Platform for Secure Digital Business

Platform for Secure Digital Business

Sachin Agarwal

70% of US population owns Smartphones

50 billion connected devices by 2020

Digital is disrupting the physical world with new business models

Why Digital?

Customers are becoming increasingly wired – new touch points

Digital is driving innovative new business models

Integrated digital eco-systems offer valuable insights

Every Business is a Digital Business

John Deere turns farm data and telemetry into a digital plan to optimize operations and increase yields/profits.

Get Visibility into Spend

Manage expenses anytime, anywhere

It’s all about automation

Key Aspects of Digital Enterprise Strategy

• Create Digital eco-systems with APIs

• Integrate data and applications to create a digital value chain

• Analyze interactions to extract meaningful insights

• Secure your digital interactions

The SOA Software Digital Business Platform

API MANAGEMENT

APIs Extend your Digital Ecosystems

Leverage Developers & Partners Ecosystems

Tap into an extended eco-system of developers with APIs

Capture new Opportunities with APIs

Drive Innovation

Increase Reach

Support New Devices

Discover New Business Models

Increase Partner Network

APIs Foster Internal Innovation and Efficiency

• Securely publish, share and use common services• Improve discoverability of internal services• Create internal communities to foster innovation

APIs: The Path to Digital Transformation

SOA Software API Management Platform

• Community Manager

• API Gateway

• Lifecycle Manager for APIs

CLOUD INTEGRATION

The New Enterprise is Fragmented

Cloud Platforms SaaS Applications

Mobile & IoT Apps

Data Services

Packaged Apps

Custom Apps

SaaS has leapt ahead

72%

*Source: North Bridge Venture Capital

2014

13%2011

Traditional Integration Approaches

ESB are too heavy weight, long integration cycles

Most Cloud Integration solutions still rely on ESB architecture

Proprietary connectors don’t scale for

IFTTT is innovative, but not for Enterprise

What Connected Enterprises Need?

• Integrate with growing number of Apps

• Configure, no-code

• Multi-channel focus

• Ubiquitous access (API)

• Multi-point

• Configurable Orchestration & Transformation

• Have Business, not your ESB drive your strategy

Integration Redefined

ESB

Public APIs B2B APIs Internal APIs

Cloud Integration Gateway

Cloud Integration Gateway

Gateway Architecture API based Open connectors Flexible Deployment Declarative Policies Multi-point Integration Orchestrate and Transform Publish as APIs No IDEs or Eclipse plug-ins Data and Policy Governance

#NoESB

SECURITY

A mobile app accessing your data has been compromised!

How do you securely share APIs with an open developer community? Can you selectively revoke access for compromised Apps?

DIGITAL ENTERPRISE: Securely share data

Make adoption easy

Make it SECURE

Securing the New Enterprise

Digital is disrupting how and where information is accessed

• Mobile and Social Apps don’t’ understand PKI, WS-Security, etc.

• Focus on human readability, developer adoption

Realizing End-to-End Security

Managing the User Experience

Securing the App - PII, PHI

Enabling Easy Developer Access

Securing the Channel

Securing the Backend

Understanding the Security Landscape

• Protocol specific threats• Key Management• OAuth• Monitoring• Licensing• Security Token Mediation

API Specific Security

Single Sign On MDM

ATP, Firewall, VPN etc.

API Security

1 Authentication & Authorization

2 App Key Validation/Licensing

3 Message Security

4 Threat Protection

5 Content Filtering

6 Rate Limiting

Developers

SOA Software API Gateway

Gateway

Security

Authentication

Protection

IAM Integration

Encryption

Mediation

Quality of

Service

Paging/Caching

Orchestration

Scripting

Out-of-the-box Security Policies

OpenID Provider/Relying Party

OAuth 1.0a & 2.0 (all grant-types)

Developer/Partner Key Auth & Az

CORS Management

HTTP Basic-Auth

Mutual SSL based Authentication

SAML 1.1 & 2.0 (STS included)

WS-Trust 1.2 & 1.3

WS-Security Transport Binding

WS-Security Username Token

WS-Security Message

Encryption/Signature

Integration with AD, SiteMinder, OAM,

RSA,

Cookie-based Authentication

Denial of Service attack Prevention

SQL Injection Prevention

Virus Scanning

XML Schema Validation

Malicious Pattern Detection

SLA/Throttling by a Developer/Partner

Certificate (PKI) Management (CA

Included)

ANALYTICS

Analytics

Which Application, Channels or APIs are driving the most business?

