Symantec Siteminder Reviews

Security to protect digital assets is most valuable to us. For the financial industry, security is a high priority. SSO provides solid security, specifically authentication and protecting digital apps and applications. We can define what we protect.

Federation is valuable as well, using the same security across multiple channels like mobile, e-side and m-side, and web services for partners. We can cover all channels with one security solution.

It protects business assets and functionality. It enables the business to serve customers through multiple channels without asking the user to register multiple times. Register once and it serves multiple channels. It also helps our security and fraud teams to protect assets and lock compromised accounts. It allows all channels to go through the same rules.

We go by agents for authentication; anything relating to agent configuration could be improved, or even agentless security.

Also, reporting on analytics and the health of the system could be improved.

Very stable. It’s rock solid. As it is serving 100 million requests, it works.

It’s very scalable horizontally. We deploy multiple policy servers as we see load increase, and we do have 16 million users.

We have dedicated services, and they’re OK. Whenever we ask the questions, we get documentation and we do place calls. When we place calls, we do get good support. Theoretical questions or subject matter questions are usually answered with documentation and some back and forth. Overall they have been good.

It was already implemented, but we did migrate to a new data center. The experience was pretty good.

SSO architecture is different from other kinds of application development. Plan up front. Understand the tool, and understand how to configure the tool, which partially depends on LDAP, and how to configure agents to perform.

Understand how you want to protect which assets, and how you want to open asset protection to other channels because it will grow. People will be asking more and more. For us there is no other way when I’m serving that many customers – we have to be fully prepared and plan way ahead.

The most valuable features are security and ease-of-use.

Tokenization of the web applications is easy for application owners to integrate with the tool. On the back end the dev side, and the deployment cycle with web agents and policy creation are easy.

It's seamless with several hundred internal applications, which is a time and frustration-saving mechanism. It definitely gives a productivity increase with less time logging into things instead of logging in from application to application, while maintaining the security layer.

We’d like them to go back to the C version of the admin console. It was much smoother than the web-based version. Everything else is pretty good.

Very stable product. The only time we’ve had problems with it is deep behind SiteMinder, which feels the ramifications. The application we’re protecting usually has the issue, not the SiteMinder/SSO itself.

Very easy to scale. They have a good sizing guide it vertically scales very easily.

Once you get past the first level, it’s good support. Typically once you’ve supported the CA product for a couple of years, you probably know more than first-level support, so it’s frustrating to explain to them the issue.

It was already in production when I joined.

It’s definitely an industry leader in the web access realm. It’s easy to deploy and integrate.

You need to understand the overall design of your web infrastructure, and what do you want to protect – the entry point or the entry point and application server? Design questions, really. You need to decide whether you want fine-grain or course-grain authorization. For the CA solution, make a support matrix and understand other peripheral products in the environment.

We like the ease of implementation, integration, and the support matrix. Cookie provider helps us set host-based cookies and provides SSO across multiple domains. It provides restricted cookies as well.

It restricts cookie replacement and provides enhanced ones, so the applications are safer. Helps keep our data secure in a much better way without affecting user experience.

Better support. It would be great if they could move to the AWS model where we could open up a chat with the support person immediately instead of opening up a case. We’d love to see them implement screen sharing to expedite the support process.

10/10 - no issues.

I haven’t seen any performance problems with scaling or general performance ability, so maximum points there as well.

Not great. The first level of support is not up to the mark or able to understand the actual problem. It takes us time to explain the problem. Any time we open up a case we have to repeat the explanation of the problem 15 to 20 times until we get a response that is in line with what we are expecting.

The handoff isn’t good. Communication with the different support teams is a challenge, and we have to repeat every detail of the problem at every stage, which makes it not a great experience.

It was simple. Documentation has been more than satisfactory, and we’re happy with that. The changes are very well communicated. Even the point releases haven’t given us any problems.

It has all the features, and the CA roadmap has always been ahead of the competition. The only missing portion is documentation around global deployment. As companies are growing bigger and bigger, they’re thinking about global deployments, so we haven’t seen much talk around global deployments, and I haven’t seen any white papers.

The most valuable features are:

• Ease of deployment, and
• It’s customizable within the user interface.

It helps protect our applications and provides identity management. It allows us to do business with third-party apps, and they’re a recognized industry leader.

For the login experience, it’s seamless navigation from one app to the next. It’s responsive and promotes ease of doing business.

Upgrade planning is extensive and costly and involves a lot of applications, so we’d like to see that improved. Also, the policy export/import could be easier for when we go between environments and when we export/import into our production environment.

There are some security risks that we’re evaluating with a current version of the product that might require an upgrade. From an upgrade standpoint, it’s challenging – not a simple, agile type upgrade. It’s a major upgrade that affects a lot of our applications.

Highly stable. We have it pretty well tuned.

It’s scalable from one app to the next, and we already have the infrastructure built out to support it.

They provide a pretty good service, especially as we’re entertaining additional products and services. We had an upgrade from R6 to R12, which was significant, which we managed through support. Understanding the urgency and sensitivity behind it, we got their account management team to come on-site and help.

It’s stable, the client experience is really good, and there’s an opportunity for us to improve response times. They could improve integration with other products in the suite.

Understand what their business cases are before they pursue a solution; understand where they have a need. Sometimes applications themselves don’t necessarily need to be integrated with something as robust as SiteMinder doing ID management, so I’d recommend looking at the business functions and what their needs are before they pursue the SiteMinder solution.

