Symantec Siteminder Reviews

Our primary use is for client demo on authentication/authorization, federation, and ease of use.

The product was just for client demo purposes. There was no deployment onsite.

• This is the only access management product that I have come across which configures end-to-end and hosts resources. 
• This product is very easy to deploy. I just strictly needed to follow the user-guide.
• The CA directory services is something that I found to be cool. 
• I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed. 
• You can quickly deploy the entire product with a basic config within couple of hours.

• The GUIs are not very clear, especially when integrating with other products from CA. 
• Like CA IDM, there can be challenges. One needs to know that they have great hands-on on their app servers to understand the logic and deploy it accordingly.
• There were challenges with version compatibility, and this is something that I did not like. This all happened during the second phase while trying out various integrations.

No stability issues.

No scalability issues.

Technical support by CA Technologies is wonderful. I used to post my queries and get quick responses. The CA forum is something I would recommend to follow if you are dealing with any CA product. I appreciate their timely and effective responses.

Although it is straightforward, for someone new to access management, it is always a challenge to understand what is done and why. That is where I struggled initially, since I was very new to the domain. Domain knowledge is more important when you are new to a product.

I recommend conducting a PoC on every available product before choose one.

Not applicable.

Be sure to get your doubts clear on any product features, integration with other CA products, and other security products.

I recently came across Okta, which also has cool features.

Before implementing, ask a CA manager to provide you a list of use cases, which can help you in building/offering what you have in mind.

Validation of people's logins when they log in to their PCs. Everybody, when you turn on your PC, you go SiteMinder to login. Security.

It has performed very well, it does what we need it to do, it's reliable, and it doesn't impose any overhead on the user or on the platform.

• Ease of use for the user 
• Security, of course
• The ease of setup and installation

We can definitely control our user experience better on the PCs. People don't necessarily have to worry about losing something, like a PC, or a tablet, or a phone, because it's controlled by SiteMinder. We can remote wipe it, we can do all sorts of different things to secure it.

Answering this would require me to know what the current platform does or doesn't do, and I'm afraid I'm not a good enough judge to make that evaluation. I might say something and it's already there, and I just don't know about it.

I will say the user interface for login is kind of plain. They could make it a little prettier. The site is a big, blue screen, with "SiteMinder," and that's pretty much it.

It seems pretty stable so far. It's a mature product, it's been around for a long time.

We're using it on thousands and thousands of devices, thousands and thousands of users. So, it's very scalable.

With Single Sign-On, we don't have to do anything in our system.

After they deploy the application, everything works seamlessly. That's the main benefit that we get out of this product. For authentication purposes, we can keep security out of our applications, which is productive for us.

We can rapidly onboard different partners. We don't have to wait for months to do that. For this, we use the Federation feature from CA Single Sign-On, which helps us a lot.

There is a need to introduce more templates in the UI side and this would help design this aspect better. As of now, there are only a few samples available.

There is scope for improvement in this product.

It works fine. We did not find any stability issues. It is very rare to see something go wrong, so the application is quite stable.

However, we have noticed that when you update to the latest version, it can be unstable. Right now, we are in a stable environment.

You can scale it very easily. It works exactly the way the product has been documented. We can scale it well and we did not find any issues with it.

The technical support level is moderate. I would give it a 5/10 rating.

It depends both ways - we need immediate solutions however from their end, it takes time to get answers.

We required such a product, as we were using an old solution. That’s how we started using CA Single Sign-On with the CA SiteMinder.

The setup was not straightforward. I would give it a 7/10 rating - 1 being simple and 10 being complex. So, it was quite complex.

I would advise others to use this tool as it is robust and mostly it solves all the problems that arise in our industry.

We did consider other vendors. However, after we saw the demo for this product, we decided to purchase this product.

The factors we looked into before purchasing this product are the benefits of this product, how CA functions with other tools, costs, the level of support provided, upgrades and so on.

Our primary purpose for using it is to manage and control access to our web applications. We've extended the use somewhat to protect other environments in our shop where we need to authenticate users.

