Symantec Siteminder Room for Improvement

Umair (Abu Mohaymin) Akhlaque - PeerSpot reviewer
Enterprise Solutions & Services Head at Duroob Technologies

The performance could be better.

The support could be faster. 

Sometimes when your customer has a legacy application and they want to make a single sign-on, you cannot do it with SiteMinder.

The solution doesn't support client-based Java. 

You do need to be pretty comfortable with the product in order to use it. 

The product needs to invest in enhancements. They are not innovating anything lately. The competition is beginning to pull ahead of them and they are getting left behind. 

The cost of the product is a bit high.

View full review »
it_user558618 - PeerSpot reviewer
Senior Specialist IT Architect at Pramerica

One of the features that needs improvement is the capability of implementing single sign-on in cloud. As a client-server model, we depend on the IP addresses that break when we move into cloud, so more of a REST API approach is needed.

There are still areas in this product that need to be improved, as in every other product.

View full review »
it_user558552 - PeerSpot reviewer
Security Architect And Managing Director at a financial services firm with 10,001+ employees

CA has come up with and has talked about Cloud-based solutions. I would like to see more mature ideas than what they're providing. I'm sure they have that on their roadmap. There are certain integration points that can be leveraged and made more easy to deploy, like the REST APIs and things like that. That is an opportunity to make deployment easier for any employer or for any company. They are talking about it. It’s going in the right direction. That’s for certain.

View full review »
Buyer's Guide
Symantec Siteminder
March 2024
Learn what your peers think about Symantec Siteminder. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
it_user558654 - PeerSpot reviewer
Manager at a consultancy with 10,001+ employees

A simple feature that still does not exist but it should be implemented as soon as possible, is that if a user is accessing an internet app from the internet, then it should perform a desktop single sign-on. But, if the same application is accessed outside of the network, the users should be given a page login. I don't want customization to implement this behavior, since this should be a simple configuration within SSO functionality. This should detect whether you are accessing from inside/outside of the network and accordingly present the authentication. This feature does not exist today and it is something, that almost all our clients ask for.

View full review »
it_user558561 - PeerSpot reviewer
IT Engineer at Qualcomm

I would like to see reporting, REST-based queries. Reporting is a big one for us. We want to be able to put in the URL and get a list of all of the access that that URL has. On the flip side of that, one could put on a LDAP group, and program this LDAP group to get access to all of these URLs. That's something that we don't have today, and we're actually trying to build that. It would be nice if that was built into the product, and be API driven. Anything that we can do in the user interface, we want to be able to do that programmatically through SDKs, or through a rest interface. It's all about automation stuff. With everything moving to AWS right now, we have everything automated with CA Single Sign-On, except for the installation. That's the main reason behind my rating.

View full review »
it_user349344 - PeerSpot reviewer
Vice President at a financial services firm with 10,001+ employees

We go by agents for authentication; anything relating to agent configuration could be improved, or even agentless security.

Also, reporting on analytics and the health of the system could be improved.

View full review »
HD
Sr IAM/PAM Engineer at a retailer with 10,001+ employees

An area Siteminder could improve on is that there are a few limitations, in terms of new protocols for OpenID. If I want to have different scopes, the features are limited. They also do not have APIs exposed, which is a major drawback. API is a feature I would like to see included in the next release. 

View full review »
it_user778740 - PeerSpot reviewer
Systems Engineer at navyfederal

The OpenID Connect piece, we would like to see the new technologies baked into the product, as opposed to going out and using a different product to accomplish the same thing. So OpenID Connects would be great, to have that kind of plug-in, into SSL without having to go in and install new products.

View full review »
it_user372576 - PeerSpot reviewer
Sr. Systems Engineer Principle at a retailer with 501-1,000 employees

I'd like to see the federation piece made a little simpler. Working with Samuel in federation and those components, it can prove pretty challenging and that's where we've had to go outside and seek additional help on those areas. Their interface could use some work but they made great improvements with the 12.5 release. I think those are the primary areas.

