The CA API Gateway ( fka Layer7 API Gateway ) is a security gateway, that is primarily used as a 'Policy Enforcement Point' for an Enterprises API's / WebServices. We are really like a 'Swiss Army Knife' of features, which include ( API Security, Integration, Message Enrichment, Orchestration, Logging/Auditing, throttling, etc.. ). We have a lot of similar functionalities like that of an Enterprise Service Bus, which have ppl referring to us as a Lightweight ESB as well.
To answer your question, we are more than just a firewall ( though we can offer a lot of the same functionality ), but we are primarily used to sit out in front of your Enterprise's Services, and be that PEP ( Policy Enforcement Point ).