We just raised a $30M Series A: Read our story

Symantec Advanced Authentication OverviewUNIXBusinessApplication

What is Symantec Advanced Authentication?

CA Advanced Authentication provides a secure, user-convenient and cost-effective way to protect online and mobile applications. The solution consists of two components:  CA Risk Authentication allows the enterprise to silently and transparently collect data and assess risk based on device identification, location and user behavior, among other factors, and CA Strong Authentication provides a wide variety of software-based, two-factor authentication credentials and technology to make passwords more secure.  Together they enable an intelligent, layered security approach to protect user identities and organizational data.

Take the assessment


Symantec Advanced Authentication was previously known as CA Advanced Authentication, CA Strong Authentication, CA Risk Authentication, Arcot WebFort, Arcot RiskFort.

Buyer's Guide

Download the Authentication Systems Buyer's Guide including reviews and more. Updated: November 2021

Symantec Advanced Authentication Customers

Global bank, Large Filipino Bank and SK Infosec

Symantec Advanced Authentication Video

Archived Symantec Advanced Authentication Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
it_user778929
Senior Program Analyst at a logistics company with 10,001+ employees
Vendor
We use it for PIN creation and PIN verification, has helped increase our revenue

Pros and Cons

  • "Rules on Risk Authentication are very good."
  • "Advanced Authentication talks about the Device ID. But how the device ID is captured, I want to know more about that."

What is our primary use case?

Right now we are using it only for PIN creation and PIN verification.

It has been pretty good, but there have been a few things that need to be taken away. CA has to know about them.

What is most valuable?

Rules on Risk Authentication are very good.

How has it helped my organization?

It actually increases our revenue and the customer base.

What needs improvement?

They definitely need to automate a few processes like the Wiley process. Even though Wiley is part of the CA group, it is not present in CA Advanced Authentication. I want that to be integrated, and not have to implement Wiley in-house during implementation.

Regarding database, they don't support some of the systems like ours. We had to get a workaround implementation for that. The CA consultant definitely helped us with that but still, we had to face a few issues while integrating it with FedEx.

Advanced Authentication talks about the Device ID. But how the device ID is captured, I want to know more about that. 

What do I think about the stability of the solution?

Stability is pretty strong.

What do I think about the scalability of the solution?

Scalability is pretty strong.

Which solution did I use previously and why did I switch?

We were not previously using another solution. We went with CA because of customer demand.

How was the initial setup?

Straightforward.

Which other solutions did I evaluate?

None.

What other advice do I have?

For this type of product it has to be able to handle a sufficient customer base. You have to take the traffic load into consideration, will it take the capacity.

I give it an eight out of 10 because we had a few glitches during the database connections, during installation, so I was not happy with it.

Check that it can handle your database first, before you get into the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user346296
Lead Technical Architect with 1,001-5,000 employees
Vendor
Our users can have access to applications securely through various devices, though it is pretty buggy

Pros and Cons

  • "It tells us exactly what we want in terms of authentication to various applications and provides protection for users who access them."
  • "We have seen quite a few issues with bugginess. It is indeed pretty buggy and we have had to install some fixes."

What is most valuable?

It tells us exactly what we want in terms of authentication to various applications and provides protection for users who access them. Our users can have access to applications securely through various devices.

How has it helped my organization?

It adds a strong layer of security for the multi-factor authentication. Rather than just the one factor with your password, it gives you a one-time password and adds an extra layer of security with encryption. 

What needs improvement?

We have seen quite a few issues with bugginess. It is indeed pretty buggy and we have had to install some fixes.

What was my experience with deployment of the solution?

We did not have any issues with deploying it.

What do I think about the stability of the solution?

Stability is indeed an issue with all the bugs we have experienced. We have installed some fixes, but it is still not 100% stable.

What do I think about the scalability of the solution?

We have had no issues scaling it.

How was the initial setup?

I was not involved in the setup.

What other advice do I have?

It is quite buggy, so I would be careful with the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Find out what your peers are saying about Broadcom, RSA, OneSpan and others in Authentication Systems. Updated: November 2021.
554,586 professionals have used our research since 2012.
it_user467721
Director - Transformation Programs and Architecture at a comms service provider with 10,001+ employees
Real User
Software requiring administrative rights does not need to be deployed on end-user computers.

What is most valuable?

Ease of deployment: no need to keep up with physical devices for multi-factor authentication; no software to deploy on end-user computers requiring administrative rights.

The delivery of multi-factor authentication using a SaaS model keeps us from having to keep our servers/infrastructure updated. It also helped us roll out the service much faster than building it out ourselves.

How has it helped my organization?

My team migrated away from RSA SecurID hard tokens to the digital certificate-based authentication.

What needs improvement?

It would be nice to have some level of integration with a separate user store (i.e., Active Directory integration) such that the user name would stay the same across identity management platforms. I would like some level of integration with AD to avoid having two separate user stores. We only want one user store to maintain.

