Symantec Siteminder Reviews

This solution is meeting our requirements for all of our applications. The newer version supports Grid Authentication.

This tool helps our organization with multiple applications. The solution is meeting the requirements and it is easy to use.

We are looking forward to implementing the uptime automation that was mentioned in the roadmap. We will go with the upgraded tool.

Once CA has finalized the cases that we have brought to them, it will be a better product to use.

In terms of stability, it’s good.

The scalability is good.

We have used technical support. We used them for a few cases we had during our upgrades. Anytime we need help with troubleshooting, we normally use support. We have spoken with them and they are good. They provide us with the proper solution for most things.

This is a product that I would recommend.

The flexibility; the multiple authentication schemes you can use; and the fact that you can use SiteMinder single sign-on to protect web services and web applications.

Customer support has been great too. CA has been good with my questions, getting us solutions for our two factor off, which we implemented a few years ago. They worked with us to get that rolled out. It's really flexible; and I think that's my favorite part.

We're able to have one single centralized way of logging in when you have shared sessions across all applications. It's flexible enough to have our two factor off implementation with it. It just makes things really easy for our users, both internal and external.

Like I said, it's pretty flexible. I mean it's met every one of our needs so far. We're currently looking to find ways of using the same authentication, which we've never actually used in it yet.

We're working with other companies now to provide federated authentication, both in and out. I will have to try that before I can say whether or not it's going to work. If it doesn't work, I think that's something we will have to explore with CA to find third-party alternatives, or something else in the future for enhancements.

I think SiteMinder's been perfectly stable. We just went through an upgrade about two years ago. We're still on SiteMinder, not SSO yet; so we still have another upgrade to do in the next year. It's been perfectly stable.

Our customer base is not the largest. It's probably about 10,000 right now. It's scaled fine. There's no problems there. I think we have room to grow if we need to. In terms of the number of applications we have thrown on there, it's grown pretty much exponentially since I started. No problems.

I've used technical support and I will say that I've said this to our sales rep a few times in the last two years, the customer support at CA has gotten so much better since I've started.

I used to get the runaround initially. They would ask us the same four questions all the time. I always felt like they were trying to brush me off and tell me “Go figure it out yourself” for the first few conversations.

For the past few years, it's been more like, "Okay, we know what you're on; we're tracking what you're doing; and we know that you're on this version and this version. How can we help?" It's more of a conversation, and that's great.

We converted from DMS, which was SiteMinder before CA bought it. I think it was relatively straightforward. From what I heard, there was a roles conversion process. We went from the old way of doing tasks to access roles. This required some work, but at that point, we didn't have that many web applications; so it wasn't a huge deal. It sounded like it was pretty smooth.

I helps us to secure all of our web applications -- internal or external- or customer based, or provider-based, or partner-agents -- with access control. It's a one-stop shop. We can have a single user interface that has centralized policy-based and rule-based access controls.

It's easy to execute, robust, and secure.

Identity Manager and GovernanceMinder should integrate better. Right now, they have started integrating it, but it would be helpful it were fully integrated with the other security products.

We've had no issues with deployment.

This is one of the robust and stable product I have seen in my sixteen years of IT experience. I'm not exaggerating here, but that is the way it worked. Very few instances we had real failures. When you have a product this stable, you can depend on it and get on with business.

Right now, our load is one million customers and about fifteen thousand internal users. We have web services we use and, this maybe looks so silly, but we didn't really have any major issues with SiteMinder. When my company began in 2003, we had two policy cycles up in production. Now we have six policy cycles. And it's scaled for us without problems.

When I came to the company we used v5, I believe, but I did two major migrations, a migration to v6 and then to v12. It's a very straightforward and smooth transition from version to version.

Make sure your architecture is defined properly.

The most valuable feature is basically what it promises. It gives us a platform for strong authentication and authorization with access control. Another strong feature that we like is actually its simplicity of operations and administration. It's fairly simple to grasp the concepts and administer the servers and the policies.

Without it we would rely solely on straight basic authentication to our user directories, and that obviously just doesn't work. There's no auditing on it so audit-ability is another big feature that is tremendously helpful especially in this day and age of auditing and data breaches.

It's our single solution for managing user authentication. It's proven itself to be reliable and stable in terms of how it works. It's also flexible so that we can use it for many different things -- Single Sign-On, integrated windows authentication, SAP, and federation, which is a big part of our use. Those particular features are really beneficial to us as an organization.

Probably the biggest thing that SiteMinder needs is a refreshed UI for administrators. Because it's transparent to users and clients there's, not much in terms of improvement there other than additional features that they can concoct. But as an administrator, the UI can definitely use refreshing. There's ways to get to the same result with less clicks, and even with their new refreshed UI lately, it's still basically the same thing, so I don't see any improvement there.

It's stable, lightweight, works as expected and we don't see any problems with it.

It's very stable. I would say it's about a 99.9% uptime. There is a glitch probably on average once every six months, once every half year. However, it's very lightweight for what it does and, again, the audit-ability aspect of it and logging aspect of it are very mature and helpful in terms of figuring out how to resolve an issue.

