API, API, API, API (aye aye aye aye)

I very recently spoke at a webinar for a long-time client emanating from the artist formerly known as helpdesk market – Sunrise Software – on the increasing importance of APIs – usable ones, not the token gestures from years ago that were all but impossible to implement upon. The audience responded spectacularly enthusiastically to the availability of such a tool – clearly there is a long-held need to integrate 3rd party information with the means to analyse and manage it.

Now, Sunrise is focused in the area of service management, but data — and the need to analyse that data — is prevalent everywhere in the interconnectedness of the IT world, from the user endpoint to the cloud and all stops in-between, in other words the very path that technologies such as SD-WAN deliver on, that being another favorite area of mine to test and focus on. And here, again, we have a great opportunity to use APIs to integrate such delivery platforms with the world outside and beyond; no, we’re not talking communications with aliens here, just working out what the hell the users are up to!

More evidence of the API focus comes in the form of a study conducted by API dev platform vendor Postman, which involved interviewing 13,500 developers and other IT professionals. For those working on digital transformation initiatives – yet another focal point of my recent webinar – 85% interviewed said APIs are playing a significant role in those initiatives, while almost a third noted that APIs are playing a role in their organisation’s ability to respond to Covid-19 for customer communications, powering remote work options, and quickly responding to regulatory changes and government initiatives.  And, yes, that was yet another topic I featured in said webinar! Must have been a lot of foresight (or luck) in there… Close to half of the respondents stated that investment of time and resources into APIs will increase over the next 12 months, so this isn’t a one-off scenario.

While there are obvious benefits here for the enterprise, it’s arguably even more so for the likes of MSPs, who need to reassure their own customers of what is (and isn’t) being delivered. This was never clearer than during those interchanges during and after the Sunrise event. And as MSPs look to capitalize on the hot SASE market, they’re going to need usable APIs to all of the locations and technologies comprising the SASE deployment. Therefore, it’s no surprise to see that Cato Networks is the latest vendor to throw its hat into the API ring. The company announced this week an API to its secure access service edge (SASE) platform appropriately dubbed the Cato Cloud API. Cato director of product marketing, Gal Zolkover noted: “Our enterprise and MSP customers have been asking Cato for an API that would let them use their existing provisioning, ticketing and management systems to run and retrieve data from Cato about their Cato deployments” – sound familiar?

As a player in the SASE market, with its SD-WAN delivery being a fundamental part of that solution, Cato’s mission in life is very much tied into that aforementioned end-to-end delivery story with direct ties into the security world. What the API introduction means, then, is that MSPs and enterprises will be able to automatically provision and manage Cato deployments through their existing SIEMs and management platforms, from the likes of Splunk to ServiceNow, in other words to give third-party management, SIEM, orchestration, and other software programmatic and data access to the Cato Cloud. As well as being able to automate routine site and user configurations, they will also be able to respond to new events, such as generating new security policies to block newly identified threats.

Importantly — noting my earlier comment on “usable APIs” — Cato achieves this with just the one API that’s eminently usable in today’s topsy-turvy WAN where sites, remote users, SaaS, and IaaS workloads all must coexist. With one call to the Cato Cloud API, MSPs can retrieve security and networking information from all or any number of “edges” across their entire network. Normally, you’d need to place multiple calls to different vendors APIs and then even retrieve the information for each location. Providing one API to your global network, not just an appliance in a location, simplifies management and monitoring automation of the complete network and security stack. Again, this was one of my strongest themes in that Sunrise webinar – simplification through automation. Kind of geek poetry…

So, great minds think alike… But then – as my old history teacher noted – so do dumb ones! Such tech introductions also substantiate my belief that much needed consolidation of IT is finally happening; after all, even a multi-national company cannot realistically integrate hundreds of different product and technologies. At least, not in one life cycle.

More on all of this later – it’s the future (regardless of colour).  And finally – quick mental note: maybe I should introduce Cato to Sunrise?