Layer7 API Security

 View Only

Layer7 Work in Progress Update - PI25

By Gregory Thompson posted Feb 03, 2021 11:26 AM

  

As part of our effort to keep our customers up to date and get continuous feedback, we will begin providing updates on our development work in progress for each Program Increment (known as a "PI") here in the Layer7 Community. We invite you to provide feedback by commenting on this post below. The key capabilities currently being worked on in this PI (PI25) are:

API Gateway

  • Release of API Gateway 10.0 CR3 is currently planned for early March and will include TLS1.3, HSM Partition Key Support, Compressed Kerberos Tickets, and more. See the release notes for a complete list once CR3 is available:

    https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/release-notes/new-features-and-enhancements.html 

  • Mobile SDK Safari View Controller Enhancement to adhere to new Apple requirements for publishing apps to the App Store
  • Upgrade to Java 11, Spring 5.3+ and Hibernate 5.x - updates key platform libraries within the API Gateway to move away from older versions that will be end of service in near future. This is ongoing work that spans multiple PIs and is targeted to be released with API Gateway 10.1 around mid-year.
  • Upgrade to CCJ 3.x - upgrades the API Gateway's Crypto Comply Java library to version 3 to provide up to date encryption support. (Planned for API Gateway 10.1)
  • Common Criteria early assessment to evaluate and identify any gaps to achieve Common Criteria Certification which is planned for the API Gateway 10.1 release
  • HSM Partition Key Support Additional Enhancements


API Portal

  • Release of API Portal 5.0 CR1 is currently planned for late February and will include MySQL 8.0 Support for Portal DB along with Helm chart updates. See the release notes for a complete list once this release is available. https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/5-0/release-notes-api-developer-portal.html
  • Release of API Portal 5.0.1 (SaaS only) is planned for late February and will include API Hub support for OKTA integration, Permissions Refresh to Differentiate Consumer Org from Publisher Org, Filter Users by Organization, and more. See the release notes for a complete list once these releases are available:

    https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/saas/change-log.html

  • Portal Sync Enhancements - This is work that continues to improve the sync of application API keys between the portal and gateway.
  • UI Enhancements to provide proxy status and availability based on the new API for querying API deployment status introduced in PI24
  • API Hub Page Enhancements for viewing apps with multiple keys
  • Portal Helm Charts to support MySQL 8.0 (5.0 CR1)
  • Removal of Adobe CQ5 for API Portal SaaS
  • Removal of deprecated Portal APIs

Note that some larger capabilities may span multiple PIs and, as always, plans are subject to change based on a number of different factors.

Candidates for PI26
While the capabilities to be included in PI26 are not yet set, please see below for a list of candidates being considered. Of course, not all of these will fit and we will select a subset of these based on your feedback. We'd love to know if there is a capability in the list you are eagerly awaiting and/or plan to use. We also would love to know if there is something missing from the list that is important to you. Please comment in the comments section below with your feedback.

API Gateway

  • JDK 11, Spring and hibernate 5 updates for remaining APIM components like OTK, portal assertions, integration testing.
  • Headless Install Updates for Siteminder and Precision API Monitoring
  • Policy plugin updates
  • API Gateway Integration with Oracle Access Manager 12c
  • API Gateway Integration with IBM Access Manager 9
  • Headless Install Updates for Siteminder and Precision API Monitoring
  • Websockets support for HTTP using same port
  • Ephemeral Gateway
  • Custom Assertion SDK Updates
  • Common Criteria Certification
  • Upgrade Tomcat version

API Portal

  • Workflow for API key creation/edit
  • API Portal support for Environmental Gateway Bundles
  • API Portal for “service” type gateway bundles
  • Portal Doc Improvements for HA/DR
  • Ops Capabilities via Portal
0 comments
31 views

Permalink