If you were talking to someone whose organization is considering Symantec Siteminder, what would you say?
How would you rate it and why? Any other tips or advice?
I'm an implementor, so I help clients implement the solution for their companies. We're still in the process of testing the solution. We're currently not providing services on it as we are still in the testing phase. So far, with a simple implementation of the SSO, I'd rate the solution eight out of ten.
My advice to anybody considering this solution is to always create their use cases so that they can do a complete and thorough POC before purchasing this solution. Do not force the implementation of these types of solutions. It was forced by the management without proper planning. I have learned that proper planning works best for these types of solutions because you have to integrate with different components of the network, in order to be successful. I would rate this solution a seven out of ten.
Be sure to get your doubts clear on any product features, integration with other CA products, and other security products. I recently came across Okta, which also has cool features. Before implementing, ask a CA manager to provide you a list of use cases, which can help you in building/offering what you have in mind.
When you are looking for a security solution, products are there in the market, but you really don't want to go for a product that looks very beautiful from the front but has very bad stuff in the back end. One good thing is that CA has, I believe, that is has an edge. It allows me do a lot of what the customer is looking for, beyond the customer; beyond the product boundaries. They are certain things that we would not be able to do if this CA solution didn’t have this flexibility, and it's highly secure. It is a highly reliable solution to work with. We implemented the solution almost a year and a half ago and up until now, there has been no downtime. It is reliable; it is good; it is open for customization; it is open for integration. From my experience working with CA for almost 13 years, it’s a company. I'm not saying it’s specific to a solution. I'm talking about CA in general. It's a company with a solution and the company with the right solutions. I have explained the journey of how these solutions (not specifically CA SSO only, but their entire security suite, including Federated Identity Management) met the requirements: * The customer was looking to have a self registration and password reset portal for their organization but they don't want to leave this portal open and accessible to everyone without been authenticated. This was only challenge, which I have mentioned it. * Second solution, open for customization for security from different datasources. * Thirdly, localization of this solution. Eventually, if these solutions have only listed features and it works only what they present. For sure, we wouldn't be able to achieve it. There are critics and these critics help CA to build their good solutions. Extraordinary product; extraordinary flexibility to explore and meet the requirements of the customer.