Header Image

API Gateway for VMware

Certified API Gateway for VMware


The Layer 7 API Gateway for VMware enables organizations to rapidly deploy an API Gateway in development, test, production and cloud environments, reducing development, test and implementation costs, while improving architectural flexibility. The API Gateway for VMware offers all the features/functionality of Layer 7’s family of API, SOA and XML hardware appliances at a fraction of the cost, including sophisticated runtime governance, enterprise-scale management and industry-leading XML security. Like all of Layer 7’s hardware gateways, the API Gateway for VMware can be managed through the Layer 7 Policy Manager, Management API and API Service Manager.

For organizations that require visibility, trust and control over cloud-based services, the Layer 7 API Gateway for VMware can be deployed on many of the industry’s most popular cloud platforms to secure, monitor and manage service interactions inside a cloud and between private/public clouds. In this way, organizations can seamlessly reuse their existing, on-premise API Management and SOA Governance solutions for their cloud-based initiatives.


XML Virtual Appliance - Layer 7 Technologies



Learn More About Layer 7's API Gateway Technology


Notable News 


Avoid Vendor Lock-in – Implement policies that manage requests to virtualized application services in order to provide load balancing and failover between private and/or public clouds.

Implement Cloud Governance – Control, monitor and adapt private/public/hybrid cloud-based application services, to ensure security, compliance and quality of service.

Reduce Deployment Complexity – Once deployed in multi-tenant or virtualized environments, additional instances of the soft appliance can be replicated for handling traffic spikes or evolving transaction volumes.

Virtualized API Gateway for VMware
  • Available as 32 and 64-bit VMware/ESX-based appliances (VMware Ready certified)
  • The SecureSpan Virtual Appliance is packaged with the virtual disk converted and ready for use on VMware/ESX
  • Supports VMware Server and VMware Infrastructure
  • XML
  • SOAP
  • AJAX
  • XPath
  • XSLT
  • WSDL
  • XML Schema
  • LDAP
  • SAML
  • PKCS
  • X.509 Certificates
  • FIPS 140
  • Kerberos
  • W3C XML Signature
  • W3C XML Encryption
  • SNMP
  • SMTP
  • POP3
  • IMAP4
  • IPv6
  • WCF
  • JSON
  • JMS
  • MQ Series
  • REST
  • Tibco EMS
  • FTP
  • OAuth
  • WS-Security
  • WS-Trust
  • WS-Federation
  • WS-Addressing
  • WSSecureConversation
  • WS-MetadataExchange
  • WS-Policy
  • WS-SecurityPolicy
  • WS-PolicyAttachment
  • WS-SecureExchange
  • WSIL
  • WS-I
  • WS-I BSP
  • UDDI
  • WSRR
  • MTOM


Cloud Governance
Virtualized gateway
  • VMware and ESX support facilitate deployment to both private and public clouds
Cloud monitoring
  • Configurable reports provide insight into cloud-based service performance health, and metrics (i.e., throughput, routing failures, utilization and availability)
Cloud security
  • Manage access from cloud-based application services to enterprise-based assets with industry-leading access control, alarms/audits and secure routing capabilities
Cloud vendor SLA enforcement
  • Measure and track cloud service provider performance to ensure they are meeting uptime and other contractual obligations
SOA Governance
Runtime enforcement of governance policies
  • Enforce policies around security, compliance, reliability, SLAs, quality of services, and others in order to control, monitor and manage application services
Centralized SLA enforcement/Quality of Service
  • Throttling/rate limiting controls provide the ability to support service over subscription with per-service throttling of excess messages
  • Service availability features include support for strict failover between public and private cloud providers, round robin, best effort and latency-based routing
Cloud Security
Identity-based access to services and operations
  • Integration with leading identity, access, SSO and federation systems
  • Onboard identity store for administering identities and staging new services
Manage security for cross-domain and B2B relationships
  • Credential chaining, credential remapping and support for federated identity
  • Integrated STS/SAML issuer supports SAML 1.1/2.0
  • Integrated PKI CA for automated deployment and management of client-side certificates and RA ability for external CA’s including Verisign
XML Threat Protection
Filter XML content for Web 2.0 and SOA
  • Configurable validation and filtering of HTTP headers, parameters and form data
  • Detection of classified or “dirty” words or arbitrary signatures with subsequent scrubbing, rejection or redaction of messages
  • Support for XML, SOAP, POX, AJAX, REST and other XML-based services
Prevent XML attack and intrusion
  • Protect against XML parsing; XDoS and OS attacks; SQL and malicious scripting language injection attacks
  • Protection against XML content tampering and viruses in SOAP attachments
API Management
API Publication
  • Secure, manage, monitor and control access to APIs exposed to third parties
  • API usage can be throttled to ensure backend services are not overwhelmed; limited by user, time of day, location, etc; and quota managed (i.e., # of uses per user per day)
API Metrics and Reporting
  • Configurable, out-of-the-box reports provide insight into API performance: measure throughput, routing failures, utilization and availability rates etc.
  • Failed authentications and/or policy violations can be tracked to identify patterns and potential threats
API Security
  • Support for all major WS* and WS-I security protocols
  • Support for all major authentication and authorization standards, including SAML, Kerberos, digital signatures, X.509 certificates, LDAP, XACML etc. 
Enterprise-Scale Management
Operations Console
  • A single, real time view of all Gateways across the enterprise and cloud showing audits, events and key metrics
Policy Migration
  • Centrally move policies between environments (development, testing, staging, production etc.), settings (enterprise, cloud etc.) or geographies, automatically resolving discrepancies such as SSG licenses, IP addresses, IT resources (i.e. LDAPs may be named differently) etc.
Services Reporting
  • Configurable, out-of-the-box reports provide insight into Gateway operations, service-level performance, and service user experience
Remote Patching
  • Selectively update any software installed on Gateways, including system files and operating system
Disaster Recovery
  • Centrally back up Gateway config files and policies from one or more Gateways/clusters, and remotely restore, enabling full disaster recovery
Management API
  • Remote management APIs allow customers to hook their existing, third-party management tools into the Gateway, simplifying asset management