What is most valuable?
I would say the most valuable feature is provisioning where we are able to provide user access to all the resources they need in a uniform way that we can audit. We don't need to spend a month going to every individual server, every individual database granting user access. We can do it from one central place.
For SiteMinder, is the ability to bring applications under its protection very quickly and ability to partner with other companies through Federation and SAML using open standards to do authentication. We are able to partner with other vendors much more quickly no because before we had to do our home grown authentication things and they had to adapt to our non-standard way of doing things. Now, we have open standards. We publish a document to them with our SAML configuration, the documents we are going to be sending them and they code to it. We get on board very, very quickly.
How has it helped my organization?
For one, you don't have to remember a thousand passwords. You just remember one. You go to a dashboard and then you'll be given access to the environments you need. Two, there is more security because the passwords that it generates are very, very large. They change very often. It's not something that can easily be guessed and your infrastructure is more protected this way.
What needs improvement?
Something to help us migrate our code between environments from QA to UA to production in an easier way. That would probably be the big one.
What do I think about the stability of the solution?
They seem very, very stable. Ever since we put them in place we didn't have to do much in terms of bug fixes. They just work out of the gate. Part of the reason we had that is because we couldn't have the point from a single server so there is no fail over, even though the two supports that we have not configured this way yet.
What do I think about the scalability of the solution?
We didn't have to face any scalability challenges yet because we only use it for our members, which are about 40,000 accounts, which is nothing for two of that size. We haven't had any issues, but we haven't had much load.
How are customer service and technical support?
They have been very good to us. We also partnered with Simeio which is a preferred partner for them. They have been working very, very closely with us. They have been very responsive in communication. They have developed patches for us whenever we needed them.
Which solution did I use previously and why did I switch?
We did use previous solutions. We used a very old Oracle SSO, Oracle OID, and Oracle IDAS, all of which were unsupported by the time we went to upgrade.
How was the initial setup?
It was straightforward on the SiteMinder side. On the Identity Manager side, it was a little more complex because we had to maintain a certain legacy items. We have some authorization settings stored in databases that we need hook Identity Manager to and have it manage those. We had to create some custom code to do that. It wasn't too difficult.
Which other solutions did I evaluate?
We are looking at another tool from CA Advanced Authentication for our guest site, which is then millions of users. So far, we are still in QA, but it seems that it will scale just fine.
What other advice do I have?
We rely on word of mouth. We try to see if anybody has experience with working with this vendor. We're looking, not just for a vendor or a partner, we're looking for somebody who could be open, who can truly collaborate with us where we can exchange information freely and have both parties benefit.
We really do not like having this vendor relationship where you throw something over the fence and you have this contract that tries to encompass everything. We want to have somebody that, even though our contract is limited to something, if it's something that either party is obviously responsible for, we can do it and we don't argue over little things.
I would say go for it. You won't regret it. I think they're a very good products, very mature products. SiteMinder is synonymous with single sign-on. Identity Manager - it's a great tool.