Best Enterprise Security Gateway for B2B Integrations
April 19, 2019

Best Enterprise Security Gateway for B2B Integrations

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with WebSphere DataPower Gateway

We have been working on WebSphere DataPower Gateway for quite a long time now. In our project, we mostly use it as :
1) A Security Gateway
2) Make external API calls to clients outside the Intranet
3) Transformation of the complete message (or few elements of it)
4) Conversion of one message format into another(SOAP, JSON, MQ... )
4) Orchestration of different service results in into a single result

The Edge Security provided by DataPower including different Security mechanisms like AAA, SAML, and Kerberos is invaluable to the overall architecture and integration of the platform with other internal and external clients.
  • The foremost thing that we use DataPower is for implementing top-notch level security in different projects. We use it as a security gateway when some internal client or external client wants to make a call to any of our APIs. The basic security implementation which we do for the projects is SSL which can get more and more advanced based on the requirements of the project. Some clients want to implement OAuth, some want to implement SAML, and some are happy with a 2-way SSL handshake.
  • Another big advantage of DataPower is that it supports all the major industry message formats. It especially has an inbuilt component called the Multi-Protocol Gateway which comes installed in the box itself. It's the best thing if you want to convert an XML to JSON or vice-versa. It does all those conversions at wire-speed doesn't matter the volume of those transactions. We also use it with MQ while interacting with Mainframes and legacy systems. It supports all MQ properties and gives us the flexibility to change the message as well if required.
  • We have used DataPower in integration with ServiceNow as well to raise incidents and trigger emails to respective clients by writing custom scripts which continuously runs on the DataPower logs. As soon as they see any particular error for the services which are being monitored, they send an SNMP trap to ServiceNow with the error message and an incident is raised.
  • The old interface is being really missed by our team as the new WebUI interface is not that intuitive or easy to work with. It takes a lot of time to load. There should be an inbuilt wizard for creating a Rest service as well like there is for an XML based service.
  • IBM support is very knowledgeable but it's not that easy to reach them. They don't release the fix patches very soon which also becomes a big issue in certain situations where critical projects are involved.
  • Lastly, DataPower has its steep learning curve and it requires time and effort on your end to gain full control and make the most of the advanced features which it offers. Finding the right resource in the market is not that easy.
  • It has really taken our business to the next level. We have expanded and integrated with so many new vendors and for all those integrations DataPower is serving as our security gateway.
  • We don't have to depend on any other tool for doing the load balancing of the incoming requests as that is also taken care inside the WebSphere DataPower Gateway box itself, thereby distributing the load equally.
  • It has made our platform much more secure, uniform and robust to deal with any kind of incoming message format or threat as well due to its latest security mechanisms and huge processing power.
WebSphere DataPower Gateway is really beneficial if you are trying to integrate two or more systems. It provides you with comfort and peace of mind by creating a DMZ zone for the services which are going out of the intranet to hit external clients APIs. It is greatly recommended if you have a very high volume service or API which is being used by a majority of clients because it has a dedicated physical box present which takes care of memory, CPU and all such stuff. So, all your transactions happen at wire-speed.