For how long have I used the solution?

We deployed it in October 2015; I have used it for approximately one year.

What do I think about the stability of the solution?

I have not encountered any stability issues.

What do I think about the scalability of the solution?

To date, I have not encountered any scalability issues.

How are customer service and technical support?

Technical support is very good. (I give it a 4 out of 5.)

Which solution did I use previously and why did I switch?

RSA SecurID: Our service was coming up to being “end of support” and we decided to switch platforms rather than paying to upgrade our platform.

How was the initial setup?

The support of the user interaction was the only issue. The only issue we had with the initial setup was configuring the certificate-based SAML integration between our SSL VPN service and the CA Advanced Authentication service. There was a minor issue that we were able to resolve in about 30 minutes of troubleshooting.

Other than that, the initial setup went very smooth. Getting users to self-enroll in the service was the next challenge but it was overcome with good communications to the field and the service desk where users would call in trouble tickets.

What's my experience with pricing, setup cost, and licensing?

The initial setup of the tenant is a big cost element of the service and we were doing multiple tenants for our customer. Given that structure, the costs for building additional tenants seemed exorbitant given that the business rules and portal setup work effort was very easy after the initial setup. CA should price additional tenants much less than the first tenant for a single customer.

Which other solutions did I evaluate?

Before choosing this product, we evaluated Gemalto soft token-based, two-factor authentication.

What other advice do I have?

Make sure you understand the up-front costs and the ongoing cost structure. Users are billed when they are built into the portal, so also make sure your users enroll right away.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company uses CA tools internally as well as in a resale model.
it_user558045
Solution Architect at Votorantim bank
Vendor
With the token solution, we can analyze transactions that are declined or blocked.

What is most valuable?

For Votorantim bank, the best feature is the token solution. We can analyze any transaction that is declined or blocked. We can make a decision to release or block the transaction or anything else.

How has it helped my organization?

CA products are the best fit with our backend systems. CA is the best tool for our backend solution. This solution has made the bank more secure.

What needs improvement?

We are looking for something that can fingerprint a check. For example, if you lose your credit card, they can double-check your identity with your fingerprint.

For how long have I used the solution?

We have used this solution for approximately a year and a half.

What do I think about the stability of the solution?

The stability is very good. We never have any stability problems.

What do I think about the scalability of the solution?

The tool’s scalability is good. We can scale down during the operations if we need to.

How was the initial setup?

I was involved in the setup as the solution architect. I did everything on the project to release it to the production environment. It was a complex process because we are talking about a security project. When we talk about this kind of product, it is normal for it to be complex.

Which other solutions did I evaluate?

We looked into other vendors, such as Novell and Oracle. We reviewed IBM, but they did not have the best fit for our backend systems. CA fits better with our backend system.

What other advice do I have?

I would suggest that others first analyze their backend systems very well. Make sure that the backend systems are a good fit with the new product that they are buying.

When selecting a vendor, I look for technical knowledge. This is the first thing that our bank analyzes. The second thing, as always, is the price.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user384225
Engineer at a tech vendor with 1,001-5,000 employees
Video Review
Vendor
We get our value from the risk-evaluation and the additional protections.​

Valuable Features

Aside from the two factor authentication requirements that we have, as far as having access to HIPA protected data, there's also the risk engine that helps us evaluate and answer questions like "When was the last time and location that a person accessed that data?" It's infeasible within time and place, they can't have been in Dallas at 3:00 and then at Florida at 3:30 and say, "Yeah, it's the same person accessing that data."

It will therefore help us respond with "Hey, maybe we need to re-evaluate and see if that's really the same person." We try to make sure that our customers only use one device to access that data, preferably their work device. We don't really want them accessing that from their home PCs and potentially exposing that data to other places. So, we'll use device fingerprinting as well to make sure that we are getting them on just that one device and not letting them proliferate on other devices we wouldn't like.

Improvements to My Organization

It allows us to assure our customers that we are protecting their data. We deal with a lot of other data. They'll have contractual and as well as Federal requirements to protect that. It's just another tool in our toolbox to make sure that happens.

Stability Issues

The solution itself is pretty stable. We are working with the teams to get new functionality to help some of our more recent challenges, different customers and applications that we, developers wanted to use that data different ways. And so, sometimes it becomes a challenge to integrate them into our existing tool set. But, CA has been pretty good about working with us to make sure we have the right resources and expertise to customize our tools if we need to or help us with something new.

Scalability Issues

If we're not using the right product or we need to use something else, they're usually really good about saying, "Hey, well, we have this offering that'll maybe work a little bit better for what you're trying to do." Or for example, if we're doing stuff with your traditional data centers versus doing things in the cloud, sometimes the same methods and parents you would use in one place don't really translate to the other. And if you try to force it, then it doesn't scale well. That's where they would come in and help us with something different.

