Symantec Siteminder Reviews

The most valuable features for us are:

• Access management
• Role-based authorization
• Identity provisioning
• Identity federation

The product greatly facilitates a centralized identity and access management system. It provides seamless navigation across different applications in addition to enabling the flexibility to personalize contents based on user attributes without additional requests.

It enables security and single sign-on to applications deployed on thick clients, web based applications, and ERP systems.

It easily integrates with third-party service providers by enabling federation gateway capabilities.

There is a considerable improvement in the product from previous versions, but a few items we feel need a little attention are the web agent installation process and steps – as it behaves differently on the same OS.

Improvements are also needed in the password policy template customization and it's missing the required documentation to do it.

The knowledge base needs to be enhanced as there are very limited resources on the web while debugging issues.

Avaya has used SiteMinder 12.5s2 and IdentityMinder for eight years. We also use the following products -

GovernanceMinder 12.6 – New to Avaya; in initial deployment
PIM R12.8 New to Avaya; in initial deployment

CA Single Sign-On – No issues encountered during deployment.

CA Identity Manager – No issues encountered during deployment.

CA Privileged Identity Manager – Few issues encountered during deployment, mainly related to resolution of DNS entries for Active Directory.

So far no issues encountered with stability.

So far no issues encountered with stability.

It's very good.

It's very good.

No previous solution was used.

It was a mix of internal Avaya and an IdmLogic team.

CA Single Sign-On was deployed by an internal Avaya team and CA Identity Manager was deployed by the IDMLogic team.

A CA team was instrumental in deploying CA Privileged Management solution.

CA and IDM Logic have very good expertise in implementation of these products.

No other options were evaluated, it's just upgrades.

Have a significant knowledge of the applications transitioning, as it requires interfacing with these products to ensure proper adoption. Have a roadmap to integrate identity and access management into your organization.

Validation of people's logins when they log in to their PCs. Everybody, when you turn on your PC, you go SiteMinder to login. Security.

It has performed very well, it does what we need it to do, it's reliable, and it doesn't impose any overhead on the user or on the platform.

• Ease of use for the user 
• Security, of course
• The ease of setup and installation

We can definitely control our user experience better on the PCs. People don't necessarily have to worry about losing something, like a PC, or a tablet, or a phone, because it's controlled by SiteMinder. We can remote wipe it, we can do all sorts of different things to secure it.

Answering this would require me to know what the current platform does or doesn't do, and I'm afraid I'm not a good enough judge to make that evaluation. I might say something and it's already there, and I just don't know about it.

I will say the user interface for login is kind of plain. They could make it a little prettier. The site is a big, blue screen, with "SiteMinder," and that's pretty much it.

It seems pretty stable so far. It's a mature product, it's been around for a long time.

We're using it on thousands and thousands of devices, thousands and thousands of users. So, it's very scalable.

Obviously, the most valuable feature is the flexibility of the solution, it being able to be integrated with a number of applications and solutions; and also, the configurability of the solution.

Security is a big concern of our client and it is certainly something that helps the client be able to secure the application and provide a better user experience; doing a single sign-on instead of multiple logins, for example.

I've seen a lot of analytics capability being built in for a number of products. Obviously, I want to be able to use analytics on CA SSO as well.

The client that I manage it for has used it for four years already.

It's a stable solution. It's been in place for quite some time already. There aren’t a lot of operational or technical issues that are related to the system, so it's a stable solution.

It has been scalable, to us, at this point in time. It's been able to support quite a number of applications for our client. It's scalable to us.

Technical support has been great. Generally, support is very responsive, timely, and obviously, we have account support folks that we can reach out to, to be able to support us if there's any technical issue.

With the setup, obviously, with a large organization, there are quite a number of things to be done. There is some complexity involved, but generally, I would say that it's been quite successful.

We knew we needed to invest in a new solution because, obviously, again, security is a main concern of a lot of clients. Generally, the solution is stable, it's one of the leaders in the market, and it was chosen to be implemented.

I think what we will be looking for when selecting a vendor is in terms of support, technical support, when there is an issue. I think that's a key component to us when we implement a product. We want to be able to deal with issues when they arise. Can we support it? That's what we will look for from a vendor.

Generally, it's been a great product for us to use. It's been stable. It's been a good product.

The most valuable features are:

• Ease of deployment, and
• It’s customizable within the user interface.

It helps protect our applications and provides identity management. It allows us to do business with third-party apps, and they’re a recognized industry leader.

For the login experience, it’s seamless navigation from one app to the next. It’s responsive and promotes ease of doing business.

Upgrade planning is extensive and costly and involves a lot of applications, so we’d like to see that improved. Also, the policy export/import could be easier for when we go between environments and when we export/import into our production environment.

There are some security risks that we’re evaluating with a current version of the product that might require an upgrade. From an upgrade standpoint, it’s challenging – not a simple, agile type upgrade. It’s a major upgrade that affects a lot of our applications.

Highly stable. We have it pretty well tuned.

It’s scalable from one app to the next, and we already have the infrastructure built out to support it.

They provide a pretty good service, especially as we’re entertaining additional products and services. We had an upgrade from R6 to R12, which was significant, which we managed through support. Understanding the urgency and sensitivity behind it, we got their account management team to come on-site and help.

It’s stable, the client experience is really good, and there’s an opportunity for us to improve response times. They could improve integration with other products in the suite.

Understand what their business cases are before they pursue a solution; understand where they have a need. Sometimes applications themselves don’t necessarily need to be integrated with something as robust as SiteMinder doing ID management, so I’d recommend looking at the business functions and what their needs are before they pursue the SiteMinder solution.

The primary use case of this solution is a single sign-on to gain access to users and servers.

