X

Future State - The Oracle Consulting Blog

Oracle API Gateway A Swiss Army Knife In The DMZ

Guest Author

By Ali Sadjadi, Consulting Technical Manager

Contending with Digital Disruption

I have been asked by several people on many different occasions to describe the differences between API Gateway and OWSM (Oracle Web Services Manager). It
seems that there is a misconception why an organization needs API Gateway? Especially, if they are using OWSM. Many of the capabilities of Oracle API
Gateway are not well known. In this blog I will try briefly to explain all the great capabilities of the product. I would encourage readers that are
interested to follow through the links below.

The Oracle API Gateway is simply a toolbox of many components that can be deployed in DMZ. These components can be put together in an orchestration to
provide a process for accomplishing certain tasks. For example, it can receive a Webservice from a client utilizing SAML security then pass that Webservice
to a backend SOA server with different security mechanism. It can also initiate a file transfer form a remote server on the internet, download the file,
scan it for viruses and then push it into the backend servers for processing.

OAG provides many features that are well beyond the OWSM including:

1. Traffic Routing

2. Packet Inspection for Malware and viruses.

3. Support for many different protocols such as XML, JSON, SOAP, REST, HTTP, JMS, TIBCO, FTP, SMTP, POP and so on.

I believe one of the best features of the OAG is its inherent File Transfer and Transfer Polling mechanisms. We all know many backend SOA services in
particular for utilities, banks and financial institutions utilizing files. Many organizations have home grown file transfer mechanisms that are inherently
insecure and are subject to constant maintenance and support. With an OAG File Transfer Listener a client can easily create a secure file transfer
mechanism in a matter of minutes with capabilities to inspect each incoming file for viruses and then help transfer such files to the backend SOA servers
for processing. Then, provide notifications via email or SMS to the owner of such files that transfer was completed or there was any errors detected plus
provide audit and reporting of such transactions. I recently worked with a client that was amazed how fast they could deploy such a process and at the end
of their engagement they were ready to dump their archaic home grown File Transfer system and utilize Oracle API Gateway.

OAG supports all different transfer protocols:

  • FTP
    : File Transfer

  • FTPS
    : FTP over Secure Sockets Layer (SSL)

  • SFTP
    : Secure Shell (SSH) File Transfer Protocol

It also supports Push and Pull Transfers as well as Polling. Features inherent in OAG are so many that I would recommend anyone interested in knowing more
about Oracle API Gateway to take a look at the following links:


http://www.oracle.com/us/products/middleware/soa/api-management/features/index.html


http://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/part_gs.html

Happy Readings!

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.