The three security products perform different functions, but they are all part of the suite. SiteMinder is an industry leading solution as everyone is using it. The new offerings are simplified, which is good.

Besides that, other things are pretty much on par for the industry products out there. All the products have valuable features, but they’re similar with what’s out there.

We are using it for multi-factor authentication, and we are using it also for our identity management processes. Some of the tasks we have been doing for boarding, it's helped us meet requirements by having dual-factor authentication.

With CA Identity Manager, the integration support with other technologies is still not mature enough. CA IDM still has a lot of moving components. Oracle and SailPoint solutions are much simpler and robust, although we are using CA because we have licenses despite it needing to be simplified.

We're using this alongside IdentityMinder and RiskMinder.

I would rate the suite 4-5/10. SiteMinder is the most stable and is 7-8/10 rating. with the other ones, we’ve had problems, and they doesn’t really match our business needs. The other parts of the suite are lower.

I think for SiteMinder, we have a business need and we think it is scalable. For 2016, we'll increase our infrastructure. For the others, we are running them on a minimum hardware set.

We often use tech support when we get stuck in situations. We have less of a relationship with them because we escalate with partners and they provide us with support. If you just open a ticket directly with CA, the guy doesn’t have a solution. With the partners, there's always a good solution.

I started using it six years ago when it was very complex. Now they have given a lot of UI features and simplified it as well.

They are good from a cost standpoint. The price model offering is very comparative to other solutions. That is a positive.

We also looked at Oracle and SailPoint solutions. We looked for a solution that had good integration with other technologies in an enterprise organization. We also considered the simplicity of the product.

CA has a lot of servers, but it needs to be simplified to only two to three components. The SiteMinder solution is something that if my colleagues would like, I’d suggest that.

Other products I would say, go look out in the market. There are better solutions, and CA should look at Gartner’s Magic Quadrant and IDG. Look at the capabilities to see how they can bring those capabilities into their products, etc. It gives me the single sign-on between applications. On-boarding isn’t effort intensive. Those are good things.

It provides us with authentications, authorizations, and basically providing the client with better secure services.

We can differentiate between the good logins with a genuine user and unauthorized ones.

It’s easy, versatile, and functionality-wise, it’s very user-friendly as well.

With SSO, we’ve been able to better serve our clients, and wherever these authentications are required we can effectively manage the authentications. The bottom line is that if the clients are happy with the SSO solutions we’re providing, we’re doing a great job and the product has been helpful.

I would say advanced authentication, but they have another product for that. SSO could be merged with automatic authentication, so if I want to use those services I could depending on our requirements, rather than having two different products installed.

Like every other product there are things that need improvement, but it has been pretty stable. From a job perspective, it does what it is designated to do. Sometimes there are issues with non-sequential navigation, but when there’s an issue we get a fix for it. There are no issues with the core functions.

We are applying the solution to a lot of the platforms we are planning for, and we’re pretty confident and positive that it will be the best solution for us.

It’s good. Sometimes you have to wait for the right resources to come up and follow the escalation chain, but they’ve always been very responsible. I would like to get answers right away in most of the cases, not being sent offshore to have some analysis done. But I’ve seen that improvement in the past year – the customer service has improved.

It was already in production when I joined.

We installed one version and there is a bug in it; from a customer perspective I would want that particular issue to be fixed rather than getting an answer that the bug will be fixed in the next version.

It doesn’t mean we’re not trying to address it from our side, but with clients on it, it does take time and we’ve got to keep in mind all of the consequences. If they could have those exact solutions for a particular issue that would be great.

You should understand their requirements before they select a solution. Then you need to verify that you have the correct infrastructure, resources, and that your applications are compatible with the SiteMinder solution.

The ability to easily manage user accounts is great.

Segregation duties is another great benefit. It has allowed us to automate the process of creating user accounts really well.

I can't think of any additional features I'd like to see, as it does everything we need.

We've been using it for around two years.

It’s been very stable so far and hasn't gone down at all.

It’s scaled up as far as we've needed so far. We're a midsize customer with about 2000 users, and it's been totally fine.

They get us answers, but often they’re too slow. It could take us as long as two weeks to get the answers we need. While sometimes it's quick, it has often been slower than ideal.

We’ve always been using this, and beforehand we used a homegrown solution. We switched because it had insufficient automation and our homegrown solution was just too inflexible.

I wasn't involved in the initial setup.

I always look for quality of services. CA have been OK so far, but not a slam dunk. We had one problem where they took forever to get back with us, but they eventually solved the problem fast.

My company also looked at IBM and Oracle, and I don't know why they chose CA.

Check how many endpoint systems it supports. We chose this because of the amount of endpoints, you can automate the creation of endpoint systems, and it has the ability to create custom connectors. It supports the connectors out of the box and this is faster and easier than doing it yourself.

The features most valuable to us are its usability, the way you can customize it, and its supportability.

From an organizational perspective, it helps us to maintain IDs and it enhances the user experience. With just a single ID, people don't have to really remember multiple user IDs and passwords. So, it's a tool to enhance the user experience.

I'd like to see less issues when we implement new customizations or technologies. Being able to customize is something we'd like to do, but it needs improvement to allow that to happen without issue.

It tends to be buggy, though not to a high level. Where we have seen most of the problems is when we want to incorporate a new feature or when we want to implement some customization or when we want to implement a new technology. During those times, we have seen it to be buggy.

Like the stability, we have had some issues with bringing in new integrations or customizing it for our need. It's been a journey figuring out how to scale it.

I wasn't involved in the setup.

It may be a good product, but I'd advise staying away from customizing it.