View full review »
it_user349326 - PeerSpot reviewer
Senior Staff IT Engineer, Identity and Access Management at a comms service provider with 10,001+ employees

Better support. It would be great if they could move to the AWS model where we could open up a chat with the support person immediately instead of opening up a case. We’d love to see them implement screen sharing to expedite the support process.

View full review »
SH
Software Engineering Consultant at a retailer with 10,001+ employees

I've talked to them about this: I'd like to see a rework of the user directory configuration. In Single Sign On, whenever you set up a new user directory, there is a pretty specific number of hoops that you have to jump through in order to maximize throughput between Single Sign On and a user directory. A lot of those aren't documented, so the only way you typically get that information is by engaging CA support, which, if you don't think you need to do that beforehand, you're going to have an unpleasant surprise when you cut over. 

So, either reworking the user directory configuration would be great, to make some of those hoops that you have to jump through unnecessary, or redundant. Or, failing that, reworking the documentation for setting up the user directory, explaining the rationale behind why you have to do the things you do. Because, if it were documented, at least then you'd be able to set it up effectively without incurring downtime, as you find out how to do it the right way.

View full review »
it_user382632 - PeerSpot reviewer
Cyber Systems Engineer with 10,001+ employees

We've been looking for a tool that can help us do a better job of monitoring and of helping our users. Unfortunately, SSO doesn't really allow us to do that. We have to basically do it through brute force.

We've recently purchased a product called IdentityLogix which is going to help us do it. We looked at IdentityLogix for two-and-a-half years and we recently purchased a license from them. We'll be setting that up in the next couple of months. It should also allow us to see some analytical information that we're not able to see right now without doing, like I said earlier, brute force.

Currently, management wants to see how many authentications we have daily and monthly. And in order to do that, we have to write our own scripts based on certain logs, and that's not something I really want to do. If SSO could do that for me, that would really help me do my job better.

View full review »
it_user275949 - PeerSpot reviewer
Manager, Information Security and Cyber Defense at a tech services company with 10,001+ employees

We’d like them to go back to the C version of the admin console. It was much smoother than the web-based version. Everything else is pretty good.

View full review »
it_user558078 - PeerSpot reviewer
Information Security Consultant at a aerospace/defense firm with 1,001-5,000 employees

Some of the features need to be improved. For example, the Federation feature. CA SSO is getting into that space and can definitely do better than the other products that are available.

It doesn't have a lot of features. I think there is some customization that's required on the CA Federation side if it has to get attributes from a different source. If an authentication has to happen in one source and then get attributes from some other source, then there's a requirement to do some custom coding work.

View full review »
it_user346686 - PeerSpot reviewer
IT Security Manager at a financial services firm with 1,001-5,000 employees

With CA Identity Manager, the integration support with other technologies is still not mature enough. CA IDM still has a lot of moving components. Oracle and SailPoint solutions are much simpler and robust, although we are using CA because we have licenses despite it needing to be simplified.

View full review »
it_user353934 - PeerSpot reviewer
Identity and Access Management Specialist at a healthcare company with 10,001+ employees

Upgrades is the biggest area for improvement. It really struggles with the upgrade process. We tell CA this pretty often.

View full review »
it_user778935 - PeerSpot reviewer
Security Architect at Raymond James Financial, Inc.

I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.

View full review »
it_user778626 - PeerSpot reviewer
Senior Software Analyst at NRG Energy

We would like to the OAuth be more stable, more issues being fixed rather than not.

We're pretty happy, but there are some scenarios with the new stuff, like OAuth - where authentication happens from Google, Amazon - in which they're still lagging right now. They're developing it, but we have been using SSO for a long time and Oauth capability was not there, and it recently started this year. So we had a little bit of a question, "Should we still use this product or we should go to another product?" That was the one concern.

View full review »
it_user558558 - PeerSpot reviewer
SiteMinder Architect at a consumer goods company with 1,001-5,000 employees

We would like to see more information on the analytical piece of it. There are certain other components which are integrating, advanced integration, that might add value to it. We would like to see the CA SiteMinder by itself provide threat analytics, depending on behavioral authentication and so on, without having to add an extra piece to it.

