 7 API Portal 2.1

Layer 7 API Portal Version 2.1As Layer 7’s CTO, Scott Morrison, recently stated: API Management = Developer Management. Okay, there are actually many elements to API Management – securing APIs, enforcing rate limits and SLAs, translating protocols and so forth. But if developers can’t make use of your APIs, then your APIs aren’t going to do you much good. So, providing a place where developers can discover, register for, learn about and leverage your APIs is – in many ways – the key to a truly effective API Management strategy.

That’s why the Layer 7 API Portal – which is designed to help organizations onboard, educate and manage developers – is one of the cornerstones of our API Management Suite.

The world of Web, mobile and cloud API publishing is growing and changing at an incredible rate right now, so we’re constantly working hard to expand and refine our line of API-focused products. With all that in mind – and hot on the heels of our SecureSpan Mobile Access Gateway – we’re very excited to announce version 2.1 of the Portal.

With the developer management needs of API publishers constantly evolving, we’ve added a range of new functionality to the Portal, including:

  • Advanced analytic reports
  • More granular privacy controls
  • Enhanced lifecycle management features
  • New customization options for the content management system

We’re exhibiting at Mobile+Web DevCon in San Francisco this week. If you’re at the show and you’d like to learn more about this new API Portal release, please stop by our booth.

June 20th, 2012

Introducing the SecureSpan Mobile Access Gateway

Mobile AccessMobile is forcing enterprises to open up. With the advent of BYOD, tablet enablement of field organizations and mobile consumer initiatives, organizations need simple ways to expose internal information and services to mobile apps on the outside.

Traditional middleware isn’t optimized for mobile. It can’t handle the conversion to mobile protocols or performance optimization for mobile connections. It also fails to provide policy controls for governing how apps interact with corporate-owned resources inside the enterprise and cloud. As for managing identity and access, traditional middleware fails to provide a bridge from SSO, SAML and legacy identity systems to mobile-friendly frameworks like OAuth, OpenID Connect and Java Web Tokens. That is why Layer 7 is introducing the SecureSpan Mobile Access Gateway.

The SecureSpan Mobile Access Gateway builds on the API security and connectivity of Layer 7′s industry-leading family of Gateways for the hybrid enterprise, with new mobile-specific features like support for streaming protocols, notification services, geofencing and social proxy. The Mobile Access Gateway gives enterprises a fast, secure and reliable way to allow mobile developers and mobile apps access to internal information while insulating them from network, application and identity mismatches.

Some of the benefits include:

  • Identity: Extend enterprise LDAP & SSO to Mobile Access frameworks like OAuth, OpenID Connect and JSON Web Tokens
  • Security: Protect mobile REST and OData APIs against attack, build custom geofencing policies and proxy mobile streaming protocols like WebSockets and XMPP
  • Adaptation: Translate and orchestrate backend information services into mobile ready formats like JSON and REST
  • Optimization: Aggregate, pre-fetch and cache data retrieval calls for improved performance
  • Integration: Simplify integration with notification services and external cloud services

If you want to learn more or get a demonstration of the product, contact us at info@layer7.com.

June 19th, 2012

Layer 7 at Gartner AADI

Written by

Gartner SummitsLayer 7’s UK team will be talking mobile, open APIs and cloud this week at the Gartner Application, Architecture, Development & Integration Summit, in London. We are longstanding supporters of Gartner AADI in the UK, US and Australia because of the value it offers enterprise architects, development managers and integration leaders facing challenges around mobile, APIs and the cloud. As enterprises face more complex hybrid connectivity problems over the coming years, we expect conferences like this will play a central role in providing a gathering place for IT experts tasked with finding solutions.

If you’re attending this year’s London event, come by Layer 7′s booth to learn about our new mobile offerings or enjoy the company of the Queen herself during a special hospitality event, where we’ll be celebrating her Diamond Jubilee. Also, if you get the opportunity, don’t miss the chance to hear Rhys Jones from Royal Bank of Scotland (a Layer 7 customer) talking about his organization’s journey to the cloud.