Service Oriented Architecture (SOA)

Open up enterprise services with XML, SOAP and RESTful APIs.

Service Oriented Architecture (SOA) has become the industry standard for on-premises IT and integrations that cross the enterprise firewall. In a SOA-based infrastructure, applications and databases are opened up as Web services using XML, SOAP interfaces and–increasingly–RESTful APIs. These services can then be repurposed in a range of new applications.

Exposing application functionality and data as reusable Web services makes it quicker and easier for enterprise architects and developers to repurpose and get maximum value from their existing IT investments. It also enables connectivity across the enterprise and out to external departments, partners and customers.

However, exposing IT assets in this way creates a range of security and management challenges, particularly in scenarios where enterprise architectures cross organizational boundaries to connect with external departments, partners, customers, cloud services and the public Web. Therefore, organizations need ways to secure and manage the performance of their services.

Simplify SOA security and governance.

Publishing Web services creates new attack vectors, increasing the threat that hackers will find ways to access and misuse enterprise systems. Furthermore, reusing services in new, more widely-distributed applications creates the danger of scaling issues and performance bottlenecks—new applications and a growing user base inevitably put increased pressure on IT resources.

Placing SOA-ready gateway appliances at the edge of the architecture simplifies the process of composing, securing and managing Web services. The most advanced available SOA gateways can be customized to meet highly-specific enterprise requirements and address the most cutting-edge use cases for internal, external and machine-to-machine integration.

CA API Gateway is built on the foundation of the award-winning Layer 7 SecureSpan SOA Gateway. CA API Gateway technology retains and expands upon the SOA governance functionality associated with Layer 7’s classic technology, covering use cases that range from traditional XML and SOAP integrations to cutting-edge Web and mobile deployments.

Centralize enforcement of SOA governance policies.

Because applying IT rules to individual services is inefficient and unsustainable, most organizations adopt a centralized, policy-driven SOA governance model. However, in complex integrations involving multiple stakeholders plus a wide variety of applications and databases, it is often difficult to ensure consistent enforcement of security, business and regulatory policies.

CA API Gateway addresses this challenge by making it simple to control and audit how policy gets deployed and enforced at runtime. CA API Gateway acts as a central point where policies can be efficiently composed, managed and enforced. It includes a simple policy composition interface, which makes it easy to create and reuse policies across services and locations.

To enable the enforcement of these policies, the Gateway delivers functionality for:

  • Interface composition and versioning, throughout the service lifecycle
  • “Military-grade” security that meets the highest industry standards
  • Fine-grained access control with support for SAML, XACML and OAuth
  • Easy-to-scale message routing, caching and service mediation
  • Throttling and rate limiting for centralized SLA enforcement
  • Deployment in hardware, virtual machine and cloud service form factors

Learn More about this solution

Visit the CA API Gateway page >

Data Sheet

CA API Management

Make API-based information sharing safe, reliable and cost-effective.

CA API Management

Data Sheet

CA API Gateway

Enable secure, manageable partner, mobile and cloud access.

CA API Gateway

Video

CA API Management Overview

Secure and manage APIs for partner, developer, mobile and cloud access.

CA API Management Overview