The client has a biometric identification module. We integrated that with the CA Single Sign On for new user registration, and it works perfectly fine for us.
It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password.
Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.
The Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.
Maybe they could improve on the Federation part, and Federation with the apps. Not only for the websites, but with the apps also.
It's a very stable product.
Once we experienced a crash, the main policy engine of Single Sign On crashed, but CA gave us a fix for that.
Scalability-wise it's good. It's built into the product.
The support could improve in its response times, and in the understanding of the customers' problems.
It was complex. The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.
When we're looking to select a vendor for a product, what's most important for a client like ours is the security; the product should be really secure. The next most important is the stability.
I rate it an eight out of 10 because, once we implemented it and the Federation part was working fine, we haven't faced any problems, except for that one instance where the policy was crashing.
I would definitely suggest going for CA Single Sign On.
There is not doubt CA site minder /SSO is one a stable product, CA had done this aquisition in 2003. Out of few stable SSO solution . I must put CA on the top. Its easy to customize , reliable & super & secure transactions. CA combine SSO & Fedration to simplifize their licensing. We recently implemented a SSO solution to one of complex env where we had enabled SSO for 10 application and we will contiune. So far no complains . Solution running amazingly .