Most Helpful Review
You can quickly deploy the entire product with a basic config. However, the GUIs are not very clear.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer?
I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed.
You can quickly deploy the entire product with a basic config within couple of hours.
It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.
The most valuable feature is the Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.
Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways.
The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that.
If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.
Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too.
The stability has been rock solid. A couple of years ago, they were breached. However, if you had two-factor authentication enabled, it didn't affect you. We did, so it has been good.
This product helps keep us secure.
Tech support has been good. We haven't needed it much, because it is not a complex application. There is not that much you have to do with it.
The shared folders is an important feature. It's the primary feature we use. Also, the ability for LastPass to autofill and hide the passwords, so we don't have to keep changing passwords every time a person leaves, is valuable.
Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do.
Reduction in number of sensitive passwords stored insecurely on local systems.
Increased security around password management for teams and collaborative efforts with external vendors.
CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together.
The GUIs are not very clear, especially when integrating with other products from CA.
The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.
I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.
They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.
The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid.
I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.
The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur.
One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself.
It is not super feature laden. It does not stand out versus the competition.
The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass.
We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine.
The ability to set up an account expiration limit/date would be very useful.
Our biggest issue over the years was around the stability of the LDAP sync to AD.
The management through the plugin is poor. It consumes tons of client resources especially as an administrator.
Pricing and Cost Advice
CA solutions are generally expensive but for the customer the ROI is big.
I recommend conducting a PoC on every available product before choose one.
The price is quite comparable to the other enterprise-level solutions in that market.
I have been involved with many password managers. Passportal, Secret Server, CyberArk, and BeyondTrust. I chose LastPass for our organization because of the pricing. The organization didn't want to implement something really expensive. LastPass, for what it's offering, for the price that it's offering the service, is unbeatable.
It would be nice to do a quarterly true-up process with them versus having to buy 50 licenses at a time when we realize we're out, then we have to buy more. So far, they have been nice about letting us exceed our allotment and just letting us true-up on our own, but a more robust quarterly true-up process would be good.
The pricing and licensing are okay. Basically, at the last contract negotiation, they attempted to jack the rate up and we just said, "No." We still did negotiations with them, but they bumped everything up quite a bit.
The previous pricing was of good value. I don't really know, as of now, whether the new pricing is. The Enterprise license is $48 per license per year now. That is a steep increase of $24, which is what it was when we first signed up.
You do not have to purchase licenses for your entire organization. You can scale as adoption grows.
If you import from sources like XML, keepass, CSV files be sure to clean the import files, this reduces the adjustments in the slow tool itself.
out of 30 in Single Sign-On (SSO)
out of 30 in Single Sign-On (SSO)
Compared 60% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 18% of the time.
Compared 17% of the time.
Compared 11% of the time.
Also Known As
|Single Sign-On, SiteMinder|
CA Single Sign-On provides secure single sign-on and flexible access management to applications and Web services on-premise, in the cloud, from a mobile device or a partner’s site. For over a decade, CA Single Sign-On has been a leader in enterprise-class secure Web single sign-on and identity federation, providing a comprehensive solution that addresses access to applications and cloud services. CA Single Sign-On delivers unparalleled reliability, availability, scalability and manageability.
LastPass Enterprise is a complete login solution, designed for security. It secures your business and centralizes control of employee passwords and applications with Single Sign-On, a one-click access to every site and tool. LastPass Enterprise provides password management, directory integration which synchronizes users with Active Directory, LDAP and custom APIs. It also provides access to shared accounts, for users inside and outside the organization without losing accountability.
Learn more about CA SSO
Start your free 14-day Enterprise trial.
|British Telecom, CoreBlox, DBS, HMS, Itera ASA and Simeo||Hootsuite, Truenorthlogic, Zirtual, CashStar, GoodData, Mainstream Technologies|
Financial Services Firm43%
Comms Service Provider9%
Financial Services Firm18%
No Data Available