Try our new research platform with insights from 80,000+ expert users
it_user346686 - PeerSpot reviewer
IT Security Manager at a financial services firm with 1,001-5,000 employees
Vendor
We use it for multi-factor authentication and for our identity management processes. It's helped us meet requirements by having dual factor authentication.

What is most valuable?

The three security products perform different functions, but they are all part of the suite. SiteMinder is an industry leading solution as everyone is using it. The new offerings are simplified, which is good.

Besides that, other things are pretty much on par for the industry products out there. All the products have valuable features, but they’re similar with what’s out there.

How has it helped my organization?

We are using it for multi-factor authentication, and we are using it also for our identity management processes. Some of the tasks we have been doing for boarding, it's helped us meet requirements by having dual-factor authentication.

What needs improvement?

With CA Identity Manager, the integration support with other technologies is still not mature enough. CA IDM still has a lot of moving components. Oracle and SailPoint solutions are much simpler and robust, although we are using CA because we have licenses despite it needing to be simplified.

For how long have I used the solution?

We're using this alongside IdentityMinder and RiskMinder.

Buyer's Guide
Symantec Siteminder
October 2024
Learn what your peers think about Symantec Siteminder. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.

What do I think about the stability of the solution?

I would rate the suite 4-5/10. SiteMinder is the most stable and is 7-8/10 rating. with the other ones, we’ve had problems, and they doesn’t really match our business needs. The other parts of the suite are lower.

What do I think about the scalability of the solution?

I think for SiteMinder, we have a business need and we think it is scalable. For 2016, we'll increase our infrastructure. For the others, we are running them on a minimum hardware set.

How are customer service and support?

We often use tech support when we get stuck in situations. We have less of a relationship with them because we escalate with partners and they provide us with support. If you just open a ticket directly with CA, the guy doesn’t have a solution. With the partners, there's always a good solution.

How was the initial setup?

I started using it six years ago when it was very complex. Now they have given a lot of UI features and simplified it as well.

What's my experience with pricing, setup cost, and licensing?

They are good from a cost standpoint. The price model offering is very comparative to other solutions. That is a positive.

Which other solutions did I evaluate?

We also looked at Oracle and SailPoint solutions. We looked for a solution that had good integration with other technologies in an enterprise organization. We also considered the simplicity of the product.

What other advice do I have?

CA has a lot of servers, but it needs to be simplified to only two to three components. The SiteMinder solution is something that if my colleagues would like, I’d suggest that.

Other products I would say, go look out in the market. There are better solutions, and CA should look at Gartner’s Magic Quadrant and IDG. Look at the capabilities to see how they can bring those capabilities into their products, etc. It gives me the single sign-on between applications. On-boarding isn’t effort intensive. Those are good things.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user353934 - PeerSpot reviewer
Identity and Access Management Specialist at a healthcare company with 10,001+ employees
Real User
SSO allows us to log in once and use those credentials for multiple web sites.

Valuable Features

Single Sign-On is the number one feature of SiteMinder that we're using. The ability to log in once and use those credentials for multiple web sites is very valuable for us.

Room for Improvement

Upgrades is the biggest area for improvement. It really struggles with the upgrade process. We tell CA this pretty often.

Deployment Issues

We've had no issues with deployment.

Stability Issues

We've had no issues with stability.

Scalability Issues

We have challenges with scalability. We have a environment in which applications during peak enrollment periods can go from 80 users to 8,000 users in a weekend. Scalability is very difficult with SiteMinder. You basically have to roll out new policy servers and so the ability to provision capacity quickly is still a big challenge for us. They talk about it with every presentation. They're containerizing everything and they're doing all the right things, but they could roll them out faster.

Customer Service and Technical Support

We probably open two to three tickets a week. I manage that relationship so I supervise those tickets and escalate them appropriately. The problem is we need the support, but they don't know anything about the product.

