Protecting your APIs if account take over (ATO) or DDoS keep you up at night

Red Hat partner Imperva recently announced an expanded portfolio of security products targeting protection against account takeover (ATO) and attacks targeted at APIs, as well as a three-second SLA for DDoS attack protection.

These new services provide comprehensive protection against a wide range of cybersecurity threats targeting not just websites, but also business-critical APIs, legacy systems, and other applications.

Read Imperva’s blog where they highlight that while APIs play a critical role in accelerating innovation and business growth in the digital economy, they need to be protected from cybercriminals trying attacks like intrusion attempts.

Also, don’t miss their press release where our director of product management, Mark Cheshire, weighs in on how Imperva’s solutions complement Red Hat 3scale API Management for a better, safer experience.

 

Six typical integration challenges that agile integration can solve

Red Hat conceived the agile integration concept to help our customers tackle integration challenges more effectively. As we described in an earlier post in detail, agile integration is an architectural approach centered around application programming interfaces (APIs) and API management. At its core, this concept resides on the following three pillars: distributed integration for greater flexibility, containers for the ability to scale better, and managed APIs for re-usability and hence speed.

When we started designing this concept we actually started from two premises:

  1. Agility today is the most important business capability — especially for incumbents in traditional markets.
  2. Every organisation has integration problems.

Typically in most companies nowadays the integration function is centralized and hence technically as well as organizationally a bottleneck. Our two premises contradict each other and we set out to design an integration concept that can solve this contradiction.

In order to come up with a solution that really helps our customers solve their integration problems in the best possible way, we first analysed the market to understand what actually are the problems that users are trying to solve. Although there are of course a very wide variety of often very fine-nuanced problems, it turned out that we could classify all the problems into six typical integration challenges. The following diagram summarizes these challenges and we then discuss each of them in more detail.

Agile Integration: Six Challenges

Continue reading “Six typical integration challenges that agile integration can solve”

Meet application integration in the times of hybrid cloud

The concept of agile integration, depending on whom you ask, may appear as a contradiction in terms. Integration is a concept that used to be associated with “slow,” “monolithic,” “only to be touched by the expert team,” etc.. Big and complex legacy enterprise service buses connected to your applications were the technology of choice at a time when agility was not a requirement, when the cloud was barely an idea, when containers were associated with maritime shipping and not with application packaging and delivery.

Can the principles of agile development be combined with those of modern integration? Our response is yes, and we call it  agile integration. Let me show you what it is, why it is important, and what we at Red Hat are doing about it.

Software development methodologies have evolved rapidly in the last few years to incorporate innovative concepts that result in faster development cycles, agility to react to changes and immediate business value. Development now takes place in small teams, changes can be approved and incorporated fast to keep track of the changing demands of the business, and each iteration of the code has a product as the ultimate result. No more need for longer development cycles and never-ending approvals for changes. And importantly, business and technical users join forces and collaborate to optimize the end result.

In addition, modern integration requires agility, cloud-readiness, and support of modern integration approaches. In contrast with the legacy, monolithic ESBs, modern integration is lightweight, pattern-based, scalable, and able to manage complex, distributed environments. It has to be cloud-ready and support modern architectures and deployment models like containers. It also has to provide integration services with new, popular technologies, like API management, which is becoming the preferred way to integrate applications and is at the core of microservices architectures. And support innovative and fast evolving use cases such as the Internet of Things (IoT).

Continue reading “Meet application integration in the times of hybrid cloud”

Taking Control of your IoT APIs

At its core, IoT is all about data: data from devices, commands to devices, integrating IoT data with other data to gain insights. The data sources include devices, enterprise applications, vendor/partner systems, service providers and customers. The point-to-point integration between these various systems is not feasible; hence, APIs become the primary means of communication between these disparate systems. A clean architectural approach is the one suggested by the agile integration concept. APIs are central to this concept, which allow data to be shared securely between internal and external systems. The opening of APIs enables a company to provide uniform data and transaction interfaces to internal and external developers, partners, and customers, for improved data access and control of remote resources. By providing well-defined APIs, developers can use data in a programmatic manner; e.g., app developers can get access to IoT devices data without worrying about the underlying hardware interfaces. Considering the importance of APIs for IoT, it’s imperative for an organization to manage these APIs effectively. In fact, APIs have been called a fundamental enabler of IoT however, without an effective API Management solution, API sprawl can easily lead to catastrophe.

