What is most valuable?
The benefits are that it allows us to have real-time risk analysis on authentication traffic, so we can determine whether or not it's suspicious. How suspicious is it? If it's suspicious, we can enable step-up authentication and challenge for some additional credentials, or we can block the authentication attempt completely.
If it's a known good customer, we can actually remove the friction of authentication, or even automatically authenticate them without challenging their credentials. That aspect has been working well, even at the expense of causing some latency for authentication for everybody else because of the amount of traffic we're getting.
How has it helped my organization?
It gives us the ability to deny authentications for known malicious traffic. We have a webmail platform that people are constantly trying to hack into. Mostly, a large number of it comes from known bad IP addresses or unknown foreign countries which you can determine are bad or blacklisted. We can do that on the fly.
What do I think about the scalability of the solution?
Make sure you scale for at least five times your actual load. We're having issues getting it to scale as well as SiteMinder.
What other advice do I have?
It works when you really need it to work, such as when you've got a denial-of-service attack, or some other attack when you need to be able to intelligently differentiate good traffic from bad traffic. That's when you start having performance issues that start to affect the ability of legitimate customers being able to authenticate. So make sure you really plan out your back-end databases accordingly.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jun 30 2017