View full review »
it_user558498 - PeerSpot reviewer
Assistant Director of Application Administration with 1,001-5,000 employees

One thing that we found a little difficult, was the default functionality to understand error messages coming back from a directory. You had to either use an add-on product or an advanced password service or perhaps change components within your directory, just to understand a simple message whether if a password has been expired or if it was incorrect.

Since then we have bought an additional SM Walker product, which is a third-party solution to resolve this issue. However, it would be nice if that aspect of the solution was a default functionality, within this tool itself and not something that you had to purchase as an add-on feature.

View full review »
it_user349428 - PeerSpot reviewer
Software Engineer at a healthcare company with 1,001-5,000 employees

The documentation is not good enough, particularly the installation documentation could be improved. Some things are left open to interpretation and others are simply not documented at all. CA will take liberties and make assumptions that your system is a certain way, and so the documentation is based on that.

View full review »
NJ
Assistant General Manager at a computer software company with 10,001+ employees

Since we're in the early stages of examining the solution, it's hard to predict what might be lacking.

We're currently unable to find information about if the solution can do a full implementation with SQL. Some better and more accessible documentation for new users or those curious about the product would be helpful.

We want to implement a simple application. Currently, from what we're finding, we're not sure if it would work the way we need it to.

View full review »
it_user778593 - PeerSpot reviewer
Manager with 10,001+ employees

I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.

Also, easier integration with third-party partners to OpenID Connect because username/passwords are a thing of the past. People are going to be using facial recognition. Apple has gone that way. There are other companies like Daon that are doing this. CA SSO will be left behind if they don't have it yet. There's some innovation being done, but it's not there.

Improvement is being made all the time. I just came out of a session here at the CA World conference where they showed how you set up Federation partners is being improved, through more APIs. Making life easier for the engineer is always important because we are lazy in general. So improvements are being made in that space. There's more to be done, like how to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.

View full review »
it_user392583 - PeerSpot reviewer
Sr Manager at a comms service provider with 10,001+ employees

As we are moving in to the mobility space, this is where we really see SiteMinder and their other product really come together to provide a solution base to a different area where the IoT is coming, the different business communications are happening. All of those things require authentication and we really want to see this product grow into that role.

View full review »
it_user372639 - PeerSpot reviewer
Director IT with 1,001-5,000 employees

Overall I'd say we're very satisfied with the product but yes, we had outages and performance issues but again I think based on the load and then how we're increasing our applications which are integrating into the solution. We have to do the technical and architecture review time to time to increase our capacity. CA has helped us with the architecture review and with the suggestions to take on the load. Definitely we need to add more servers, more capacity and also we need to go through the architecture review process there.

I'd say the speed to upgrade because I think I heard in the conference that they are trying to go with agile, getting new features in like period of months, a couple of months. That makes it very important for product management team to make it simple to upgrade. That's one of the biggest feature I'd suggest I'd like to see that if they can make the upgrade process simple. Overall I'd valuate it around 7.5 to 8. Definitely even when we select the vendors the product has to be best in the breed in the market.

View full review »
it_user778665 - PeerSpot reviewer
Design Engineer 5 at a financial services firm with 10,001+ employees

Better documentation. I went through some sessions on single sign-on for version 12.7. Whatever features we are looking for from a REST API perspective, they will be there. So far, it is good. We have to implement it, and figure out what is good or bad about it.

There are a few other competitors which are taking up advantage over the segment being more agentless. SiteMinder is more driven with agent-based authentication, but the others are going with being more agentless. So, we have to go into the more next gen technology, where other vendors are going into, and that is where SiteMinder is lagging behind. The speed at which they are bringing up these features, it is very slow. 

View full review »
it_user383802 - PeerSpot reviewer
Security Engineer at a aerospace/defense firm with 10,001+ employees

It seems that when there's a new version, patch, or service pack, we find bugs. There have been times where we've had to revert versions because of bugs. It has gotten better, however, and we used to have a lot more issues. There is still a lot of room for improvement in this area.

