Description
The Service Provider shall perform support of the following components part of the API Management solution:
- DataPower (gateway)
- Cloud management console
- Management portal (Developer Portal)
- Advanced developer portal
The Service Provider shall support for DataPower (API gateway) with the following activities:
- Security and threat protection configuration
- Maintain certificate revocation and expiry date list
- Monitoring of QoS of services to adhere to SLA
- Managing environment specific values as server address (eg towards MQ, ISAM)
- Handling of public key infrastructure
The Service Provider shall perform support of Cloud management console with the following activities:
- Virtual instances and cluster monitoring
- Monitoring of platform runtime health
- Log monitoring of error and failed transactions
- Adding new instances to cluster of DataPower, Management portal and Advanced Developer portal
- Switch Server Load balancing to pull in/out machines during releases
- Restart and update configuration for DataPower, Management portal and Advanced Developer portal
The Service Provider shall perform support of Management portal (Developer Portal) with the following activities:
- Traffic monitoring for API response times, errors, QoS, SLA, exceptions, spikes and generation of alerts
- Security and threat protection configuration
- TLS configuration
- API deployment/publishing
The Service Provider shall perform support of Advanced developer portal with the following activities:
- Admin and configuration of the Advanced developer portal in Drupal (PHP)
And
- The Service Provider shall install and configure upgrade and patches for the API Management solution components according to the product life cycle and recommendation from product vendor
- The Service Provider shall integrate the API Management solution with enterprise transaction traffic tool (eg Splunk Enterprise)
- The Service Provider shall support API Management solution in technology-environments like VMWare and Linux
- The Service Provider shall configure and support all agreed certificate- and token based authentication mechanisms
- The Service Provider shall harden/secure the Servers as per best practices
- The Service Provider shall perform monitoring of CPU, memory and disk for the API Management solution components
- The Service Provider shall monitor for resource utilization, traffic and security issues, as well as standard monitoring of the services
- The Service Provider shall open needed Firewall ports, configure networks and load balancer to configure API Management solution components
- The Service Provider shall perform adding of internal users to the API Management components (FixIT request)