CA Risk Authentication Review

We have seen a reduction in malicious attacks by at least 75%, and we've only implemented a few rules so far. But, SiteMinder authentication at times impacts performance when it's not supposed to.

Valuable Features:

The most valuable features for us are the the behavioral analysis and functionality. Because RiskMinder is integrated with SiteMinder, it allows us to be able to protect the customer's identity and then react to events based on rules and rule-sets.

Improvements to My Organization:

It operates automatically so long as you've built in the rules. It takes out a lot of the manual work. It will take the criteria you've set and the default rules and automatically reacts based on those. This comes in really handy when there are malicious attacks.

We leverage it for our customer base, which is very difficult to do for all CA products generally because CA is enterprise-focused. We've been able to customize a lot in order to make it work for us. I'm on the Customer Advisory Board for Security within CA, and as far as I know, I'm the only one on the board who's handling it from a customer perspective.
With RiskMinder, we have seen a reduction in malicious attacks by at least 75%, and we've only implemented a few rules so far. So that's a really, really big win.

Stability Issues:

During the authentication process in SiteMinder, you're not supposed to be able to notice any impact from RiskMinder. So we have it integrated in the backend. At authentication, we do a device fingerprint and collect other data. And then based on that, we determine your risk and whether we let you continue or not. But one of the things that we noticed is that it does at times impact performance when it's not supposed to.

Scalability Issues:

Scalability is not a problem at all. From a capacity management perspective we've had no issues scaling.

Previous Solutions:

I was actually the champion behind getting RiskMinder put in. What kind of pushed it over the edge was multiple DDoS attacks taking my platform down, over and over and over again. So that was about like five years ago. We started looking at different options because what was different in our space from the network and the security standpoint, you couldn't do anything about that traffic. It was at an application layer and within an identity perspective, so we needed it to protect our customers from that side. Botnet attacks were sending a whole bunch of authentication attempts for different identities. And they were sending so many through at the time it ended up taking my platform down, and authentications and authorizations stopped working for all of our web applications and third-party providers.

Initial Setup:

It was not easy. It took us a full year to implement it. Setting up RiskMinder was easy, it was the integration piece that was difficult. It wasn't as straightforward as we thought it was going to be and the architects that were assigned from CA, one of them was like really, really helpful, others not so much. So it was trial-and-error trying to figure out how to implement the two platforms.

Other Solutions Considered:

We evaluated another product. I'm cannot remember the name of it. This was about five years ago, and all it did was the behavioral analytics. It did not act on behaviors. But there wasn't anything else similar to all the functionality that RiskMinder performed for us.

Other Advice:

I would recommend that you ensure that you give yourself enough time to implement it. Take your time, don't try to rush to put it in, and ensure that you have alignment for any of your stakeholders that may be effected by it in one way or the other. Make sure that you gain alignment across the board, it'll make things a lot easier.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment

Sign Up with Email