The security from the logistics team has required us to have a single sign-on solution. We implemented several single sign-on servers and we integrated them into one. The users would use it as a jump server. They would connect to it and from there, they would access the main server.

The most valuable feature is the integration with the Active Directory.

To add more value to this solution it needs to be more user-friendly. This is what is really needed in the next release of this product.

I have been using this solution for two years. My experience with this solution is as an end-user.

The stability is fine, we have not had any issues.

This solution is scalable.

We have more than 100 users who are made up of engineers and administrators.

I have not been in touch with technical support.

Previously, I used Arcon as a bridge to build access management. Arcon is different from CA SSO single sign-on.

I changed jobs and in this new location, Arcon was deployed.

The initial setup was not a problem. I would rate the difficulty a seven out of ten.

We have a large network with several servers and it took more than six months for the initial implementation.

We had a team of three engineers to deploy this solution on-premises. They were responsible for the administration of the single sign-on.

We implemented this solution with the help of one of the partners.

My advice to anybody considering this solution is to always create their use cases so that they can do a complete and thorough POC before purchasing this solution.

Do not force the implementation of these types of solutions. It was forced by the management without proper planning. I have learned that proper planning works best for these types of solutions because you have to integrate with different components of the network, in order to be successful.

I would rate this solution a seven out of ten.

The most valuable feature is basically what it promises. It gives us a platform for strong authentication and authorization with access control. Another strong feature that we like is actually its simplicity of operations and administration. It's fairly simple to grasp the concepts and administer the servers and the policies.

Without it we would rely solely on straight basic authentication to our user directories, and that obviously just doesn't work. There's no auditing on it so audit-ability is another big feature that is tremendously helpful especially in this day and age of auditing and data breaches.

It's our single solution for managing user authentication. It's proven itself to be reliable and stable in terms of how it works. It's also flexible so that we can use it for many different things -- Single Sign-On, integrated windows authentication, SAP, and federation, which is a big part of our use. Those particular features are really beneficial to us as an organization.

Probably the biggest thing that SiteMinder needs is a refreshed UI for administrators. Because it's transparent to users and clients there's, not much in terms of improvement there other than additional features that they can concoct. But as an administrator, the UI can definitely use refreshing. There's ways to get to the same result with less clicks, and even with their new refreshed UI lately, it's still basically the same thing, so I don't see any improvement there.

It's stable, lightweight, works as expected and we don't see any problems with it.

It's very stable. I would say it's about a 99.9% uptime. There is a glitch probably on average once every six months, once every half year. However, it's very lightweight for what it does and, again, the audit-ability aspect of it and logging aspect of it are very mature and helpful in terms of figuring out how to resolve an issue.

It's very Scalable. We were able to and we're actually continuing a global roll-out for it across the EMEA region in addition to our North American region, so it scales among all of our Active Directories very easily. We have no qualms in terms of adding users up to hundreds of thousands of users if needed. In terms of scalability, it delivers on its promise.

We use technical support for custom scripting. We needed to develop a custom Java API for SiteMinder to hook up with one of our .NET applications, and that's probably one instance where we had to use the technical support, although it kind of borders on professional services.

Otherwise, there are really probably only a handful of instances where we use technical support and really only to guide us on best practices.

I wasn't involved in the setup, but I will be involved in future releases, in particular our roll-out to different regions of the world.

My advice would be to go with it simply because I know the product and I know it works. The way I would persuade them would be to say that it's rock solid. It does what you need it to do, it's stable, and the learning curve is really not so bad.

If there was one thing I would say, think a little bit more about how you would use a flow chart to optimize the administrators experience to do the exact same job.

The features most valuable to us are its usability, the way you can customize it, and its supportability.

From an organizational perspective, it helps us to maintain IDs and it enhances the user experience. With just a single ID, people don't have to really remember multiple user IDs and passwords. So, it's a tool to enhance the user experience.

I'd like to see less issues when we implement new customizations or technologies. Being able to customize is something we'd like to do, but it needs improvement to allow that to happen without issue.

It tends to be buggy, though not to a high level. Where we have seen most of the problems is when we want to incorporate a new feature or when we want to implement some customization or when we want to implement a new technology. During those times, we have seen it to be buggy.

Like the stability, we have had some issues with bringing in new integrations or customizing it for our need. It's been a journey figuring out how to scale it.

I wasn't involved in the setup.

It may be a good product, but I'd advise staying away from customizing it.

What we're doing with Single Sign-On, we're providing security to different applications, like protecting the URLs. The other thing is, we're using SAML. With SAML we are connecting to the external vendor, external partner, and providing the customer a single sign-on to at the second domain.

It's more efficient. We're providing immense security to the applications, to Chase. We're securing 70 million customers in Chase.

I find that SAML is the best thing we're using right now because there is no need for creating the external account. If you take a partner like Disney World, if a Chase customer wants to log in to Disney World, then it is easy for them to log in with the same credentials, whatever we have at Chase. There is no need to make a new account or enter in the same data.

So, the Chase user, if he wants to purchase something on Disney World, tickets for example, he doesn't need to give his details to Disney World. He can use the information with the details, whatever we have, in the Chase DB. We're just, as part of the transaction, sending the details to Disney World and he completes the transaction with the details. So in that case, we're providing security to the user data.

We're working on a mobile API gateway. I am really interested to learn more about that.

It's stable, but we are finding some compatibility issues. We're still working with CA people. We're trying to improve the enhancements.

Scalability is good so far. It is user friendly, so we are not experiencing many complications when using this application.

Good support. We work with CA technicians frequently, engineers very frequently. They're very helpful.

Whenever we go to them with an issue, they'll first look at the existing DB. If the same kind of issue happened previously, they'll try to pull that information and provide us the feedback right away. If it is a new issue, they will really work hard to get the issue done, as soon as possible.