Customer Service and Technical Support

It's really good. They make sure that if we are having a challenge with a issue that is taking too long for instance, do we need to get more people to understand the problem? Do we need to start having regular work sessions whether it's a WebEx or if you see in real-time what we're seeing, they can better understand what issue we're having so they can address it and get us back to where we need to be.

Initial Setup

Sometimes getting this set up does take a bit longer. It's not always install, next, next, next, finish. We have so many requirements that we're trying to meet again either from Contractual or Federal standpoint that we're not always the easiest to configure for. We have a lot of special cases and we'll present a lot of challenges to them that again they'll help us like, "Well, to do this, you're going to need this, this, this and this." And again, help us get all the right pieces in place wherever they need to be, working the way they need to and deployed.

Other Advice

If you just need basic 2-factor, it fills the bill. Where we get our value is the risk-evaluation and those additional protections.

Make sure you have all your requirements identified and really think about what you're trying to accomplish. A lot of times, we'll have a problem and we'll already have a solution in mind. And, "How do we make this fit this?" Versus "Well, what do we actually need to get done?" And build all that out first. Then talk to your support team like, "Well, here's what we're trying to do." And then maybe get their feedback because sometimes they'll have a different idea of what you should be doing with your portfolio instead of trying to, "Well, I've got this square peg here, and this is kind of roundish but I think I can actually hit it hard enough, I can make it work." They may have something that's a little rounder for you and give you some of the same things that you're trying to look for.


Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user359505
Executive Director, CTO Security - Identity Management Architect at a financial services firm with 10,001+ employees
Vendor
The main benefit is really around the fact that there is a soft token. The cost of having to distribute a hard token isn't there.

Valuable Features

Arcot, for us, is really about multi-factor authentication. We use it on our client's side and, I think, probably the two biggest features of that are from the end-user experience. So, it is basically a token that is stored on the device which represents something you have, but the user actually logs in effectively with a password. They're not really aware that they've got a second factor. So, that's quite nice.

The second distinctive feature is that it has protection against brute force attacks, which means even if you got a hold of the token and you tried to guess passwords or try a brute force circuit, it will always return a value of which you cannot tell whether it is successful at all.

Improvements to My Organization

The main benefit is really around the fact that there is a soft token. The cost of having to distribute a hard token isn't there. Some of our colleagues in other business divisions are issuing cards or some other second-factor device. This gets quite expensive, so being able to issue a soft token, but still having fairly strong security, is a big factor for us.

Room for Improvement

Arcot itself is based on a browser technology. This means that the office ID is effectively stored as a cookie in the browser. One of the things we have seen from our customers is that certain policies dictate that browser caches are cleared, which means cookies get deleted. This then means that some classes of users have to continuously download the office ID and go through the long process. So we would like to see that addressed, where the office ID becomes a bit more persistent or presented in a better way.

Stability Issues

I don't really get involved on the operational side of things; I'm an architect. I would hear of issues. I don't think we have many issues operationally with Arcot. I think it's a very mature product, so I don't think there's issues there.

Scalability Issues

As a technology, it is more of an end-user one as the Arcot ID goes onto the end-user platform. In terms of scalability, there's really not much to say about it. It goes against the backend authentication services. It's built to scale to very large capacity, so we don't have any issues with scalability from Arcot and certainly not on the backend services.

Customer Service and Technical Support

I can't really comment. I don't really engage with them, but I would imagine support is pretty good. Otherwise, we would have issues because if these things can't be fixed or cannot reach support, these are critical banking infrastructure which supports critical banking applications. So if the support isn't there, we would have gotten rid of it a long time ago.

Other Advice

I think one thing I would say would be to make sure you test all of your use cases against Arcot. Make sure you understand the enrollment process, the de-enrollment process, understand how to authenticate use cases, and ensure that it covers everything that you need.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user351606
IT Infrastructure Services at a mining and metals company with 10,001+ employees
Vendor
The cloud implementation with different platforms and software has been great for our clients. Implementation needs to be faster.

Valuable Features

The most valuable feature is that we get a wide range of authentication methods and authentication integrators. Different platforms can get a service authentication with transparency to the final user. With the transparency we also get strong authentication forms and connectors.

We submit our company to SOX compliance, and it helps us with applying controls to for that.

Improvements to My Organization

The cloud implementation with different platforms and software has been great for our clients.

Room for Improvement

It needs faster implementation on the cloud for our customers.

Customer Service and Technical Support

We have a very old and very big legacy system to control. Technical support has been able to help us with hit.

Initial Setup

Initial setup was medium-to-high complexity because everyone -- process, business, technical, application people -- needed to be involved. We needed to set many standards and be advised by many committees to make the setup a success.

Implementation Team

We used CA as part of the planning and delivery.

Other Solutions Considered

No, because this is a very specialized solution for which there aren't many other vendors.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Authentication Systems
Buyer's Guide
Download our free Authentication Systems Report and find out what your peers are saying about Broadcom, RSA, OneSpan, and more!
Quick Links