It's very Scalable. We were able to and we're actually continuing a global roll-out for it across the EMEA region in addition to our North American region, so it scales among all of our Active Directories very easily. We have no qualms in terms of adding users up to hundreds of thousands of users if needed. In terms of scalability, it delivers on its promise.

We use technical support for custom scripting. We needed to develop a custom Java API for SiteMinder to hook up with one of our .NET applications, and that's probably one instance where we had to use the technical support, although it kind of borders on professional services.

Otherwise, there are really probably only a handful of instances where we use technical support and really only to guide us on best practices.

I wasn't involved in the setup, but I will be involved in future releases, in particular our roll-out to different regions of the world.

My advice would be to go with it simply because I know the product and I know it works. The way I would persuade them would be to say that it's rock solid. It does what you need it to do, it's stable, and the learning curve is really not so bad.

If there was one thing I would say, think a little bit more about how you would use a flow chart to optimize the administrators experience to do the exact same job.

• Security configuration
• Flexibility

It provides a secure interface and single sign-on to a variety of different applications.

It's difficult to configure, and has a very old and challenging user interface.

I managed it for approximately three years.

No issues encountered.

No issues encountered.

It's reasonable, the support does respond within a reasonable time frame, but it can be very difficult to troubleshoot any issue.

It's reasonable. The support is not the quickest to respond and does not have a mature process in terms of what logs must be gathered, and what to gather before raising a case.

It was complex. There are a number of concepts you have to understand to use the product, and the concepts are mostly specific to this particular product.

CA provided assistance with augmentation of the existing solution, they provided quite a good level of support during the project.

The primary use case of this solution is a single sign-on to gain access to users and servers.

The security from the logistics team has required us to have a single sign-on solution. We implemented several single sign-on servers and we integrated them into one. The users would use it as a jump server. They would connect to it and from there, they would access the main server.

The most valuable feature is the integration with the Active Directory.

To add more value to this solution it needs to be more user-friendly. This is what is really needed in the next release of this product.

I have been using this solution for two years. My experience with this solution is as an end-user.

The stability is fine, we have not had any issues.

This solution is scalable.

We have more than 100 users who are made up of engineers and administrators.

I have not been in touch with technical support.

Previously, I used Arcon as a bridge to build access management. Arcon is different from CA SSO single sign-on.

I changed jobs and in this new location, Arcon was deployed.

The initial setup was not a problem. I would rate the difficulty a seven out of ten.

We have a large network with several servers and it took more than six months for the initial implementation.

We had a team of three engineers to deploy this solution on-premises. They were responsible for the administration of the single sign-on.

We implemented this solution with the help of one of the partners.

My advice to anybody considering this solution is to always create their use cases so that they can do a complete and thorough POC before purchasing this solution.

Do not force the implementation of these types of solutions. It was forced by the management without proper planning. I have learned that proper planning works best for these types of solutions because you have to integrate with different components of the network, in order to be successful.

I would rate this solution a seven out of ten.

What we're doing with Single Sign-On, we're providing security to different applications, like protecting the URLs. The other thing is, we're using SAML. With SAML we are connecting to the external vendor, external partner, and providing the customer a single sign-on to at the second domain.

It's more efficient. We're providing immense security to the applications, to Chase. We're securing 70 million customers in Chase.

I find that SAML is the best thing we're using right now because there is no need for creating the external account. If you take a partner like Disney World, if a Chase customer wants to log in to Disney World, then it is easy for them to log in with the same credentials, whatever we have at Chase. There is no need to make a new account or enter in the same data.

So, the Chase user, if he wants to purchase something on Disney World, tickets for example, he doesn't need to give his details to Disney World. He can use the information with the details, whatever we have, in the Chase DB. We're just, as part of the transaction, sending the details to Disney World and he completes the transaction with the details. So in that case, we're providing security to the user data.

We're working on a mobile API gateway. I am really interested to learn more about that.

It's stable, but we are finding some compatibility issues. We're still working with CA people. We're trying to improve the enhancements.

Scalability is good so far. It is user friendly, so we are not experiencing many complications when using this application.

Good support. We work with CA technicians frequently, engineers very frequently. They're very helpful.

Whenever we go to them with an issue, they'll first look at the existing DB. If the same kind of issue happened previously, they'll try to pull that information and provide us the feedback right away. If it is a new issue, they will really work hard to get the issue done, as soon as possible.

The most valuable feature for us is the configuration feature. It permits us to connect our company to the offices of our subsidiaries. So, when we buy a company we can connect their IT infrastructure to ours.

It connects us to our vendors, agencies, and our service providers that are within our group of subsidiaries. If we didn't use it or if we lost service for even two hours, we'd lose 20 million euros.

We'd like to see a new feature to support an openID connection portal. We'd also like for CA to be faster at shipping out new technical environments, such as OSs. They should do an operating system like RHEL, where Red Hat is on top the newest version of Linux. Today, they're slow to support new technology.

It's stable.

There have been no issues. The scale is very important for us because we are doing some new applications.

It's not user friendly, but it's very customizable. It's important to have customized developments integrated with CA SSO.

It's expensive. If you're small, it wouldn't be as good a fit, but if you are a big company, then it's a better choice.