CA SSO Review

SSO allows us to log in once and use those credentials for multiple web sites.


Valuable Features

Single Sign-On is the number one feature of SiteMinder that we're using. The ability to log in once and use those credentials for multiple web sites is very valuable for us.

Room for Improvement

Upgrades is the biggest area for improvement. It really struggles with the upgrade process. We tell CA this pretty often.

Deployment Issues

We've had no issues with deployment.

Stability Issues

We've had no issues with stability.

Scalability Issues

We have challenges with scalability. We have a environment in which applications during peak enrollment periods can go from 80 users to 8,000 users in a weekend. Scalability is very difficult with SiteMinder. You basically have to roll out new policy servers and so the ability to provision capacity quickly is still a big challenge for us. They talk about it with every presentation. They're containerizing everything and they're doing all the right things, but they could roll them out faster.

Customer Service and Technical Support

We probably open two to three tickets a week. I manage that relationship so I supervise those tickets and escalate them appropriately. The problem is we need the support, but they don't know anything about the product.

One of the challenges is they kind of have a tiered support model where you get your case open to a Tier 1 support engineer, and often times we're using very specific portions of their products that aren't used to. For example, we use some kind of custom implementations of some of the older technologies for which it's difficult to get a resource who actually knows what we're using and how we're using it. The initial engagement with support can often take us two or three days to get the ticket assigned to the person who knows what they're talking about. Like DLWS, which is a distributed log on web service, which wasn't a core part of the product back in the day and it's just not used by a lot of people.

Some of the advanced password services stuff can be a little bit problematic, getting it assigned correctly, that kind of stuff.

Initial Setup

It's complex. Because of the complexity of the application, you're going to need to involve professional services. You're going to need to bring in a lot of outside resources if you've never done it before. It's not an out-of-the-box, point-and-click, now-you-have-SiteMinder situation. It's going to take a lot longer than that and I think the complexity is often hidden. People are going to stumble upon these challenges in their enterprise after they start it.

Other Solutions Considered

Not really. We use Ping, so we have products that do similar kinds of stuff. We used to use Tivoli, so we have some experience with that. Identity Manager's been used in the enterprise before. SiteMinder works a lot better for us just because we have a base of administrators who know how it works, ease of installation, and configuration.

Other Advice

It loses points for the upgrade and for just the lack of ease of management. We've been using it for a long time, so we're comfortable with its weaknesses and we've adjusted our process around those. I think for a new implementation it would be very challenging to bring in SiteMinder.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email