Overview
Deliver high-speed performance without sacrificing security
The built-in security of IBM API Connect® lets you set up access control for both API providers and consumers by using role-based permissions, API packaging constructs, and subscription and community management.
Why you need powerful API protection
50%
of global security decision makers had at least one breach in 2018¹
540 million
Facebook user records exposed due to an unsecured API²
1.1 billion
identities in India were vulnerable to theft due to an unsecured API³
Benefits
IBM App Connect leverages the power of IBM DataPower Gateway to secure your APIs
Complete
Using C++ for a single, signed, encrypted image, DataPower Gateway is trusted worldwide. Java-based gateways can leave you vulnerable.
Efficient
DataPower Gateway has a single gateway, so you get more powerful security in one package. Multiple gateways cause complexity, extra work and expense.
Reliable
DataPower Gateway can achieve up to 30,000 TPS. We publish its performance across both simple and robust policy use cases for transparency.
Get to know DataPower Gateway
DataPower Gateway is a purpose-built gateway platform that centralizes common security, traffic, mediation and acceleration functions, and optimizes them in a security-hardened gateway stack.
Multiple levels of security
Transport Layer Security (TLS)
Transport Layer Security (TLS)
TLS profiles, such as ciphers, offer fine-grained control in securing transmission of data, hindering hackers from tampering with information.
User registry authentication
User registry authentication
IBM API Connect supports several user registry types for authenticating users and securing APIs, including LDAP directory, authentication URL and more.
Industry use case
Securing APIs in the credit card industry
To manage access to APIs that contain personal details while managing compliance, credit card companies need a powerful API security solution.
IBM API Connect offers multi-layered security and can move information through a single gateway using some of the highest levels of encryption.
Working in IBM API Connect
Design view
Design view
Use a graphical user interface, or the simple design view, to manage your API security.
Source view
Source view
Handle your detailed security needs using source code through the source view.
Assemble view
Assemble view
Manage security using drag-and-drop tools or IBM GatewayScript in the assemble view.
Authentication options
Authentication options
Choose your authentication — from basic with API keys to modern third-party OAuth.
Testimonial
The DataPower Gateway devices handle all inbound traffic and act as a first line of defense for our enterprise.
Jagadish Vemugunta
Lead Technical Architect
Availity
Related products
IBM MQ
Discover enterprise messaging that can help simplify and accelerate the reliable exchange of data.
IBM® DataPower® Gateway
Learn how this single, purpose-built gateway controls and accelerates API, mobile, and cloud workloads.
IBM App Connect
Find out more about this all-in-one tool for connecting apps, integrating data, building APIs and acting on events.
Get started with IBM API Connect
Take control of your API ecosystem while propelling your API strategy forward.
Footnotes
¹ The Forrester Wave: Cybersecurity Incident Response Services, Q1 2019, by Josh Zelonis, 18 March 2019; https://www.ibm.com/downloads/cas/KE05GBKV (PDF, 492 KB)
² The Telegraph, “Millions of Facebook user records exposed in data breach,” by Margi Murphy, 3 April 2019; https://www.telegraph.co.uk/technology/2019/04/03/millions-facebook-user-records-exposed-data-breach/ (Link resides outside IBM)
³ Business Insider, “The 21 scariest data breaches of 2018,” by Paige Leskin, 30 December 2018; https://www.businessinsider.com/data-hacks-breaches-biggest-of-2018-2018-12#1-aadhar-11-billion-21 (Link resides outside IBM)