Later this month, Layer 7 Technologies will release a mobile-optimized version of its SecureSpan gateway family specially-designed to make it easier to provision and manage mobile access to sensitive data for employees and outside partners. SecureSpan Mobile Access Gateway sports features to address mobile IT challenges across identity, security, adaptation, optimization and integration.

As more employees bring their own smartphones and tablets into the workplace, enterprises need to figure out how provide secure and reliable access to company data and apps, according to Stephen Mak, Layer 7 Technologies’ product manager for mobile solutions. One key step is to provide IT a simplified and centralized way to control security and management policies for all their information assets which will be exposed via APIs to mobile devs and users, he added. 

“Enterprises want to enable employees, partners and consumers with apps that leverage their information asset. The Mobile Access Gateway fills a need for helping enterprises manage how that information gets exposed, secured and integrated.” Mak said in a statement.

At its heart, SecureSpan Mobile Access Gateway is designed to make it easier companies to push company data out to mobile apps and devs, by giving enterprise architects a simple and consistent way to configure security, performance and support for mobile integrations, Mak added. The gateway also provides a way to easily integrate with on-premise and cloud security services, he added.

Taking this approach, Layer 7’s SecureSpan Mobile Access Gateway supports these aspects of the mobile IT lifecycle:

Identity  — Extends enterprise LDAP & SSO to mobile access frameworks, such as OAuth, OpenID Connect and JSON Web Tokens.  It also provides integration with leading enterprise identity, access, SSO and federation systems (LDAP, Microsoft Active Directory/Federated Services, Oracle Access Manager, IBM Tivoli CA SiteMinder, SOA Security Manager, RSA ClearTrust, Sun Java Access Manager and Novell Access Manager

Security  — Protects mobile REST & OData APIs against attacks from cross-site scripting (XSS), SQL injection and DoS.  It also tracks failed authentications and/or policy violations to identify patterns and potential threats. Security also supports custom geo-fencing policies, proxy mobile streaming protocols like WebSockets and XMPP

— Translates and orchestrates back-end information services into mobile-ready formats like JSON & REST. To support SLAs, it also lets enterprise IT control API usage in several ways, including throttling to ensure backend services are not overwhelmed, as well as limit access by user, time of day, location and even number of uses/user per day.

Optimization  – Supports compression, messaging caching and the ability to aggregate requests against pre-fetched and cached data are all used to improve performance

Integration – Ties in with cloud and social media services for simplified provisioning and management, including single-sign on from enterprise identities to cloud services, notification services to send messages across multiple mobile platforms (Android, iOS, Windows Mobile), and proxy and manage mobile application access to social networks and services including Facebook, Twitter, LinkedIn and others.

– Supports a wide range of web, mobile and enterprise standards, including REST, JSON, XML, OAuth 1.0a and 2.0, OpenID Connect, JSON Web Token (JWT), XMPP, WebSocket, Apple Push Notification Service, Android C2MD Framework, OData, PCI?DSS, AJAX, LDAP, SAML, PKCS, X.509 Certificates, FIPS 140?2, Kerberos, SSL/TLS, SNMP, SMTP, POP3, IMAP4, HTTP/HTTPS, JMS, MQ Series, Tibco EMS, FTP/FTPS, IPv6

Layer 7’s SecureSpan Mobile Access Gateway is scheduled to ship July 31.