Continue reading “Taking Control of your IoT APIs”

The Role of Agile Integration in Open Banking

In the mid 90s, Bill Gates famously said that “banking is necessary, banks are not.” There is certainly a lot of truth in this statement. We all need banking services in some shape or form. But who delivers these services to us is secondary. In fact, Accenture concluded in a study conducted in 2016 asking over 30,000 people in 18 countries that if the tech titans like Google, Amazon, or Facebook would offer such services, 31% of the respondents would switch to them. This clearly imposes a significant threat on traditional banking institutions.

Another challenge that banks are facing worldwide are the increasing demands for regulatory compliance with respect to openness. Such regulations include, for instance, Payment Services Directive 2 (PSD2) in Europe, the Amendment Bill to Japanese Banking Law in Japan, the National Payments Corporation of India (NPCI) with the Unified Payment Interface, UK’s Open Banking standard by the Competition and Markets Authority (CMA), or the Open Banking Regime by Australia’s Federal Government. Banks approach these regulatory challenges in many different ways. Some see it as a serious business threat and only do the bare minimum for compliance; others see it as an opportunity and with smart investment start building banking platforms for the future.

Our suggestion for building the banking platform of the future resides on the principles of agile integration, which is an architectural approach centered around application programming interfaces (APIs) and API management. At its core, agile integration resides on the three pillars: distributed integration for greater flexibility, containers for the ability to scale better, and managed APIs for re-usability and hence speed. We described the details in an earlier post.  

Continue reading “The Role of Agile Integration in Open Banking”

How to Address the Challenges of a Pervasive Integration Strategy

Earlier this months at the Gartner ITxpo event, Massimo Pezzini presented the challenges that must be addressed by a pervasive enterprise integration strategy. In summary there are four types of hybrid challenges (see Massimo’s diagram below).

Gartner-HiP

Continue reading “How to Address the Challenges of a Pervasive Integration Strategy”

Announcing Red Hat Fuse Online Technical Preview

On May 2, 2017, we announced a new open source project called Syndesis.io. Syndesis.io provides a low code environment for agile integration. We also demonstrated key capabilities at the Red Hat Summit 2017 keynote.

Building on our foundational work in Syndesis.io, we have expanded those capabilities into a new product and are happy to announce Red Hat Fuse Online as a technical preview.

Continue reading “Announcing Red Hat Fuse Online Technical Preview”

Red Hat 3scale API Management Simplifies OpenID Connect Integration

Red Hat 3scale API Management Platform simplifies the integration between the APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. Consequently, the new version enables API provider users to select and configure their API authentication process from the admin portal UI. 

Continue reading “Red Hat 3scale API Management Simplifies OpenID Connect Integration”

What is agile integration?

**This post was updated on September 26, 2018.**

If you Google the term “agile integration,” you’ll come up with about 30 million results, but they focus heavily on one area: continuous integration within agile development. That definition of agile integration is based on the build environment.

However, it is possible to have another definition for “agile integration,” one that looks at the platform architecture.

In this definition, “agile” doesn’t relate to the process or the infrastructure, but to the flexibility and adaptability–the agility–of the application architecture. Integration within this context has a more strategic role, as the architectural framework that defines the interoperability of services and with a focus on the application functionality.

Check out this e-book to learn more about Agile Integration: The Blueprint for enterprise architecture.

Traditional vs. agile as an architectural approach

There are functional similarities between traditional integration and agile integration – like routing, connectivity, and orchestration capabilities. The difference between traditional enterprise application integration and agile integration is not in the tasks performed, but in the strategic perspective of those tasks. Put simply, integration can be viewed as a necessary but often limited part of the infrastructure (traditional) or it could be viewed as the core framework of the application architecture (agile).

Continue reading “What is agile integration?”

Integrating SOAP based Web Services into Red Hat 3scale API Management

In Red Hat 3scale API Management, we can manage any HTTP(S)-based APIs – including REST and SOAP. With REST, it is particularly straightforward as individual URL paths usually map quite nicely to operations. By operations, we mean fine-grained tasks and services which providers may wish to  a) get visibility into and b) apply control access to.

With SOAP, there is more of a challenge, as it is typical for multiple operations to share the same endpoint. Yet providers may still want to get the same visibility and control they get with SOAP as they get with REST.

Continue reading “Integrating SOAP based Web Services into Red Hat 3scale API Management”