Most Helpful Review
You can quickly deploy the entire product with a basic config. However, the GUIs are not very clear.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer?
I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed.
You can quickly deploy the entire product with a basic config within couple of hours.
It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.
The most valuable feature is the Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.
Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways.
The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that.
If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.
It keeps track of users and their IPs no matter where they are in the network. When users roam, we don't have to worry about not mapping them to an IP.
Valuable features include the robust SSO features, when you have more complicated authentication within an organization. We can mix AD, Radius, Portal, SSO Portals (Google, etc.), and build our own environment. It is very flexible.
Fulfilled our requirement at a good price.
Enables easy integration, allowing for 2FA with our VPN.
Features the addition and removal of access as needed for the VPN.
It integrates very tightly with the rest of the Fortinet ecosystem.
CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together.
The GUIs are not very clear, especially when integrating with other products from CA.
The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.
I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.
They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.
The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid.
I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.
The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur.
The GUI is on the older side but I'm sure that it will be upgraded soon. It works, but it looks a little dated.
Integration with FortiGate could be more fluid.
A better integration with other vendors.
Pricing and Cost Advice
CA solutions are generally expensive but for the customer the ROI is big.
I recommend conducting a PoC on every available product before choose one.
The price is quite comparable to the other enterprise-level solutions in that market.
I would start off with a VM including the base license and scale according to the number of users you need to authenticate.
out of 30 in Single Sign-On (SSO)
out of 30 in Single Sign-On (SSO)
Compared 60% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 44% of the time.
Compared 14% of the time.
Compared 7% of the time.
Also Known As
|Single Sign-On, SiteMinder|
CA Single Sign-On provides secure single sign-on and flexible access management to applications and Web services on-premise, in the cloud, from a mobile device or a partner’s site. For over a decade, CA Single Sign-On has been a leader in enterprise-class secure Web single sign-on and identity federation, providing a comprehensive solution that addresses access to applications and cloud services. CA Single Sign-On delivers unparalleled reliability, availability, scalability and manageability.
FortiAuthenticator user identity management appliances strengthen enterprise security by simplifying and centralizing the management and storage of user identity information.
Learn more about CA SSO
Learn more about FortiAuthenticator
|British Telecom, CoreBlox, DBS, HMS, Itera ASA and Simeo||Black Gold Regional Schools, Amadeus Hospitality, Jefferson County, Chunghwa Telecom, City of Boroondara, Dimension Data|
Financial Services Firm43%
Comms Service Provider9%
Financial Services Firm18%
No Data Available