One of the challenges is they kind of have a tiered support model where you get your case open to a Tier 1 support engineer, and often times we're using very specific portions of their products that aren't used to. For example, we use some kind of custom implementations of some of the older technologies for which it's difficult to get a resource who actually knows what we're using and how we're using it. The initial engagement with support can often take us two or three days to get the ticket assigned to the person who knows what they're talking about. Like DLWS, which is a distributed log on web service, which wasn't a core part of the product back in the day and it's just not used by a lot of people.

Some of the advanced password services stuff can be a little bit problematic, getting it assigned correctly, that kind of stuff.

Initial Setup

It's complex. Because of the complexity of the application, you're going to need to involve professional services. You're going to need to bring in a lot of outside resources if you've never done it before. It's not an out-of-the-box, point-and-click, now-you-have-SiteMinder situation. It's going to take a lot longer than that and I think the complexity is often hidden. People are going to stumble upon these challenges in their enterprise after they start it.

Other Solutions Considered

Not really. We use Ping, so we have products that do similar kinds of stuff. We used to use Tivoli, so we have some experience with that. Identity Manager's been used in the enterprise before. SiteMinder works a lot better for us just because we have a base of administrators who know how it works, ease of installation, and configuration.

Other Advice

It loses points for the upgrade and for just the lack of ease of management. We've been using it for a long time, so we're comfortable with its weaknesses and we've adjusted our process around those. I think for a new implementation it would be very challenging to bring in SiteMinder.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Symantec Siteminder
October 2024
Learn what your peers think about Symantec Siteminder. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
PeerSpot user
Systems-Engineer at a tech services company with 10,001+ employees
Real User
You can quickly deploy the entire product with a basic config. However, the GUIs are not very clear.
Pros and Cons
  • "I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed."
  • "You can quickly deploy the entire product with a basic config within couple of hours."
  • "The GUIs are not very clear, especially when integrating with other products from CA."

What is our primary use case?

Our primary use is for client demo on authentication/authorization, federation, and ease of use.

How has it helped my organization?

The product was just for client demo purposes. There was no deployment onsite.

What is most valuable?

  • This is the only access management product that I have come across which configures end-to-end and hosts resources. 
  • This product is very easy to deploy. I just strictly needed to follow the user-guide.
  • The CA directory services is something that I found to be cool. 
  • I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed. 
  • You can quickly deploy the entire product with a basic config within couple of hours.

What needs improvement?

  • The GUIs are not very clear, especially when integrating with other products from CA. 
  • Like CA IDM, there can be challenges. One needs to know that they have great hands-on on their app servers to understand the logic and deploy it accordingly.
  • There were challenges with version compatibility, and this is something that I did not like. This all happened during the second phase while trying out various integrations.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

No scalability issues.

How is customer service and technical support?

Technical support by CA Technologies is wonderful. I used to post my queries and get quick responses. The CA forum is something I would recommend to follow if you are dealing with any CA product. I appreciate their timely and effective responses.

How was the initial setup?

Although it is straightforward, for someone new to access management, it is always a challenge to understand what is done and why. That is where I struggled initially, since I was very new to the domain. Domain knowledge is more important when you are new to a product.

What's my experience with pricing, setup cost, and licensing?

I recommend conducting a PoC on every available product before choose one.

Which other solutions did I evaluate?

Not applicable.

What other advice do I have?

Be sure to get your doubts clear on any product features, integration with other CA products, and other security products.

I recently came across Okta, which also has cool features.

Before implementing, ask a CA manager to provide you a list of use cases, which can help you in building/offering what you have in mind.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user778935 - PeerSpot reviewer
Security Architect at Raymond James Financial, Inc.
Real User
Really helps with our numerous legacy apps, and is easy to administer
Pros and Cons
  • "If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On."
  • "Ease of use is very good, for administrating it. It's very well known."
  • "I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later."

What is our primary use case?

Primary use case is for authentication in Single Sign-On, that's the biggest that we have. But we use it for our internal employees.

It has performed well. We had some hiccups, but that's all.

