DATA SHEET

CA SiteMinder
At a Glance
Web applications are critical for supporting online commerce, collaboration or other transactions that drive everyday business. Fundamental requirements for securing Web interactions are understanding who a user is, what they are attempting to do, and then enforcing appropriate security policies or controls. CA SiteMinder is a highly scalable solution that provides best practice identity and access management components for Web single sign-on, authentication, authorization, auditing and administration. In doing so, it enables new Web business opportunities, reduced administrative costs and improved Web access security.
Key benefits/results Enables business growth. Securely deploy
revenue-enhancing Web applications. Improves user experience. Reduce logins and personalize online user experience. Drives operational excellence. Centralized security management across heterogeneous Web applications. Mitigates risk. Identify users, control their access and audit what they have done.

Business challenges
Security as a barrier to web-based innovation. Organizations must rapidly respond to business opportunities with the ability to develop and deploy new Web applications. These applications often support sensitive transactions or data so they must provide the proper security controlswithout adding unnecessary deployment time. Poor access experience to Web and cloud applications. Maintaining separate sets of credentials for each application or authenticating for every access to an application can be frustrating. Users want to sign on once to access a Web or cloud application then have a seamless experience accessing others without the need to re-authenticate. Ensuring the right users have the right access. Users must be able to connect to the information and applications they need to do their jobs, place an order, or otherwise transact business without compromising security. Reducing security costs. IT organizations are facing significant pressure to reduce the cost of security administration, help desk expenses and redundant, security-related application development and maintenance.

Key features
Web single sign-on (SSO). Reduces the challenge of multiple user logins to provide seamless access across diverse Web applications. Flexible authentication. Enables applications to be protected by authentication methods which are appropriate in strength to the application sensitivity. Policy-based authorization. Allows or denies access at the file, page or object level based on variables including user attributes, roles, groups, dynamic groups, location, time, or data sensitivity. Scalability, reliability, availability. Helps meet the most demanding enterprise requirements through dynamic load balancing, caching, clustering, replication and more.

Solution overview
IT organizations deploying Web applications to potentially millions of users both inside and outside the enterprise face a fundamental question: How do they let business in while keeping risk out? The answer is CA SiteMinder. CA SiteMinder provides the enterprise-class security management your organization needs to authenticate users and control access to Web applications and portals. Across Internet, intranet and cloud applications, it enables the secure delivery of essential information and applications to your employees, partners, suppliers, and customers. It also scales to meet your growing business needs with flexible administration tools that can support either centralized or distributed administration.

CA SiteMinder

Critical differentiators
CA SiteMinder delivers unparalleled reliability, availability, scalability, and manageability. For over a decade CA SiteMinder has been a leader in enterprise-class Web access management, providing a comprehensive solution that addresses the critical need of centrally managing Web users and their access to applications and cloud services.

How CA SiteMinder Works:

1. User attempts to access a protected resource. 2. User is challenged for credentials and presents them to the CA SiteMinder Web agent or to the Secure Proxy Server. 3. The users credentials are passed to the Policy Server. 4. The user is authenticated against the appropriate user store. 5. The Policy Server evaluates the users entitlements and grants access. 6. User profile and entitlement information is passed to the application. 7. The user gets access to the secured application, which delivers customized content.

Related products/solutions
CA SiteMinder Federation enables federated cross-domain single sign-on or credential sharing; also available via the cloud with CA CloudMinder Single Sign-On. CA SiteMinder Web Services Security provides a centralized, policy-based solution to secure Web services. CA AuthMinder enables deployment of a wide range of strong authentication methods. CA RiskMinder provides real-time protection via riskbased, adaptive authentication. CA DataMinder Classification analyzes document or site content to determine data sensitivity.

For more information, please visit ca.com/siteminder

Agility Made Possible: the CA Technologies advantage
With IT Security solutions from CA Technologies, you can reduce risk, reduce IT and security management costs, protect critical assets, and simplify compliance across complex IT environments. Protecting business information is critical to your companys success. To thoroughly safeguard your entire IT environment, you need identity and access management capabilities, but also control over how information is used. IT Security solutions from CA Technologies can give you the control you need over your physical, virtual, and cloud IT environmentsso you can protect your business and the information on which it relies. IT Security solutions from CA Technologies are part of our broad portfolio of solutions designed to help increase your business agility and ultimately out-innovate the competition.

Copyright 2012 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages. CS2046_0212