Symantec Siteminder Reviews

The most valuable feature is that it enables us to integrate multiple applications and give our users a true single sign-on experience when they go from one app to another app. From the user experience point of view, it definitely adds value to the company.

It's one of the leading products in the market today. Everybody likes it.

It definitely reduces the amount of time the user needs to access each application. They don't need to go through the login process to access individual apps. CA SSO does help us provide our users with a single sign-on experience.

We are definitely looking forward to versions 12.6 and higher because they are based on a 64-bit framework. We are looking forward to leveraging this to get better performance out of the product.

We have been using CA SSO for more than ten years and we don’t see any issues in terms of stability. It is a good product.

We do leverage technical support for any questions about new features; or if there are bugs in existing functionality, we benefit from their help with the fixes.

I wasn’t really involved with the initial setup. Most of it we basically do ourselves with the tools and the documentation that CA provides.

We have two business units: wireless and wireline. Wireline was already using Single Sign-On, so that's why we decided to stay with the same product on the wireless side.

CA SSO is a good product with a lot of features. CA is continuously evolving that product by adding new features. It will definitely help any company achieve their single sign on goal.

When we select a vendor, our most important criteria are the number of features they provide, how those features fit into our ecosystem, and the amount of time users spend to do what they want to do.

It provides single sign on for our company’s intranet. With that, when you log in, you don't need to enter your name and a password. It provides simple, secure access to company's intranet sites.

It was not stable when I got there. The more recent versions have been stable.

They have some strong performers, and then there are some other guys that we get and find that we need to ask for the case to be reassigned. My staff is pretty highly experienced, so they really need to work with the stronger support staff.

If someone came to me for advice, I would ask them specific questions about exactly what they need to secure on the internet, and how much of it they need because I think that one drawback to this product is that it's too big. It's too much of a beast. A lot of times, small to mid-sized companies really just need smaller bits and pieces that are available from other vendors, rather than tackling this whole beast. One thing that other vendors might do better is doing more with less with less cumbersome installation.

The most important criteria when choosing a vendor is the product's stability, so we consider overall impressions of the product’s standing in the market. Does it have good reputation for being stable? Is their company, overall, stable? We also look for ease of use of the product.

I think the most valuable features are handling user authentication and integration with the other applications within the suite, like Single Sign-On.

Multiple users with multiple applications can be authenticated in a single location.

I really can't answer this right now. We have so many other products that serve our needs. There are other vendors that satisfy some of our requirements, so I'm not exactly sure what CA would be able to provide us with.

For the most part, SSO is very stable. Since deployment, it's been very stable for us. We do very regular metrics on availability and we're in the high, high 90s, 99% I think, so it's a very stable, durable product.

I think there are some drawbacks to the scalability. At a recent conference, we heard that it's going to be a lot easier to scale for larger companies. That's going to be good in the future.

Sometimes technical support is slow to respond, and that’s typical. Normally, the first response is, "send us your logs", so they can review our environment. There are specific people assigned to our account, so they know what our environment is like, but they still want to have the log so they can look at it. Sometimes that slows the process of problem resolution.

This decision was made before my time. I came in when the decision was made to go with CA for identity management. Our company was going through a transition of ownership and all the decisions were made at the time. That was about 7 or 8 years ago.

I came 2 or 3 months after the initial setup, so I wasn't part of that. We had a third-party company help us with our development and deployment, so they pretty much took the ball and ran with it. I don't know how complex it was for them. When they presented it to us at deployment time, we were ready to go.

We were looking for anything that would have satisfied our requirements.

Make sure you know who your support staff is, who your vendor representatives are for your account and really get to know them. Give them the requirements that you need and make sure that they're following through. Build good rapport with them. That way they can help you determine what you need to do and feel free in giving different types of suggestions.

When selecting a vendor, we look for:

• responsiveness
• technical support of the product
• accessibility of the technical support teams
• product knowledge
• ability to train their customers on their product

The most valuable feature is that it's a rock-solid enterprise solution. It's the de facto standard. It works. It does what we need it to do in those circumstances, and it does it at scale.

It presents a standard pattern for people to secure their applications. In that regard, along with the tooling that we've built around the product, but the product itself as well facilitates app teams being able to do their application development, and then let security be layered on in the front of that. Given that we are a bank and we have significant issues around strong authentication, etc., that means, we can take care of that. The app teams don't need to keep up to date with whatever is new and current. They can just keep deploying applications. We deal with the security.

I think our questions, from me and our team, relate potentially to other products in the CA portfolio. There are other things such as strong authentication, risk-based authentication, and especially API management, which all represent a portfolio that could be integrated. Our interest is knowing the roadmap for making those part of a more seamless offering. If you like, it's the aggregation of the features of all those products, and how they come together.