View full review »
it_user345507 - PeerSpot reviewer
Program Manager at LS3 Technologies, Inc.

I can't think of any additional features I'd like to see, as it does everything we need.

View full review »
it_user344034 - PeerSpot reviewer
Director of Security at a tech company with 10,001+ employees

There is a considerable improvement in the product from previous versions, but a few items we feel need a little attention are the web agent installation process and steps – as it behaves differently on the same OS.

Improvements are also needed in the password policy template customization and it's missing the required documentation to do it.

The knowledge base needs to be enhanced as there are very limited resources on the web while debugging issues.

View full review »
it_user778860 - PeerSpot reviewer
Security Engineer at a financial services firm with 10,001+ employees

I would prefer to see their SAML integration be a more streamlined and easier interface, more like PingFederate's interface. Their product works just as well for that use case, but we do not use it, because it is a much larger learning curve to get it running.

View full review »
it_user572877 - PeerSpot reviewer
Consulting Systems Engineer at a wholesaler/distributor with 10,001+ employees
  • I would like to have a really simple interface; a more modernesque, cloud-based interface, with dynamic real-time information on the various configurations or object configuration points that associate with the applications.
  • Ease-of-use
  • Smarter error messages
View full review »
it_user558435 - PeerSpot reviewer
Security Architect at a financial services firm with 10,001+ employees

I think our questions, from me and our team, relate potentially to other products in the CA portfolio. There are other things such as strong authentication, risk-based authentication, and especially API management, which all represent a portfolio that could be integrated. Our interest is knowing the roadmap for making those part of a more seamless offering. If you like, it's the aggregation of the features of all those products, and how they come together.

View full review »
it_user558408 - PeerSpot reviewer
Senior Architect at a aerospace/defense firm with 1,001-5,000 employees

The admin UI needs to be more stable. They should bundle more of the products and get rid of a lot of the small pieces which we need to configure on the top of the initial setup. Examples of this are the SM Console and the registry.

It should be easier to implement and deploy; and it should support more platforms, such as more operating systems.

View full review »
it_user558636 - PeerSpot reviewer
Director of Project Management at a local government with 1,001-5,000 employees

I'm not sure that it needs to do any more than it already does. I think as a solution, SSO works pretty well out of the box today. Out-of-the-box integration with other products would be an improvement, like the API Gateway; how we use the SSO in the Cloud organization and Sandbox; those kind of things. I think that's solved in this kind of integrated solution. But it would be if that was supported out-of-the-box.

But I think it's good. We're not in any major problems right now, so things are good.

View full review »
it_user350634 - PeerSpot reviewer
IT Architect at a healthcare company with 10,001+ employees

One big problem we have is keeping track of the various patches and bug-fix releases. They come out for different platforms (Windows, Linux, etc.) and it’s complex. It’s tough to keep up with all the releases and bugs that get fixed.

View full review »
it_user349443 - PeerSpot reviewer
Information Security Analyst at a financial services firm with 1,001-5,000 employees

It’s never been an out-of-box solution except for IIS, which installs web servers for you. Basically, you do a bit of configuration, and the client on the other end is heavier use. That’s the beauty of SiteMinder -- you can do anything with it.

It’s really difficult to initially configure, but once you know where the traps are, it’s not a big deal. It’s done everything we’ve needed it to do.

It could use better air handling -- if your policy doesn’t work, you just get some dots instead of real information without looking at the logs. It would be nice to find the info without hunting in the logs.

View full review »
it_user348420 - PeerSpot reviewer
Security Engineer II at a tech services company with 10,001+ employees

I would say advanced authentication, but they have another product for that. SSO could be merged with automatic authentication, so if I want to use those services I could depending on our requirements, rather than having two different products installed.

View full review »
it_user558639 - PeerSpot reviewer
Senior Member Technical Staff at a comms service provider with 10,001+ employees

We are definitely looking forward to versions 12.6 and higher because they are based on a 64-bit framework. We are looking forward to leveraging this to get better performance out of the product.

