Symantec Siteminder Reviews

Primary case is to authenticate users and use banking online. It is performing well.

It has definitely made things easier. We do not have to do that development. It is an out-of-the-box product which does the thing it does best.

It has the ability to authenticate and authorize users. It is the main feature for our security.

Better monitoring. A better way to debug a problem. When there is a problem with it, it should log enough information for CA to know what is the problem, like a better debugging tool. 

It needs better debugging and support.

We have had some issues with it, but in general, it is good.

CA was there to help. There is some issues in general.

It is very scalable. We have a very large customer base: 75 million customers. We have about 40 million log in a day. So, the scalability is very good.

We are not very happy with the support, I am sorry to say.

The reason is mostly because we stayed on an older version and we are behind catching up on a newer version. It has become harder for CA to give us good support. 

The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur. That is the biggest thing.

It has been an issue. All the problems that we reported actually have never been resolved. We could not capture enough information for CA to be able to debug the problem. This problem does not happen often. But, when it happens, we do not know why, because we are not able to capture the data. I think that is the biggest drawback. The support and its combination between ability for them to support us on all the older versions and different infrastructure to what CA recommends us to do. We are trying to upgrade and all that. Maybe these things will help.

Technical support is always available and very responsive. I have a direct line to the engineers. They allow me to talk to them directly. They really are trying to help the best they can. It does not work out well. In terms of interaction, no problems there.

When I started two years, it was already setup. Now, I am reengineering it. I am doing a different setup to eliminate any customization for CA to support us better. The process is straightforward.

I would recommend this solution. I would recommend the newer version without any customization. That is where we have had a problem because we did our own customization of this product.

Most important criteria when selecting a vendor: It is the supportability right. J.P. Morgan costs more, but we want stability, resiliency, and we want the product to work. However, it has to be scalable and supportable. That is the main thing for any product which we pick.

• Simplified federation
• Integrated Windows Authentication (IWA)

Our customer had two requirements:

• Authentication without any challenges
• Access to the partner's application without any additional login required

The first requirement got covered by IWA. The second requirement was covered by simplified federation.

IWA is an out-of-the-box feature. The SAML-based federation is standard for all tools. However, CA Single Sign-On has made the federation configuration way too simple and handy to set up and use.

Updates as on 09/21/2017

CA SSO is helping us a lot in providing the access solution to the customers. The enhanced features in the Simplified federation and the support for a number of different User store types allow us to support almost anything that customer needs. Very pleased with the new Reporting tool from CA that has ut of the bx integration capabilities with CA SSO and is an excellent tool for simplified and useful reports.

My customer is able to get seamless authentication done using IWA and straight access to the partner's application without any further authentication.

Reporting an auditing was one of the most needed requirements that was fulfilled very easily by CA SSO.

The upgrade/migration process can be simplified further.

If the reporting feature can be integrated into SSO itself that will be an icing on the cake.

I have used this solution for almost eight years.

Not until now form CA SSO side. Only one time we had to deviate from requirement because CA SSO does not support Oauth as a token provider and need additional tools to achieve this.

We have never experienced any stability issues.

Up until now, there were no scalability issues. We are able to manage around 25K users without any issues.

Good customer service for the support and comfort to the customer.

The technical support team is not very proactive. CA can improve in this area. I would give them a rating of 5/10.

This is the first solution that we have tried.

The initial setup was very easy and straightforward.

In house implementation

It is a good return on investment and we are able to deliver SSO as a service.

The price is quite comparable to the other enterprise-level solutions in that market. Since it has a user-based license, one should plan in advance regarding the scope in scalability.

We looked at similar solutions from Oracle and IBM. However, CA was much better, in terms of its user-friendly nature and the cost.

The major focus should be on planning, design, scope, and scalability. The rest is a piece of cake.

This solution is meeting our requirements for all of our applications. The newer version supports Grid Authentication.

This tool helps our organization with multiple applications. The solution is meeting the requirements and it is easy to use.

We are looking forward to implementing the uptime automation that was mentioned in the roadmap. We will go with the upgraded tool.

Once CA has finalized the cases that we have brought to them, it will be a better product to use.

In terms of stability, it’s good.

The scalability is good.

We have used technical support. We used them for a few cases we had during our upgrades. Anytime we need help with troubleshooting, we normally use support. We have spoken with them and they are good. They provide us with the proper solution for most things.

This is a product that I would recommend.

The flexibility; the multiple authentication schemes you can use; and the fact that you can use SiteMinder single sign-on to protect web services and web applications.

Customer support has been great too. CA has been good with my questions, getting us solutions for our two factor off, which we implemented a few years ago. They worked with us to get that rolled out. It's really flexible; and I think that's my favorite part.

We're able to have one single centralized way of logging in when you have shared sessions across all applications. It's flexible enough to have our two factor off implementation with it. It just makes things really easy for our users, both internal and external.

Like I said, it's pretty flexible. I mean it's met every one of our needs so far. We're currently looking to find ways of using the same authentication, which we've never actually used in it yet.

We're working with other companies now to provide federated authentication, both in and out. I will have to try that before I can say whether or not it's going to work. If it doesn't work, I think that's something we will have to explore with CA to find third-party alternatives, or something else in the future for enhancements.

I think SiteMinder's been perfectly stable. We just went through an upgrade about two years ago. We're still on SiteMinder, not SSO yet; so we still have another upgrade to do in the next year. It's been perfectly stable.