It's very stable. I don't know that we've ever had it go down on us. It's occasionally gone really slow, but I don't think we've ever had a complete and utter outage that was the result of the product.

It scales. You have to pay attention to its dependencies on the rest of the ecosystem, and especially the directory. That's what's bitten us before; make sure that your directory is responsive, near, and is scaled appropriately for CA SSO.

We use technical support. It's not the best feature of CA. Lots of enterprise product companies have variable support offerings. CA are not the worst, but they're not the best. They're okay.

I wasn't necessarily involved in the decision to invest in a solution like CA SSO . I was brought on post that decision, but it can really be summarized as: The previous solution was a combination, a kind of hybrid, of a third-party vendor who we fell out with, and some home-produced stuff that was clearly not fit for purpose. There were commodity products out there that could do it, and SiteMinder, CA SSO as it is now known, was the best and most scalable one at the time. We have a large enterprise, so it was the obvious choice.

I believe the one that we had fallen out with, a big third-party vendor, was still on the list but for nontechnical reasons, they were not really considered. I think there were two other vendors in the frame.

It's difficult to name the most important criteria when selecting a vendor like CA. In our minds, CA is a product company and not so much of a solution company. I think they have aspirations to be a solution company. Delivery of a solution, working with us on the requirements is quite important; understanding our problem and our space. Price is actually quite an issue with us. The new, modern world, cost constraints, especially in the financial services sector; we're all looking to improve margins in a tough climate. Cost is an important issue as well.

You definitely need to consider CA SSO but you need to be mindful of the new ways of developing applications, and possibly look at the CA API Gateway product or some hybrid solution as well. You definitely need to consider CA SSO.

It is quite solid. It's never really gone down. It's a well-understood and reliable piece of our enterprise. The only reason I didn't rate it higher is that it's becoming a little less appropriate for the more modern styles of web application development, which is why I am curious about CA API Gateway and leveraging that. I think that represents all the features that are missing from CA SSO.

Clearly, we can go and buy the new product set and I guess CA would love that, but there needs to be a story about how the two live next to each other. It seems like that story is worked on in the SSO world, and it's worked on in the Layer 7 world, in the API Gateway world. I don't know if it's being worked on as a consolidated whole; a solution. That brings me back to the point I made elsewhere about solutions vs products.

There are a few valuable features in this product, such as single sign-on and web access management.

Centralized control to enforce security for the entire enterprise and complete visibility of the policies which we implement for most of the web applications make it more valuable for any enterprise. The ease of implementation is standardized and the availability of documentation on the CA Portal is very informative for any engineer to go ahead and implement it on his own.

From time to time, there are various upgrades available on the CA Portal that make it more compatible for all the different web servers or app servers to get it implemented.

It improves the working of our organization in the way that it secures most of the web applications or mobile applications. In addition, we don't have to depend on any other application teams to do any custom coding, as such.

Some of the features need to be improved. For example, the Federation feature. CA SSO is getting into that space and can definitely do better than the other products that are available.

It doesn't have a lot of features. I think there is some customization that's required on the CA Federation side if it has to get attributes from a different source. If an authentication has to happen in one source and then get attributes from some other source, then there's a requirement to do some custom coding work.

It's very much stable. As long as it works, everyone will be fine, but the minute it breaks, our enterprise will scream.

It's very robust and easy to scale. We were able to scale it within 2 weeks.

In regards to the technical support, the response time is good and they can give more hands-on information to engineers. Most of the time, they point to the available documentation on the CA Portal. But once we engage our point of contact, i.e., the partner contact on ASI, we get more attention from CA experts.

We were not using any other solution. We have been using this product for at least nine years.

I was not involved in the initial setup but we were involved in most of the migrations after the initial setup. The migrations are not very complex; it is moderate and not simple, either.

Engineers need to go through the documentation to fix some of those issues. One of the struggles was to create some of the indexes on their pre-server that we didn't know how to do. At that time, maybe, we were a few of the first customers who were doing this. So, we ran into some issues which were not even known to the CA support team.

It's definitely a good product and you won't go wrong if you choose this product. It's proven and is working fine. We can scale it. The support is also good. It's very stable and I don't think there is any other product which provides this kind of functionality.

The important criteria whilst choosing a vendor were scalability and the enterprise-level features that are compatible to all different versions of app servers and web servers.

It's flexible, powerful, and superperforming, I'd say. It performs very well on the road.

We can secure many access points, whether they are local apps, or on-premise, or in the clouds with third parties, with partners, or with customers. It manages user profiles and identities so we can secure and standardize our web access management.

The admin UI needs to be more stable. They should bundle more of the products and get rid of a lot of the small pieces which we need to configure on the top of the initial setup. Examples of this are the SM Console and the registry.

It should be easier to implement and deploy; and it should support more platforms, such as more operating systems.

