2017-12-08 18:16:00 UTC

CA SiteMinder vs IBM Tivoli Access Manager


I would like to know the pros & cons of CA SiteMinder and IBM Tivoli Access Manager products.

Guest
1111 Answers

author avatar
Vendor

We worked with NetIQ from Micro Focus. One platform to manage all your SSO solutions. Also good option to migrate to the new SSO solution. https://www.netiq.com/solutions/identity-access-management/single-sign-on.html

2017-12-13 12:10:06 UTC
author avatar
Consultant

i use SSO now working where I work and before that at Citi bank but I have never used either of these products.

2017-12-15 14:13:39 UTC
author avatar
Vendor

Both CA SiteMinder and IBM Tivoli are access manager solutions. I am assuming that you are looking for Single Sign-On. There are other Access Manager based SSO solutions also available from Oracle, NetIQ (Micro Focus), Microsoft, etc. Access Manager based SSO solutions have been in the market for almost 2 decades now and are getting outdated. Some products are also in their sunset phase and are being reconsidered by their respective companies.
With an Access Manager (AM) based SSO solution, the solution is installed and configured to intercept each request to the target applications originating from the client machine. Each target application is modified to exchange tokens with the AM solution and establish SSO. Some AM based solutions might work differently than exchange of tokens, but this is the general concept.

Issues with AM based SSO solutions:
1. Expensive.
2. Large Infrastructure Footprint.
3. Takes a long time to implement and implementation is complex.
4. Each target application has to be modified to work with the AM based SSO solution.
5. Might restrict access to target applications only through the AM based SSO solution.

Make no mistake, AM based SSO solutions are fully functional and are being happily used by many organizations, but the idea is that not everyone wants to bring a crane to lift a nail.

I work with ILANTUS technologies (www.ilantus.com). We offer an SSO solution that is:
1. Cheaper.
2. Lightweight.
3. Quick and easy to implement.
4. Non-intrusive - Zero lines-of-code change and zero downtime to target applications to establish SSO. Target applications can also be directly accessed with credentials, if SSO solution is not accessible for some reason.
5. Capable of SSO to any and all kinds of applications (including Thick Client applications, patent pending)

We have been highly rated by analysts such as Gartner, Forrester and KuppingerCole. I will be happy to take you through the solution or answer any other queries to help you understand differences and make an informed decision, if you are interested. Please let me know. Thank you!
- Vinayak!

2017-12-14 06:43:23 UTC
author avatar
Vendor

It depends on your use-cases but you should also consider Imprivata - especially if you are in Healthcare as we are the recognised leader in that industry.

https://www.imprivata.com

We have a fully integrated strong authentication platform and the effort involved in enabling an application for SSO is typically measured in hours not days.

2017-12-14 05:15:59 UTC
author avatar
Vendor

There is no huge difference between both product, unless you are looking for specific use case, otherwise you can refer to the report like Forrester Wave: https://www.netiq.com/docrep/documents/pqt7can6c6/The_Forrester_Wave_IAM_9_4_13.pdf

2017-12-14 04:33:24 UTC
author avatar
Vendor

A lot depends on the use cases too. Yes there are Okta and Ping, however CA SiteMinder has been around for a while and same with TAM. Happy to share more details (pros/cons) based on use cases and IT landscape in your organization.

2017-12-13 18:20:15 UTC
author avatar
Consultant

Hi,
I am not too familiar with Tivoli but I can share my experience with Siteminder:
It is definitely catered towards on premise old school IBM type of environments.
It seem to work better (unfortunately) under Windows – so you will inherit all windows drawbacks(restarts comes to mind).
Failures and recovery : If you work in an automated environment – it’s not very scripting friendly – some things can be scripted, but I still see a lot of calls that require manual intervention.
In a modern setup this is not exactly ideal
I would recommend PingFederate for an on premise requirement, or Okta if you have plans to go in the public cloud anytime soon.

2017-12-13 16:53:06 UTC
author avatar
Consultant

CA SIteMinder and IBM ISAM are both powerful tools for SSO. Among those two
I would prefer CA SiteMinder.
Site Minder is robust and easy to maintain and configure.

However, if there is an option of choosing other SSO applications
especially for interbusiness SSO access, I would recommend Azure. Microsoft
is doing really good in this space.
With provisioning on Tenants on the fly for B2B applications, the user
management becomes central to the user's organization. So, GDPR is
automatically taken care of.

Hope I have not made it more confusing.

2017-12-13 15:16:47 UTC
author avatar
Consultant

Both technologies are outdated and more on-prem application focused.
in projects like this, the main part is deployment so I would consider first who will be doing the planning and the deployment
our policy is cloud first, so I'm using Okta both for SSO and Provisioning

2017-12-13 11:17:50 UTC
author avatar
Vendor

You can take a look at the KuppingerCole Leadership Compass: Access Management and Federation to get a more holistic view.

https://www.ca.com/us/collateral/industry-analyst-report/kuppingercole-leadership-compass-access-management-and-federation.html

2017-12-13 11:08:28 UTC
Find out what your peers are saying about LogMeIn, Keeper, Fortinet and others in Single Sign-On (SSO). Updated: May 2020.
420,062 professionals have used our research since 2012.