We had some challenges through modernizing everything over the last two years. Now we are pretty good. We don't see any production challenges. I don't think we have had an incident for a year now.

How has it helped my organization?

I think Single Sign-On helps a lot. If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.

What is most valuable?

We use it on the agent model, and we have a lot of capabilities which we leverage to do it on the different apps, so critical apps are protected better. And we do step up using this, but we are looking at other products now to do the advanced track.

We use it mostly out of the box, standard, no customization.

Ease of use is very good, for administrating it. It's very well known. The ease of use is good for our deployment and our applications.

What needs improvement?

I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.

What do I think about the stability of the solution?

I think now, for over a year, we have had any issues. It has been really very stable for us.

What do I think about the scalability of the solution?

We don't have, and have never had, any scalability challenges.

How are customer service and technical support?

We use it for challenges we have. If there are any issues that apps are reporting, we use tech support.

I think we have been good for over a year. We always get to the same contact that we have in the support. It's not dedicated support that we have bought, but most of the time it goes to the same person. So it's very easy to traverse.

Which solution did I use previously and why did I switch?

We had a predecessor to it which was near end of life. I knew this product because I was part of CA previously.

We went with CA because it met most of our requirements. We had a requirement list of what we definitely wanted, what was nice to have, and I could see most of what we wanted.

How was the initial setup?

We actually used CA Professional Services. There were some challenges on some aspects of it, but on the base product, not at all.

Which other solutions did I evaluate?

We looked at a lot of vendors around it. We had looked at RSA, Ping, and a multitude of others, just on paper, so to speak.

What other advice do I have?

Most important criteria when selecting a vendor: We definitely look at our engagement. We look at the support. That's always the critical factor. Otherwise, I would say most of the products, if you go by the 80/20 principle, they will technically fare well.

I would say invest a lot of time in designing it. Don't just run in without reading the guides and start deploying.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user778626 - PeerSpot reviewer
Senior Software Analyst at NRG Energy
Real User
Handles authentication and authorization for our multiple websites
Pros and Cons
  • "Authentication & Authorization are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO."
  • "We would like to the OAuth be more stable, more issues being fixed rather than not."

What is our primary use case?

We use it for authentication and authorization for our website. We have multiple external and internal websites that we host, so we are using SSO for authenticating and authorizing for all those websites.

It has performed quite well. We have been using it more than 10 years now.

What is most valuable?

  • Authentication
  • Authorization

for our websites. These features are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO.

How has it helped my organization?

It doesn't take time for us to configure, maybe because we have been using this product for so long. In terms of security rights, a lot are covered under SSO, so we don't actually have to go and do something on the back end.

What needs improvement?

We would like to the OAuth be more stable, more issues being fixed rather than not.

We're pretty happy, but there are some scenarios with the new stuff, like OAuth - where authentication happens from Google, Amazon - in which they're still lagging right now. They're developing it, but we have been using SSO for a long time and Oauth capability was not there, and it recently started this year. So we had a little bit of a question, "Should we still use this product or we should go to another product?" That was the one concern.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

Stability? There have been some issues but over the years but it's pretty stable. The issue we encountered was a whole site going down. But we were able to bring it up.

What do I think about the scalability of the solution?

Scalability is pretty good.

How is customer service and technical support?

They're pretty good on some of the non-issues. There are some delays, however, and they keep on asking for logs or try to delay it, maybe it's stuff they don't know. But in most of the cases they respond pretty quickly.

How was the initial setup?

I wasn't in on the initial setup, but I have been installing a lot of the newer versions. Compared to six, seven years ago, now it is very, very smooth.

What other advice do I have?

I would still not rate it a 10 out of 10 because, like I said, we had some issues with the OAuth here and there. Once those are done right, I think it would be a nine out of 10.

Regarding advice to a colleague who is researching this or a similar solution, it depends on what they are trying to accomplish. Are they going legacy, where you authenticate, versus the newer federation?

