CA SiteMinder Web Access Manager r12

Similar documents
CA SITEMINDER OVERVIEW

Last Updated: July 04 th, 2014.Changes from the previous version are in green. SITEMINDER ,29 PLATFORM SUPPORT 1. Policy Server 11,

RSA SecurID Ready Implementation Guide

Atennea Air. The most comprehensive ERP software for operating & financial management of your airline

Regional Seminar/Workshop on CMA and SAST

Navitaire GoNow Day-of-departure services

etrust SiteMinder Connector for Oracle Solutions Architecture, Installation and Configuration Guide For UNIX Version 1.6 (Rev 1.

KB 2449 CA Wily APM security example: CA SiteMinder for authentication with CA EEM for authorization

Paperless Aircraft Operations - IATA s Vision and Actions - Chris MARKOU IATA Operational Costs Management

DART. Duty & Recreation Travel STAFF TRAVEL SIMPLIFIED. Straightforward, easy to use staff travel management system for the airline industry

API Gateway Version September Authentication and Authorization Integration Guide

I need the best deals

Seminar on USOAP Continuous Monitoring Approach (CMA) and State Aviation Safety Tools (SAST)

Hampton by Hilton Istanbul Atakoy, Turkey HAMPTON BY HILTON. EMEA Development Brochure

Mission Statement. To be a Leading Global Travel Management Company.

ATPCO. Intended positioning on the market

The In-Flight Monetisation & Services Platform PRODUCT BROCHURE

CA SiteMinder. Agent for JBoss Guide SP1

Dell EMC Unisphere 360

Monitoring & Control Tim Stevenson Yogesh Wadadekar

CA SiteMinder. Agent for JBoss Guide 12.51

INTERNATIONAL CIVIL AVIATION ORGANIZATION AFI REGION AIM IMPLEMENTATION TASK FORCE. (Dakar, Senegal, 20 22nd July 2011)

Enhancing Workday with BetterWorks

etrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide

Pan Pacific Hotels Group rolls out Milestone IP video technology to ensure guest safety

A History of Innovation at London's Gatwick Airport

CA SiteMinder. Agent for JBoss Guide. r12.1 SP3. Third Edition

The iconic, award-winning mid-market brand. Europe, Middle East, Africa and Asia Pacific Development Information. hilton garden inn Luton North, uk

Configuring a Secure Access etrust SiteMinder Server Instance (NSM Procedure)

Gogo Connected Aircraft Services

Benefits of NEXTT. Nick Careen SVP, APCS. Will Squires Project Manager, Atkins. Anne Carnall Program Manager, NEXTT

Materna Integrated Passenger Services (Materna ips)

Attract, Reach & Convert

Price-Setting Auctions for Airport Slot Allocation: a Multi-Airport Case Study

etrust SiteMinder Agent r6.0 for IBM WebSphere

IBS Software Services Private Limited

IBM Tivoli!"!"#$%&'() IBM!"#$%&'()*+,

Integrated Modular Avionics. The way ahead for aircraft computing platforms?

Digital Commerce for Travel Retail

Privacy. Newcrest means Newcrest Mining Limited (ACN ) and each of its subsidiaries; and

STRATEGY OF DEVELOPMENT 2020 OF THE CCI SYSTEM IN UKRAINE

Installation Guide. Unisphere Central. Installation. Release number REV 07. October, 2015

Crew Management & Flight Operations:

How to Integrate CA SiteMinder with the Barracuda Web Application Firewall

Federal GIS Conference February 10 11, 2014 Washington DC. ArcGIS for Aviation. David Wickliffe

FACILITATION PANEL (FALP)

COMPANY OVERVIEW Unique Ability to Manage Across All Chain Scales

CA SiteMinder Federation Standalone

Crown Corporation BUSINESS PLANS FOR THE FISCAL YEAR Trade Centre Limited. Table of Contents. Business Plan

Setup and Configure the Siteminder Policy Store with Dxmanager

WORLDWIDE AIR TRANSPORT CONFERENCE: CHALLENGES AND OPPORTUNITIES OF LIBERALIZATION. Montreal, 24 to 29 March 2003

Your success is our goal. Rely on our engineering.

As a partner in unclaimed property resources, Kelmar is fully equipped to provide support for unclaimed property programs in all operational areas.

FLIGHT PATH FOR THE FUTURE OF MOBILITY

FEDERATION SQUARE MELBOURNE, AUSTRALIA CORPORATE PLAN

At the Heart of Enhancing Air Travel Experience

Amadeus Altéa Airport Link

Criteria for an application for and grant of, or variation to, an ATOL: Financial

New Distribution Capability (NDC)

Crown Corporation Business Plans. Trade Centre Limited

Amadeus Multi channel distribution for hotels. Distribution & Content. Make the right moves. & conquer new markets

INTERNATIONAL INSTITUTE FOR DEMOCRACY AND ELECTORAL ASSISTANCE

Total Airport Management Solution DELIVERING THE NEXT GENERATION AIRPORT

Integrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0

Microsoft Courses Schedule February December 2017

ACI EUROPE POSITION PAPER

FACILITATION PANEL (FALP)