View full review »
it_user351696 - PeerSpot reviewer
Software Development Manager at a comms service provider with 1,001-5,000 employees

A more modern management interface would be nice. The existing interface feels like it's about 10 years old.

View full review »
UA
Sr. Manager at Duroob Technology

I think the future release is, if you ask me, I think they have done a lot in the new release, especially the front end. The front end was not as good. CA did a good job in doing it, especially when I look at the new identity suite. They have done a good job in changing the overall look and feel. This is actually what the customer was looking for. The look and feel was not good in the earlier product. It's a journey, so we just completed one of the requirements for the customer.

CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together. If an enterprise customer has all of these three or four modules for security, he will get consolidated reporting.

A problem we had with the customer was, at the moment, we were asked, “Are you able to integrate these products together?” Were we able to get the requirement done for the customer, as a business requirement? The reporting side we were unable to do it out-of-the-box. If CA consolidates the reporting for all three together, it may be easier. I'm not sure, but it may be easier.

View full review »
it_user558246 - PeerSpot reviewer
Senior Technical Lead at Exelon

I would like to see more usability; more customer usability.

View full review »
it_user558159 - PeerSpot reviewer
Senior Security Analyst at a financial services firm with 5,001-10,000 employees

I really can't answer this right now. We have so many other products that serve our needs. There are other vendors that satisfy some of our requirements, so I'm not exactly sure what CA would be able to provide us with.

View full review »
it_user572931 - PeerSpot reviewer
Service Delivery Manager at a tech services company with 10,001+ employees

I've seen a lot of analytics capability being built in for a number of products. Obviously, I want to be able to use analytics on CA SSO as well.

View full review »
AJ
Middleware System Engineer at a insurance company with 11-50 employees

Some of the new protocols, like OAuth 2.0, could be improved.

It would be nice to see a better cloud-based solution that's both easy and accessible for all organizations.

View full review »
AS
Systems-Engineer at a tech services company with 10,001+ employees
  • The GUIs are not very clear, especially when integrating with other products from CA. 
  • Like CA IDM, there can be challenges. One needs to know that they have great hands-on on their app servers to understand the logic and deploy it accordingly.
  • There were challenges with version compatibility, and this is something that I did not like. This all happened during the second phase while trying out various integrations.
View full review »
it_user778881 - PeerSpot reviewer
Director at a logistics company with 1,001-5,000 employees

Answering this would require me to know what the current platform does or doesn't do, and I'm afraid I'm not a good enough judge to make that evaluation. I might say something and it's already there, and I just don't know about it.

I will say the user interface for login is kind of plain. They could make it a little prettier. The site is a big, blue screen, with "SiteMinder," and that's pretty much it.

View full review »
it_user558573 - PeerSpot reviewer
Technical Lead at a hospitality company with 1,001-5,000 employees

There is a need to introduce more templates in the UI side and this would help design this aspect better. As of now, there are only a few samples available.

There is scope for improvement in this product.

View full review »
it_user351534 - PeerSpot reviewer
Technical Lead - Security Services Group at a financial services firm with 1,001-5,000 employees

We're really interested in the containerized version of CA SSO where the product will be delivered as a container image rather than the traditional binary.

We'd also like to see a more streamlined implementation update process.

Also, I think they need to improve their support a little bit better especially with experienced customers who are very knowledgeable in product. It's difficult when working on level higher than support.

View full review »
it_user58431 - PeerSpot reviewer
Delivery Manager - Technology - Identity and Access Management at a financial services firm with 1,001-5,000 employees

Upgrade planning is extensive and costly and involves a lot of applications, so we’d like to see that improved. Also, the policy export/import could be easier for when we go between environments and when we export/import into our production environment.

There are some security risks that we’re evaluating with a current version of the product that might require an upgrade. From an upgrade standpoint, it’s challenging – not a simple, agile type upgrade. It’s a major upgrade that affects a lot of our applications.