For example, we have a GemFire caching product, and we want to limit what data users can access within the GemFire environment. So we leverage SiteMinder and its policies within GemFire to authenticate the user and to authorize them based on what type of data they are accessing.

We also use it to federate identity with external clients and vendors. We use the federation component to federate identities between ourselves and outside third-parties.

We're moving to an API-based application development model with SiteMinder in that environment. It's important for us to be able to handle authentication and authorization issues when client-side mobile apps are calling to our services. We needed to handle the responses from those authentication problems better than the traditional SiteMinder SSO system did. 12.52 provides a really nice web-app customer response feature that allows us to customize responses back to the mobile app or the browser assignments.

We're really interested in the containerized version of CA SSO where the product will be delivered as a container image rather than the traditional binary.

We'd also like to see a more streamlined implementation update process.

Also, I think they need to improve their support a little bit better especially with experienced customers who are very knowledgeable in product. It's difficult when working on level higher than support.

We brought it in a little over 10 years ago. We're currently in production on 12.0, but we're right in the middle of our migration to 12.52.

We have a very carefully planned roll-out of these products. We won't go into production as long as we're having stability issues. I would say for 12.0, our experience was fairly elongated to get to the resolution of some issues, probably a couple of months. With 12.52, we've had a couple of issues, but we already have patches and work arounds for them, and so we think that things have improved.

In the past, whenever we migrated to a new version, there's been a little bit of stability issues at the beginning and I would say with 12.0 in particular we had some stability issues. But we believe 12.52 is a lot more stable, but that's yet to be seen.

It's a hit and miss thing, like all support organizations. For the most part, for simple problems they can get to a resolution fairly quickly. If the problem is a little more complicated, they really struggle with getting us a solution. We usually have to escalate the problem to our contact engineer. But then it depends on how important the problem is. If it's like a real critical problem affecting our production environment, we'll push a little harder. We'll call up our CA representative and try to escalate the problem.

I wasn't involved in this initial decision to bring it in, but I was brought onto the team fairly soon thereafter.

I think Oracle and IBM have similar products. For due diligence purposes, We occasionally take a look at other vendors and compare features, but so far we're happy with CA.

I would totally recommend this product, but I think CA has a really good handle on what the drivers are and where the business is going in terms of application development. They seem to be a good fit.

The most valuable features are:

• Ease of deployment, and
• It’s customizable within the user interface.

It helps protect our applications and provides identity management. It allows us to do business with third-party apps, and they’re a recognized industry leader.

For the login experience, it’s seamless navigation from one app to the next. It’s responsive and promotes ease of doing business.

Upgrade planning is extensive and costly and involves a lot of applications, so we’d like to see that improved. Also, the policy export/import could be easier for when we go between environments and when we export/import into our production environment.

There are some security risks that we’re evaluating with a current version of the product that might require an upgrade. From an upgrade standpoint, it’s challenging – not a simple, agile type upgrade. It’s a major upgrade that affects a lot of our applications.

Highly stable. We have it pretty well tuned.

It’s scalable from one app to the next, and we already have the infrastructure built out to support it.

They provide a pretty good service, especially as we’re entertaining additional products and services. We had an upgrade from R6 to R12, which was significant, which we managed through support. Understanding the urgency and sensitivity behind it, we got their account management team to come on-site and help.

It’s stable, the client experience is really good, and there’s an opportunity for us to improve response times. They could improve integration with other products in the suite.

Understand what their business cases are before they pursue a solution; understand where they have a need. Sometimes applications themselves don’t necessarily need to be integrated with something as robust as SiteMinder doing ID management, so I’d recommend looking at the business functions and what their needs are before they pursue the SiteMinder solution.

The features most valuable to us are its usability, the way you can customize it, and its supportability.

From an organizational perspective, it helps us to maintain IDs and it enhances the user experience. With just a single ID, people don't have to really remember multiple user IDs and passwords. So, it's a tool to enhance the user experience.

I'd like to see less issues when we implement new customizations or technologies. Being able to customize is something we'd like to do, but it needs improvement to allow that to happen without issue.