Analytics

Ensure 99.99% uptime

Proactive Operations

Identify bottleneck

Prevent security breaches

Analytics for your Enterprise

Business Analytics

• Track product, customer and monetization trends

• Identify new opportunities.

Operational Analytics

• Ensure operation excellence of your infrastructure

• Analyze errors and response codes

API Analytics

• Identity top APIs by usage, monetization, app type etc.

• Analyze API Licensing, monetization and fine-tune developer onboarding

Flexible Analytics Platform

Intercept & Collect

Store in Big Data Store

Process & Map

Reduce

Enrich & Customize

Analyze & Visualize

Analytics Manager

API Gateway

Community Manager

Analytics Manager

Data SetDimensionsMetricsAggregation Rules

EnrichmentMap ReduceExternal PluginsR

Import

Capture

Export

VisualizationCustomizeExport as Widgets

Custom Plug-ins

Business Analytics

API Analytics

Operational Analytics

Analytics Framework

Policy based data collection

Out of the box reports and dashboards

Configure (no-code) to create custom visualizations

Embed charts in dash board

Import data from any external source

Export easily into any other analytics infrastructure

The SOA Software Digital Business Platform

Leader in Gartner MQ and Forrester Wave

The Gartner document is available upon request.*Gartner, Inc., Magic Quadrant for Application Services Governance by Paolo Malinverno, Daryl C. Plummer, Gordon Van Huizen, August 8 th 2013.

Gartner Application Services Governance MQ 2013

Forrester Wave: API Management, Q3 2014

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

Marquee Customers

PRODUCT OVERVIEW

APIs: The Path to Digital Transformation

Accelerate Digital Channels

• Delight customers with an engaging experience on any channel or device, at any moment

– Mobile-enable your enterprise, externalize your products and services as APIs, and stay ahead of consumer trends.

– Accelerate time to market and reduce TCO by leveraging existing applications

Capabilities• Orchestration• Mediation• Scripting• Caching/Paging• Security

Drive Partner Adoption

• Engage business partners and get developers up and running quickly

– Launch a secure online portal to quickly onboard business partners and establish interactive online social channels with them.

– Drive partner adoption with updated documentation and developer community. Connect with developers, inspire them, and drive your API usage.

Capabilities• Portal• Social• Documentation• Groups• Search

Monetize Digital Assets

• Package, market and license your assets to maximize revenue

– Transform any application, service or asset into elegant and simple APIs.

– Productize you data, create customized packages and tailored plans, and license them accordingly.

Capabilities

• Licensing• Rate Limiting• Provisioning• Documentation

Analyze your Business

• Get instant insights into your business and optimize the delivery and value of APIs

– Maximize your revenue by gaining complete visibility into how your partners and customers leverage your data.

– Monitor activity for a specific partner, app or developer and evaluate their impact on your business.

Capabilities

• Business Analytics

• Operational Insights

• App and Developer Metrics

An Unified API & SOA Platform

Transform & Secure

Publish

Monetize

Dev. Adoptio

nAPI

SOAP to RESTMobile- Optimization

OAuthMediation

Analytics API Documentation

Applications and

ServicesApps

API Producers

API Consumers

API Platform CapabilitiesPlatform

Licensing

Quota Mgmt.

Partner Mgmt.

PCI Compliance

Provisioning

Policy Mgmt.

Monitoring

OAuth

Federation

Analytics

Lifecycle

API/Services

Application

User

Compliance

Integrations

Gateway

Security

Authentication

Protection

IAM Integration

Encryption

Mediation

Quality of

Service

Paging/Caching

Orchestration

Scripting

API Portal

Search

Documentation

Groups

Social

The Unified SOA & API PlatformAnalytics

Developer

Engagement

Gateway Services

Service Integration

Lifecycle Management

Flexible Deployment Model

API Resources and API University

• Resource Center– http://resource.soa.com/

• Follow us on:

www.facebook.com/soasoftware

www.linkedin.com/company/soasoftware

@soasoftwareinc