It is much more stable than it was before. Now it is getting to be very stable, especially when you tweak it properly and follow CA best practices.

It's very scalable. Right now we're on the 32-bit version. We need to add more servers and more capacity to handle the loads. I hope the next version will be even better than it is now.

Technical support is above average. It used to be below average, but they improved a lot over the past year and a half.

• We needed to implement secure access. CA is a leader in this area, so we went naturally with the best. We also chose CA because of the way they interact with customers, pitch new features to us, ask us for feedback, and provide us with support.
• The product itself is easy to implement.
• The login is super-responsive so that there is no lag before you can access the system. This provides a positive user experience. It is flawless. I log in once to my portal, and that's it. CA Single Sign-On takes care of everything else.

You need to know exactly what you need to do. So you need to know your use cases, your needs. Just go ahead, contact CA, and see what comes out of it. It's a great product, so just use it. Try it out.

SSO provides out-of-the-box authentication for the majority of the apps; and it provides a holistic solution for the company. Right now, we are using an on-premise solution. If we want to move to the Cloud, CA has that solution as well. So we’re positioned quite well to move into the Cloud as well.

They take the authentication and the core screen authorization out of application code. They also integrate with other security products very well.

SSO has impacted security on the whole. It has provided a very good user experience. We have recently moved from an experience in which users had to log in multiple times. Now they love it because they don't even have to have a log in because we integrated certain functionality from the CA side, like integrated Windows authentication. Users love it for certain applications where they had to log in a number of times during the day.

CA has come up with and has talked about Cloud-based solutions. I would like to see more mature ideas than what they're providing. I'm sure they have that on their roadmap. There are certain integration points that can be leveraged and made more easy to deploy, like the REST APIs and things like that. That is an opportunity to make deployment easier for any employer or for any company. They are talking about it. It’s going in the right direction. That’s for certain.

The stability of the solution depends on how you implement it. It's stable. There are no known issues. If there are patches required, CA provides patches regularly. Overall, it is pretty good.

There's really no limit to scalability if you have the right hardware and right architecture. I wouldn't put it on the product. It's how you deploy the product. Thousands and millions of authentications are done in seconds and milliseconds, so scalability is not an issue at all.

The company has used technical support. It's usually used if they need upgrades. If they need some help, they have it. The technical support is on par with the current level of support in the industry.

This happened before my time, so they actually had either a home-grown product, or they had some legacy systems for provisioning or for authentication. They had a different product which wasn't doing exactly the same thing, but this a very mature product. This has been there for a long, long time, for the past 20 years now.

They evaluated other options before choosing this one way before I was there. However, for example, there are other security and security engineering products that they're currently evaluating. Some of them are from CA, and some of the others are in-house. For example, privileged access is an important one and the company's talking to CA about Privileged Access. They have a product which is not really meeting their requirements today. Hopefully, the Privilege Access one will take care of that.

In choosing a vendor, the relationship is one of the most important factors. In today's world, everybody has the same features, so it’s the relationship that matters. It's not a vendor. It's a partnership. You develop that, and you're pretty much covered.

It depends on what requirement is the most important to them. Is the Cloud the most important thing to them; or is in-house important to them? The main consideration is what issue are they trying to address? If they're trying to address the user experience, everything holistically: CA, Oracle, RSA, they're all, again – it all depends on the relationship and what CA provides.

The most valuable feature is the flexibility of this product to integrate with any third-party components and platforms. Support for those is a really interesting feature.

It is a decent solution. We have been using it for our SSO API stuff. We also use it for implementing single sign-on across internet-facing applications.

One of the features that needs improvement is the capability of implementing single sign-on in cloud. As a client-server model, we depend on the IP addresses that break when we move into cloud, so more of a REST API approach is needed.

There are still areas in this product that need to be improved, as in every other product.

The newer releases are quite stable. We do come across some issues, but the release cycles are good and quite impressive.

Scalability is decent. We have been using it for a long time and we don't have any issues with the scalability part of it. It is quite scalable.

The technical support level varies from average to medium. We would like them to improve parts of their technical support so as to provide quicker and better solutions.

I wouldn’t blame the technical support team, as they need support from the engineers. There is need to provide more training to the technical staff in regards to the latest features.

We were using some other tool previously. At one point, a requirement came up for a more stable and enterprise-wide solution, so we decided to invest in the CA tool.

The setup was complex because we customized the entire implementation process. Although, I doubt any other customer would use it in a similar way.

I was not part of the discussion for shortlisting other vendors but I am aware that our company did perform some POCs and narrowed it down to CA SiteMinder.

It is a decent solution. CA is focusing on improving the stability of this product and their future roadmap looks quite promising as well. Companies should invest in this product and should think of it as a competitor.

When selecting a vendor, we focus more on the technology standpoint; how flexible the product is; how much customization we can do; the support availability.