It tends to be buggy, though not to a high level. Where we have seen most of the problems is when we want to incorporate a new feature or when we want to implement some customization or when we want to implement a new technology. During those times, we have seen it to be buggy.

Like the stability, we have had some issues with bringing in new integrations or customizing it for our need. It's been a journey figuring out how to scale it.

I wasn't involved in the setup.

It may be a good product, but I'd advise staying away from customizing it.

Primary case is to authenticate users and use banking online. It is performing well.

It has definitely made things easier. We do not have to do that development. It is an out-of-the-box product which does the thing it does best.

It has the ability to authenticate and authorize users. It is the main feature for our security.

Better monitoring. A better way to debug a problem. When there is a problem with it, it should log enough information for CA to know what is the problem, like a better debugging tool. 

It needs better debugging and support.

We have had some issues with it, but in general, it is good.

CA was there to help. There is some issues in general.

It is very scalable. We have a very large customer base: 75 million customers. We have about 40 million log in a day. So, the scalability is very good.

We are not very happy with the support, I am sorry to say.

The reason is mostly because we stayed on an older version and we are behind catching up on a newer version. It has become harder for CA to give us good support. 

The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur. That is the biggest thing.

It has been an issue. All the problems that we reported actually have never been resolved. We could not capture enough information for CA to be able to debug the problem. This problem does not happen often. But, when it happens, we do not know why, because we are not able to capture the data. I think that is the biggest drawback. The support and its combination between ability for them to support us on all the older versions and different infrastructure to what CA recommends us to do. We are trying to upgrade and all that. Maybe these things will help.

Technical support is always available and very responsive. I have a direct line to the engineers. They allow me to talk to them directly. They really are trying to help the best they can. It does not work out well. In terms of interaction, no problems there.

When I started two years, it was already setup. Now, I am reengineering it. I am doing a different setup to eliminate any customization for CA to support us better. The process is straightforward.

I would recommend this solution. I would recommend the newer version without any customization. That is where we have had a problem because we did our own customization of this product.

Most important criteria when selecting a vendor: It is the supportability right. J.P. Morgan costs more, but we want stability, resiliency, and we want the product to work. However, it has to be scalable and supportable. That is the main thing for any product which we pick.

• Simplified federation
• Integrated Windows Authentication (IWA)

Our customer had two requirements:

• Authentication without any challenges
• Access to the partner's application without any additional login required

The first requirement got covered by IWA. The second requirement was covered by simplified federation.

IWA is an out-of-the-box feature. The SAML-based federation is standard for all tools. However, CA Single Sign-On has made the federation configuration way too simple and handy to set up and use.

Updates as on 09/21/2017

CA SSO is helping us a lot in providing the access solution to the customers. The enhanced features in the Simplified federation and the support for a number of different User store types allow us to support almost anything that customer needs. Very pleased with the new Reporting tool from CA that has ut of the bx integration capabilities with CA SSO and is an excellent tool for simplified and useful reports.

My customer is able to get seamless authentication done using IWA and straight access to the partner's application without any further authentication.

Reporting an auditing was one of the most needed requirements that was fulfilled very easily by CA SSO.

The upgrade/migration process can be simplified further.

If the reporting feature can be integrated into SSO itself that will be an icing on the cake.

I have used this solution for almost eight years.

Not until now form CA SSO side. Only one time we had to deviate from requirement because CA SSO does not support Oauth as a token provider and need additional tools to achieve this.

We have never experienced any stability issues.

Up until now, there were no scalability issues. We are able to manage around 25K users without any issues.

Good customer service for the support and comfort to the customer.

The technical support team is not very proactive. CA can improve in this area. I would give them a rating of 5/10.

This is the first solution that we have tried.

The initial setup was very easy and straightforward.

In house implementation

It is a good return on investment and we are able to deliver SSO as a service.

The price is quite comparable to the other enterprise-level solutions in that market. Since it has a user-based license, one should plan in advance regarding the scope in scalability.

We looked at similar solutions from Oracle and IBM. However, CA was much better, in terms of its user-friendly nature and the cost.

The major focus should be on planning, design, scope, and scalability. The rest is a piece of cake.