View full review »
it_user346296 - PeerSpot reviewer
Lead Technical Architect with 1,001-5,000 employees

I'd like to see less issues when we implement new customizations or technologies. Being able to customize is something we'd like to do, but it needs improvement to allow that to happen without issue.

View full review »
it_user778932 - PeerSpot reviewer
Technology Director at a financial services firm with 10,001+ employees

Better monitoring. A better way to debug a problem. When there is a problem with it, it should log enough information for CA to know what is the problem, like a better debugging tool. 

It needs better debugging and support.

View full review »
it_user440760 - PeerSpot reviewer
Manager, Operations at a tech services company with 1,001-5,000 employees

The upgrade/migration process can be simplified further.

If the reporting feature can be integrated into SSO itself that will be an icing on the cake.

View full review »
it_user558633 - PeerSpot reviewer
Design Engineer at a financial services firm with 1,001-5,000 employees

We are looking forward to implementing the uptime automation that was mentioned in the roadmap. We will go with the upgraded tool.

Once CA has finalized the cases that we have brought to them, it will be a better product to use.

View full review »
it_user558531 - PeerSpot reviewer
Security Compliance Specialist at a financial services firm with 1,001-5,000 employees

Like I said, it's pretty flexible. I mean it's met every one of our needs so far. We're currently looking to find ways of using the same authentication, which we've never actually used in it yet.

We're working with other companies now to provide federated authentication, both in and out. I will have to try that before I can say whether or not it's going to work. If it doesn't work, I think that's something we will have to explore with CA to find third-party alternatives, or something else in the future for enhancements.

View full review »
it_user354783 - PeerSpot reviewer
Sr. IT Security Architect at a healthcare company with 1,001-5,000 employees

Identity Manager and GovernanceMinder should integrate better. Right now, they have started integrating it, but it would be helpful it were fully integrated with the other security products.

View full review »
it_user353421 - PeerSpot reviewer
IT Analyst at a retailer with 1,001-5,000 employees

Probably the biggest thing that SiteMinder needs is a refreshed UI for administrators. Because it's transparent to users and clients there's, not much in terms of improvement there other than additional features that they can concoct. But as an administrator, the UI can definitely use refreshing. There's ways to get to the same result with less clicks, and even with their new refreshed UI lately, it's still basically the same thing, so I don't see any improvement there.

View full review »
it_user304782 - PeerSpot reviewer
Middleware specialist at a insurance company with 10,001+ employees

It's difficult to configure, and has a very old and challenging user interface.

View full review »
MN
Cyber Security Specialist at a manufacturing company with 11-50 employees

To add more value to this solution it needs to be more user-friendly. This is what is really needed in the next release of this product.

View full review »
it_user778521 - PeerSpot reviewer
Site Minder Admin at a construction company with 501-1,000 employees

We're working on a mobile API gateway. I am really interested to learn more about that.

View full review »
it_user353775 - PeerSpot reviewer
Senior IT Architect with 1,001-5,000 employees

We'd like to see a new feature to support an openID connection portal. We'd also like for CA to be faster at shipping out new technical environments, such as OSs. They should do an operating system like RHEL, where Red Hat is on top the newest version of Linux. Today, they're slow to support new technology.

View full review »
SA
IT Security Consultant at Duroob Technology

Maybe they could improve on the Federation part, and Federation with the apps. Not only for the websites, but with the apps also.

View full review »
it_user354801 - PeerSpot reviewer
Infrastructure Manager at a government with 1,001-5,000 employees

I do not think there is anything to improve. It is a pretty complete product.

View full review »
it_user348447 - PeerSpot reviewer
IT Security Analyst at a financial services firm with 1,001-5,000 employees

I'd like to see authentication using biometrics. This would be a nice addition.

View full review »
it_user351468 - PeerSpot reviewer
Security Analyst at a insurance company with 1,001-5,000 employees

The initial setup was kind of cumbersome as the instructions were not great. They should really improve this.

View full review »
Buyer's Guide
Symantec Siteminder
March 2024
Learn what your peers think about Symantec Siteminder. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.