Application Integration

Gartner AADI analyst meetings—key takeaways

I had the chance to meet one-on-one with several Gartner analysts at the Gartner AADI Summit in London this week and we engaged in very interesting discussions on many topics.

AADI

API Management

api_management
To embrace digital business and the API economy, the challenge is to “turn a business into a platform” and “turn a platform into a business.” This means that companies need to expose their services on a technology platform for them to be consumed by multiple channels—mobile, social media, partners, API Portals—and focus as a next step in monetizing those services to turn the platform into a new source of business.

The number of API Management projects is booming in 2016. More and more companies are offering an API portal, such as the Dun & Bradstreet API Portal that was presented at the customer case study session.

Programmatic intelligence happens on the edge. The endpoint remains the same but the logic behind depends on more and more factors such as the channel, location, consumer history …
In Europe, the Revised Directive on Payment Services (PSD2) is offering hot opportunities to API Management vendors as banks are now forced to open their systems to other payment providers (through open APIs). Other countries outside Europe plan to adopt PSD2 too and this would lead to a proliferation of short-term API Security and API Management projects.

In the military industry, the need increases for ever stronger security and the number of Axway projects in this area confirms this trend—e.g., the Danish Defense API Management project in partnership with Sopra Steria. API Management solutions combined with Attribute Based Access Control (ABAC) solutions such as Axiomatics offer a great value to military organizations who want to have an extremely high level of security with a strong granularity.

In terms of the acquisition, we expect major acquisitions in the Full lifecycle API Management arena. About that, Axway made a very smart move at acquiring Appcelerator to allow developers to design and create APIs easily.

Hybrid integration

hybrid_integration
The iPaaS market is evolving very quickly. It doubled in one year to reach $400M in 2015.
The standard Application Integration suites such as ESB have been decreasing in terms of revenue in 2015, except Microsoft Biztalk solution who had a slight increase. Most companies are now moving to new types of architecture that offer agility and the capacity to integrate applications both on-premises and on the Cloud. In order to address multiple needs coming both from the business and IT, Hybrid integration solution providers offer different User Interfaces and capabilities to Business Users, Citizen Integrators and IT integration teams.
The hybrid integration platforms (HIP) concept starts to turn into a reality. They are four reasons for hybrid:

1.  Hybrid in personas: HIP needs to offer application and data integration patterns that can address multiple user personas:

  • The application specialist
  • The professional integrator
  • The business user
  • The citizen integrator

This multiplicity of personas to address results in multiple User Interfaces. For example, the professional integrator won’t be using the same interface as the business user.
2. Hybrid in scenarios: on a HIP, there are different scenarios:

  • the service creation can be done with available connectors, by building new connectors or by creating a composite service mashing up several existing services.
  • the service exposure can be done either by IT who develop a custom API or by business users who use a Web interface to build a flow between APIs with easy drag and drop data mapping features.

3. Hybrid in deployment: the deployment can be done as software or on the cloud as a service. It’s important that the platform remains as close as possible to the services, that’s what we call “gravity of intelligence.”
4. Hybrid in the support model: the platform can be operated either by the vendor or by the customer.

Microservices

microservices
Docker containers and node.js stack are having great success on the market. This is not just a hype, those technologies are meeting real market needs. In terms of security, there is a strategy that consists in grouping the microservices by domain and having an API Gateway per domain to enforce security across the domains—including authentication and authorization. Then, within every domain, there are two options: either the traffic is open and not subject to security rules, or every connection flows through the API Gateway to be secured. Regarding cross-domain communication, the API Gateways can trust each other via delegation rules implemented with OAuth for example.

As microservices are connected to each other and used by multiple applications and processes, it’s key for them to support continuous delivery and enforce the interface contract defined by the API.

Last, the question of data management is a key consideration. Every service should encapsulate the data that they manage and not rely on other data/application integration systems.

Internet of Things

internet_of_things
As of today, 1/3 of companies have implemented IoT projects. Those projects are mostly driven by LoBs (using iPaaS solutions for example) and consist in collecting data with sensors and do something with it on the back-end.

IoT is built on APIs: MQTT for devices (or other industry-specific protocols) and REST APIs for back-end APIs.

What’s the place of API Management in IoT projects? This question is important because all IoT projects need an API Gateway to protect the APIs. The reality is that all IoT vendors offer an API Management layer in their solutions but the maturity of this component is far from a best of breed API Management solution. Thus, as Enterprise Architect, you need to think what is your API Strategy: you probably have other ongoing projects such as mobility, real-time B2B integration, Open API and API Portals … in this case, you’d better select a best-of-breed API Management solution that can act a single layer on top of your APIs to protect, monitor, document and manage them efficiently. This also allows you to select an IoT platform that meets your needs best without bothering of security considerations.

Analytics is also key in IoT projects and event-driven real-time analytics solutions aim at having the right insight into business trends.

As the volume of data will continue growing, this will crush companies and there will be most probably a strong need for technologies moving the data around. Learn more about Managed File Transfer solutions here.