Our customer base is not the largest. It's probably about 10,000 right now. It's scaled fine. There's no problems there. I think we have room to grow if we need to. In terms of the number of applications we have thrown on there, it's grown pretty much exponentially since I started. No problems.

I've used technical support and I will say that I've said this to our sales rep a few times in the last two years, the customer support at CA has gotten so much better since I've started.

I used to get the runaround initially. They would ask us the same four questions all the time. I always felt like they were trying to brush me off and tell me “Go figure it out yourself” for the first few conversations.

For the past few years, it's been more like, "Okay, we know what you're on; we're tracking what you're doing; and we know that you're on this version and this version. How can we help?" It's more of a conversation, and that's great.

We converted from DMS, which was SiteMinder before CA bought it. I think it was relatively straightforward. From what I heard, there was a roles conversion process. We went from the old way of doing tasks to access roles. This required some work, but at that point, we didn't have that many web applications; so it wasn't a huge deal. It sounded like it was pretty smooth.

I helps us to secure all of our web applications -- internal or external- or customer based, or provider-based, or partner-agents -- with access control. It's a one-stop shop. We can have a single user interface that has centralized policy-based and rule-based access controls.

It's easy to execute, robust, and secure.

Identity Manager and GovernanceMinder should integrate better. Right now, they have started integrating it, but it would be helpful it were fully integrated with the other security products.

We've had no issues with deployment.

This is one of the robust and stable product I have seen in my sixteen years of IT experience. I'm not exaggerating here, but that is the way it worked. Very few instances we had real failures. When you have a product this stable, you can depend on it and get on with business.

Right now, our load is one million customers and about fifteen thousand internal users. We have web services we use and, this maybe looks so silly, but we didn't really have any major issues with SiteMinder. When my company began in 2003, we had two policy cycles up in production. Now we have six policy cycles. And it's scaled for us without problems.

When I came to the company we used v5, I believe, but I did two major migrations, a migration to v6 and then to v12. It's a very straightforward and smooth transition from version to version.

Make sure your architecture is defined properly.

The most valuable feature is basically what it promises. It gives us a platform for strong authentication and authorization with access control. Another strong feature that we like is actually its simplicity of operations and administration. It's fairly simple to grasp the concepts and administer the servers and the policies.

Without it we would rely solely on straight basic authentication to our user directories, and that obviously just doesn't work. There's no auditing on it so audit-ability is another big feature that is tremendously helpful especially in this day and age of auditing and data breaches.

It's our single solution for managing user authentication. It's proven itself to be reliable and stable in terms of how it works. It's also flexible so that we can use it for many different things -- Single Sign-On, integrated windows authentication, SAP, and federation, which is a big part of our use. Those particular features are really beneficial to us as an organization.

Probably the biggest thing that SiteMinder needs is a refreshed UI for administrators. Because it's transparent to users and clients there's, not much in terms of improvement there other than additional features that they can concoct. But as an administrator, the UI can definitely use refreshing. There's ways to get to the same result with less clicks, and even with their new refreshed UI lately, it's still basically the same thing, so I don't see any improvement there.

It's stable, lightweight, works as expected and we don't see any problems with it.

It's very stable. I would say it's about a 99.9% uptime. There is a glitch probably on average once every six months, once every half year. However, it's very lightweight for what it does and, again, the audit-ability aspect of it and logging aspect of it are very mature and helpful in terms of figuring out how to resolve an issue.

It's very Scalable. We were able to and we're actually continuing a global roll-out for it across the EMEA region in addition to our North American region, so it scales among all of our Active Directories very easily. We have no qualms in terms of adding users up to hundreds of thousands of users if needed. In terms of scalability, it delivers on its promise.

We use technical support for custom scripting. We needed to develop a custom Java API for SiteMinder to hook up with one of our .NET applications, and that's probably one instance where we had to use the technical support, although it kind of borders on professional services.

Otherwise, there are really probably only a handful of instances where we use technical support and really only to guide us on best practices.

I wasn't involved in the setup, but I will be involved in future releases, in particular our roll-out to different regions of the world.

My advice would be to go with it simply because I know the product and I know it works. The way I would persuade them would be to say that it's rock solid. It does what you need it to do, it's stable, and the learning curve is really not so bad.

If there was one thing I would say, think a little bit more about how you would use a flow chart to optimize the administrators experience to do the exact same job.

• Security configuration
• Flexibility

It provides a secure interface and single sign-on to a variety of different applications.

It's difficult to configure, and has a very old and challenging user interface.

I managed it for approximately three years.

No issues encountered.

No issues encountered.

It's reasonable, the support does respond within a reasonable time frame, but it can be very difficult to troubleshoot any issue.

It's reasonable. The support is not the quickest to respond and does not have a mature process in terms of what logs must be gathered, and what to gather before raising a case.

It was complex. There are a number of concepts you have to understand to use the product, and the concepts are mostly specific to this particular product.

CA provided assistance with augmentation of the existing solution, they provided quite a good level of support during the project.

We use this solution for applications and portals for a bank in Colombia.

The solution has saved our company from a lot of problems.

The solution is easy to use for our managers.

We did not have any issues with the stability of this solution. We have approximately 5,000 clients using the solution.

The solution has been scalable.

The technical support could be better.

The licensing is fair for this solution.

I rate Symantec Siteminder an eight out of ten.