But I would recommend SSO as a solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user558558 - PeerSpot reviewer
SiteMinder Architect at a consumer goods company with 1,001-5,000 employees
Real User
It protects the company from vulnerabilities and has improved our user experience. The quality of support and documentation provided are my primary concerns.

What is most valuable?

Security is the most valuable feature.

How has it helped my organization?

It enhances the user experience and the security posture for the company. It protects the company from vulnerabilities.

It has improved our user experience quite a bit because they can log in once and go to any application they want, as long as it is integrated with SiteMinder, which was the not the case before. So, in terms of productivity it does add a lot of value.

What needs improvement?

We would like to see more information on the analytical piece of it. There are certain other components which are integrating, advanced integration, that might add value to it. We would like to see the CA SiteMinder by itself provide threat analytics, depending on behavioral authentication and so on, without having to add an extra piece to it.

For how long have I used the solution?

We've been using this product for about ten years.

What do I think about the stability of the solution?

This product is quite stable. We've been using this product for about ten years. We haven't experienced a situation where we had to take an outage because the product was unstable. The core policy server is pretty stable, but there are other add-ons that keep coming up with which we keep having problems. However, CA has been proactive in fixing these issues.

What do I think about the scalability of the solution?

The scalability of this tool is very good.

How are customer service and technical support?

I would give the technical support a rating of 2-3/10. Most of the time, from my experience, every time I have an issue, techncial support tries to buy time by asking me some unrelated questions or by trying to give me information that does not match my requirement. I need to push hard to get a subject matter expert who can help me with the product. This is an experience I have been having for the last 4 to 5 years; it is not new.

Which solution did I use previously and why did I switch?

We were not using any other product before this one.

How was the initial setup?

I was involved in the initial setup process. The initial setup was neither straightforward nor complex. It is medium, depending on the implementations. It was a bit complicated because of the number of components that we had to install, based on our setup.

What other advice do I have?

Any advice I would give about this product would be an honest reflection of my experience with this product. From the technical perspective, as much as we can do, it has been pretty good. Don’t get me wrong, our account manager is great; there is no question about that. However, the quality of support and documentation are my primary concerns.

Some of the most important factors while selecting a vendor are the vendor’s technical experience, our approachability to them, their response back, licensing costs and so on.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user558498 - PeerSpot reviewer
Assistant Director of Application Administration with 1,001-5,000 employees
Real User
Once we have our authentication and authorization policies set, it allows us to duplicate them across all our applications instead of trying to develop each application individually.

What is most valuable?

The most valuable feature is that it takes a lot of the logic for authentication and authorization out of the hands of your application and moves it into a centralized framework. Once we have our authentication and authorization policies set, they are easy to duplicate across all our applications instead of trying to develop them into each application individually. That’s where we probably see the most benefit or the most cost savings for our organization.

How has it helped my organization?

It has reduced developer costs; we get some of that back. Before, when we used a tool that was engineered in-house, it still required a lot of developer resources. Every time we created a new application, it needed to integrate into our in-house solution.

As we are now moving away from that, this product gives us the ability to have single sign-on zones expand outside of even what was normally our in-house product, to now use things like federation and SAML to carry out single sign-on, to things that might not even use the single sign-on solution from CA.

Increased single sign-on zones and then saving on developer time/costs are the biggest benefits.

What needs improvement?

One thing that we found a little difficult, was the default functionality to understand error messages coming back from a directory. You had to either use an add-on product or an advanced password service or perhaps change components within your directory, just to understand a simple message whether if a password has been expired or if it was incorrect.

Since then we have bought an additional SM Walker product, which is a third-party solution to resolve this issue. However, it would be nice if that aspect of the solution was a default functionality, within this tool itself and not something that you had to purchase as an add-on feature.

What do I think about the stability of the solution?

It has been good, after the initial first year or two that we purchased this product. When we first started out, we had some implementation issues; maybe it was not configured correctly and that caused us some problems.

Once we figured out those issues, it has been very stable since then.

What do I think about the scalability of the solution?

