Blog Feed Post

Enterprise Class Multitenant API Management

Here is a free lesson to start-up companies trying to position their products for large scale Enterprises:  plain and simple, your products need to support multitenancy.

The largest enterprises are diversified, and with the increased adoption of APIs, multiple departments will want to own and control their own API definitions, life-cycle management and API policies  – for both production and development.

This assumes an “on-premise” or “owned” model where the Enterprise owns and manages the infrastructure to expose the API themselves.  I’ve talked before about the blind faith we sometimes put into SaaS; it’s the religion of our time.  For those that want a more quantitative view, this simple TCO calculator can do wonders. Before you place your banner down on one side of the argument, look at the numbers for yourself and actually calculate which is better for your organization.

For Enterprise API Management, a mid-sized organization might address these concerns by deploying a number of independent clusters of virtual API Gateways (software or appliances) to ensure isolation for security and availability. While this model works, it is not efficient as the Enterprise may buy more licenses than are justified by throughput alone, not to mention the operational overhead of managing each API gateway itself.

Even if a mid-sized Enterprise can get away with it, a large service provider that needs to worry about driving costs out of its IT budget cannot as the savings multiply per instance.

Single Tenant API Management Platform

Single Tenant API Management Platform

For example, take the first diagram as an example case study. Here a customer uses API gateways to surface APIs, with projects originating in different departments, each with its own audience. Here we have three tenants or business groups:  sales & marketing, the CIO Team, and the cloud service architects. The sales and marketing team has a new content-rich tablet application that accesses relevant partner and social feeds exposed by the Enterprise, the CIO Team has opened internal APIs for integration and mobile employee productivity apps, and the cloud architects have exposed APIs for external B2B and partner access.

In each case gateways are provisioned as a set of units specific for these tenants. In this environment there is a tendency to over-provision, no matter how accurate you think your sizing will be in terms of number of API calls and data throughput. Based on actual throughput, each department is likely replicating costs & resources for  fail-over, high availability and operational maintenance.

If we take this example and extrapolate to to a larger Enterprise, the repeated costs can really add up. This is where a true multitenant API Management platform helps.

Multitenant API Management adds the correct measure of control & resource allocation to drive costs out of the system. In the multitenant case, we’ve reduced the number of licenses (including gateway, O/S, and other software licenses) by nearly 40%. Rather than maintain three distinct clusters, the same separation of concerns, manageability and policy separation, as well as fail-over and throughput is being handled by 10 gateways. Multitenancy brings consolidation and efficiencies for API management.

Multi-Tenant API Management

Multitenant API Management

While all of this is conceptually simple, actually building the feature in a production product is difficult and takes careful engineering to ensure the system is resilient to tenant changes yet remains stable in the face of potentially millions of API requests. This is exactly what we’ve done in Expressway for API Management over the last 8-10 years working with the Fortune 50. Despite claims made by others, your product probably doesn’t support true multitenancy that scales to production use cases unless you are an Expressway customer.

Many of the products in the market go only ‘halfway’, supporting a set of views or domains, but never support a true separation of statistics, logs, roles. and insulated policy changes for production environments. Halfway doesn’t cut it when there are trillion devices out there looking to access your API.

Expressway Multitenant API Management Capabilities:

  1. Insulated tenants – Application data is protected from view from other tenants in the system
  2. Log Separation – Statistics and logs produced by one tenant are only viewable within a tenant context
  3. Distinct Roles – Tenants have unique administrative roles that are separated from system management
  4. Policy Lifecycle Separation – APIs and their associated policies can be updated and changed independent of other tenants’ administrative operation and runtime processing
  5. Scriptable Configuration – Expressway multi-tenancy is controllable by scripting languages from the command line such as Python and Perl to automate API deployment into an Enterprises API layer
  6. Global Manager Control – The entire tenancy system is controlled by a global manager role used to manage tenants, provide a consolidated view and manage clustering, all with the Fortune 50 CIO in mind.

Got APIs? Got Multitenancy Requirements? Expressway can help.

Expressway API Manager

Expressway API Manager


The post Enterprise Class Multitenant API Management appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

Latest Stories
The Internet giants are fully embracing AI. All the services they offer to their customers are aimed at drawing a map of the world with the data they get. The AIs from these companies are used to build disruptive approaches that cannot be used by established enterprises, which are threatened by these disruptions. However, most leaders underestimate the effect this will have on their businesses. In his session at 21st Cloud Expo, Rene Buest, Director Market Research & Technology Evangelism at Ara...
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Published in Silicon Valley, Silicon India magazine is the premiere platform for CIOs to discuss their innovative enterprise solutions and allows IT vendors to learn about new solutions that can help grow their business.
Join us at Cloud Expo June 6-8 to find out how to securely connect your cloud app to any cloud or on-premises data source – without complex firewall changes. More users are demanding access to on-premises data from their cloud applications. It’s no longer a “nice-to-have” but an important differentiator that drives competitive advantages. It’s the new “must have” in the hybrid era. Users want capabilities that give them a unified view of the data to get closer to customers and grow business. The...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
After more than five years of DevOps, definitions are evolving, boundaries are expanding, ‘unicorns’ are no longer rare, enterprises are on board, and pundits are moving on. Can we now look at an evolution of DevOps? Should we? Is the foundation of DevOps ‘done’, or is there still too much left to do? What is mature, and what is still missing? What does the next 5 years of DevOps look like? In this Power Panel at DevOps Summit, moderated by DevOps Summit Conference Chair Andi Mann, panelists loo...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
Cloud applications are seeing a deluge of requests to support the exploding advanced analytics market. “Open analytics” is the emerging strategy to deliver that data through an open data access layer, in the cloud, to be directly consumed by external analytics tools and popular programming languages. An increasing number of data engineers and data scientists use a variety of platforms and advanced analytics languages such as SAS, R, Python and Java, as well as frameworks such as Hadoop and Spark...
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
A look across the tech landscape at the disruptive technologies that are increasing in prominence and speculate as to which will be most impactful for communications – namely, AI and Cloud Computing. In his session at 20th Cloud Expo, Curtis Peterson, VP of Operations at RingCentral, highlighted the current challenges of these transformative technologies and shared strategies for preparing your organization for these changes. This “view from the top” outlined the latest trends and developments i...
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, paneli...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
SYS-CON Events announced today that TMC has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo and Big Data at Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Global buyers rely on TMC’s content-driven marketplaces to make purchase decisions and navigate markets. Learn how we can help you reach your marketing goals.