November 25th, 2011

FROM THE VAULT: White Paper – Choosing the Right API Management Solution for the Enterprise User

API White PaperWhile APIs may be nothing new, the whole concept of “API management” is still pretty fresh. It’s probably a term you’re going to start hearing more and more, though – simply because more and more organizations are going to start discovering they need ways to secure and manage their APIs.

Over the last few years, social media and mobile devices have provided all sorts of organizations with the motivation they need to start publicly exposing data and services they would previously have kept private. Clearly, this raises security and management concerns, especially for larger enterprises with valuable data to protect and reputations to maintain.

While API management products have been on the market since at least 2006, there’s still fairly limited understanding of what a fully-functional API management solution looks like – or should look like. Earlier this year, we published our Choosing the Right API Management Solution for the Enterprise User white paper, to help enterprises fill in the blanks.

So, if you’d like to learn the key functional and operational requirements for an API management solution, just download this white paper.

November 14th, 2011

New White Paper: A How-to Guide to OAuth & API Security

Written by
 

OAuth White PaperOAuth is becoming an increasingly important aspect of API security. For organizations that want to make their services available across the whole range of social media platforms and mobile devices, OAuth represents an essential tool for enabling user access and protecting user privacy. But it’s still an emerging technology that is, for the most part, quite poorly understood. What is more, actually implementing OAuth can be something of a challenge.

Our new white paper, A How-to Guide to OAuth & API Security, provides practical information and actionable advice on:

  • What OAuth is and how it fits into a complete API security solution
  • Why implementing OAuth can be a complex matter
  • How you can make OAuth implementation simple for your organization

There are two very important lessons you’ll take away from this white paper. First, OAuth is emerging as a cornerstone of secure API publishing and enterprises will need to get to grips with it if they’re serious about protecting customers’ private data.  Second, OAuth is not the be-all-and-end-all of API security. A complete, enterprise-grade API security solution will also have to deliver functionality for auditing, threat detection and so on.

To find out more, download A How-to Guide to OAuth & API Security.

November 9th, 2011

New API Resources: API Management for Content Publishers Solution Brief & API Gateways for vCloud White Paper

Layer API ResourcesRight now, the API is at the center of an incredible amount of technological innovation. Across the Web, through the Cloud and onto your mobile device, APIs power all manner of app-building, integration and virtualization initiatives. For individual users and large enterprises alike, APIs are helping us all make good use of an increasingly diverse range of technological options.

We’ve just added two new pieces of API-related content to our Resource Library: a solution brief called API Management for Content Providers and a white paper called Using Layer 7’s API Gateway for vCloud Architectures. The solution brief explores how content providers can utilize innovative distribution methods while keeping customer account data secure and controlling how content is shared. The white paper explains how vCloud APIs can be used to securely facilitate automation and management of application infrastructure in the Cloud.

The topics covered by these documents are, in many ways, quite different. There’s a common thread here, though. Today’s enterprises need ways to secure and manage their APIs, whether these APIs are used to deliver TV shows to mobile devices or to manage enterprise applications run in the Cloud. In either case, we’re here to help!

November 4th, 2011

FROM THE VAULT: White Paper – Identity Federation in Web Services

Identity FederationThis week’s pick from the Layer 7 Resource Library archive addresses two issues that are critical to our technologies: Web services and identity federation. One of Layer 7’s ongoing goals is to help companies realize the value Web services offer to the enterprise – and identity federation is one of the keys to Web services success.

Our white paper Identity Federation in Web Services explains exactly why federation is such an issue with Web services. It explores federation problems commonly associated with reusing application logic across diverse business processes that traverse multiple security domains with independent preferences, capabilities and requirements.

It also outlines the requirements for a solution that will simply, effectively and securely bridge application identities across security domains. Our experience with customers – along with the fact that this has consistently been one of our most downloaded resources – continues to reinforce our belief in the value this type of solution offers to today’s extended enterprise

Read the white paper: Identity Federation in Web Services >>

October 21st, 2011

FROM THE VAULT: White Paper – Steer Safely into the Clouds

Cloud GovernanceThis week, From the Vault – our weekly series highlighting classic resources from the Layer 7 Resource Library  – steps back into the Cloud. Our goal with the white paper Steer Safely into the Clouds was to outline a secure path for Cloud adoption. With a great many drivers pointing enterprises towards the Cloud, this is pretty vital information.

This white paper is also a vital document for us because it outlines the governance philosophy underpinning all our Cloud solutions. It’s increasingly true that everybody wants to be in the Cloud but a move to the Cloud introduces new security risks and may compromise traditional IT governance. That’s where our Cloud governance philosophy comes in.

The way we see it, Cloud governance is a logical evolution of existing SOA governance best practices. It offers a way to assert control over both internal and external applications and data. This white paper should be enough to convince you that, using Cloud governance, the widely reported challenges of Cloud computing can be met.

Download Steer Safely into the Clouds