Once we were familiar with the product, we haven't had any problems with its scaling. We had to figure out the factors that need to be increased so that we can scale up and also elements to look for as far as performance is concerned. We continue to use it more and more, along with an increasing number of applications being brought over.

How are customer service and technical support?

We have used technical support quite a bit. Once we get connected to someone who understands the issue and can explain the necessary solution to us, it has been very good. For us, getting to that person or to the second level of support is time consuming. We have to jump through a lot of the same hoops in order to get to that person. The initial first level support is not as great, however once we get to that second level, we usually get back meaningful solutions that help us out.

Which solution did I use previously and why did I switch?

Initially we didn't find the need to invest in building ourselves. We had an in-house product that we had developed and as time passed by, there were some security holes that can be found in any existing product. It wasn't cost effective for us to maintain it. Hence, the decision to purchase a third-party software like CA Single Sign-On/Shibboleth/CAS made a lot more sense as the expense incurred for purchasing any of these products was much less than for us to create or develop our own in-house solution.

Basically, it did not make a lot of sense to try and reinvent the wheel when nothing unique was needed for our organization. It was just more logical to buy another tool versus using an in-house product.

How was the initial setup?

With the default set up, there is always a limitation on the number of connections that you can have under your policy servers. We didn't know this and it wasn't something that we were informed of, during implementation. As a result, as soon as we hit the maximum limit we started experiencing issues. It probably took us about a month to figure out the solution, which ended up being rather simple but that was a big bump in the road for us and hurt us in the initial stages itself.

What other advice do I have?

During implementation, make sure to verify the tuning guide. We had a transition with our implementation person, who was changed in the middle of the process. In our case, factors such as maintenance and performance tuning were skipped over. We didn't really get to those aspects until we were live-in production and then needed to work out some of these issues. Thus, don't underestimate such a situation because when you experience such issues your customers are also going through them and then at that point it is public.

Mostly, our experience with this product has been good. There are areas that we think could be improved but mostly, we are happy with it.

The 2 other systems that were seriously considered were Shibboleth and then CAS. One of the main reasons as to why we decided to purchase this product, was the authorization functionality that exists in CA SSO. It was more suitable for a lot of our products as we could save time in the development aspect. I am not sure if any such functionality did exist at that level or complexity in either Shibboleth or CAS. Thus, for us this was a major selling point.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
umairakhlaque78 - PeerSpot reviewer
umairakhlaque78Sr. Manager at Duroob Technology
Real User

The author has well written and explained it rightly. These features was key elements of CA Sso solutions.

it_user349428 - PeerSpot reviewer
Software Engineer at a healthcare company with 1,001-5,000 employees
Real User
It's really increased the security of our applications and, in some cases, without requiring multiple usernames and passwords. The installation documentation is not good enough.

Valuable Features

We use it a lot for federation, authenticating in-house or on premises, and that gives us access to an outside SaaS provider.

Also, we like the reverse proxy tool so much that in some instances we’re using SSO just for that and not even single sign-on.

Improvements to My Organization

It's really increased the security of our applications, and in some cases, has provided much more security. It does this even while some applications don't require multiple usernames and passwords.

Room for Improvement

The documentation is not good enough, particularly the installation documentation could be improved. Some things are left open to interpretation and others are simply not documented at all. CA will take liberties and make assumptions that your system is a certain way, and so the documentation is based on that.

Stability Issues

It’s very stable, but we found some bugs and got workarounds quickly. We stress out SSO, from what I understand CA's reasoning is, but they're quick to resolve the issues.

Scalability Issues

We've had no issues at all with scalability, as it covers everything we do even at thousands of logins per minute.

Customer Service and Technical Support

We use them a lot and they're quick to pick up cases. We have almost a dedicated team with them that escalates up issues.

Initial Setup

It’s fairly complex as it has lots of pieces. We’re in the process of upgrading and we’re building a mirrored environment and then moving everything over to it.

Other Advice

CA is great to work with, but to use it, just learn the product suites and how they interact. Make sure you have a good layout and make sure you have everything you need.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user