In-Service Data Program Helps Boeing Design, Build, and Support Airplanes

PROS Inc. Intended positioning on the market

RED ATLAS PRODUCT BROCHURE. From Nevalee Business Solutions

Banking fraud detection and prevention system, based on intelligent data-driven decisions

DOUBLETREE BY HILTON HOTEL ELAZIG EMEA DEVELOPMENT BROCHURE

Electronic flight bags built. with Microsoft technology

The Benefits of Attendee Travel Management

Aeronautics & Air Transport in FP7. DG RTD-H.3 - Aeronautics Brussels, January 2007

We transform travel companies into travel retailers

Gold Coast: Modelled Future PIA Queensland Awards for Planning Excellence 2014 Nomination under Cutting Edge Research category

SHIP MANAGEMENT SURVEY. July December 2017

We are the end to end solution for. PaxBag

NDC is a response to 3 challenges that exist in today s airline distribution eco-system:

EMC Unisphere 360 for VMAX

PRIMA Open Online Public Consultation

The Improvement of Airline Tickets Selling Process

Attraction Safety. Westlakes. Engineering. Our Capabilities

Attract, Reach & Convert

Farelogix Corporate Backgrounder. February 2014

Preparatory Course in Business (RMIT) SIM Global Education. Bachelor of Applied Science (Aviation) (Top-Up) RMIT University, Australia

International Civil Aviation Organization ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE PROPOSED ROADMAP TO STRENGTHEN GLOBAL AIR CARGO SECURITY

AN INNOVATIVE, MID-TIER, EXTENDED-STAY EXPERIENCE. United States of America Development Information HOME2 SUITES BY HILTON SALT LAKE CITY - MURRAY, UT

EMC Unisphere 360 for VMAX

Presentation Outline. Overview. Strategic Alliances in the Airline Industry. Environmental Factors. Environmental Factors

NEXTT. Anne Carnall Program Manager, Future Airports. 12 December 2018

Aircraft Management Comprehensive Ownership, Operation and Maintenance Management Services

Submission to. Queenstown Lakes District Council. on the

A New Way to Work in the ERCOT Market

CA SiteMinder Web Services Security

For personal use only

Surveillance and Broadcast Services

Cvent Passkey Glossary

Safety Management System Coordinator. Position Number Community Division/Region Yellowknife Air, Marine and Safety/HQ

Transcription:

Reference Code: TA001441SEC Publication Date: July 2008 Author: Aanchal Sabharwal, Angela Eager, and Somak Roy TECHNOLOGY AUDIT CA SiteMinder Web Access Manager r12 CA BUTLER GROUP VIEW ABSTRACT CA SiteMinder Web Access Manager provides policy based authentication and authorisation, supports multiple advanced authentication techniques, identity federation, and single sign on for Web applications. Traditionally, access management infrastructure has been developed separately for each Web application, leading to duplication and limited control and audit capability. SiteMinder provides centralised capabilities plus extensive additional facilities. Butler Group is impressed with its fine-grained authorisation capabilities, support for advanced authentication techniques, support for a good range of user directories, identity federation based on established standards, and the scalable architecture. Overall, SiteMinder is an impressive solution for mid-sized and large companies who use numerous Web applications to deliver sensitive or business critical data. KEY FINDINGS Supports a wide range of advanced authentication techniques. Administrative module supports multilevel category and scope delegation. Supports a wide range of user directories, mainframe user stores. Multilateral identity federation available through a separately licensable module. Identity federation through established standards. Scales to hundreds of millions of users and hundreds of thousands of policies. Lacks site- and server-based licensing until transactions become large scale. Integrates with related CA Identity and Access Management solutions. LOOK AHEAD Support for Microsoft Windows CardSpace, strong authentication/risk management, enhanced federation. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 1

FUNCTIONALITY Web applications are used for a wide range of requirements, from delivering financial transactions and line of business applications to pure information dissemination, as well as delivering services to both an internal audience and external partners and customers. Organisations need to control access to Web applications, which often deliver high-value and sensitive data that is subject to regulatory control. Traditionally, user authentication and authorisation mechanisms were built independently and inflexibly for each major Web application, an approach that reduces visibility as well as being cost inefficient. Also, a typical user requires access to multiple Web applications, and without a mechanism for forwarding the user s credentials to multiple applications (which could be owned by different commercial entities), user fatigue arising from the requirement to log into each application or Web site could set in, leading to lost customers or to security risks such as users resorting to writing passwords down. In addition, Web access technology needs to incorporate authentication tasks performed by partner entities, again to reduce user fatigue and reduce development duplication. Therefore, organisations require a centralised and scalable approach for authenticating users and authorising access to multiple applications, supported by the federation of authentication tasks in a standards-based way. Product Analysis CA provides CA SiteMinder Web Access Manager (CA SiteMinder WAM), a Web access management solution that provides fine-grained, policy-governed authentication and authorisation, administrative delegation, identity federation, and Single Sign On (SSO) capabilities. The solution is aimed at large and medium sized organisations with a large portfolio of Web applications and often a significant external Web audience. A part of CA s Identity and Access Management (IAM) suite, the solution integrates with related solutions such as CA Identity Manager, CA SOA Security Manager for controlled access to Web services and CA Single Sign On for advanced SSO capabilities for non-web applications. At its core, the SiteMinder solution comprises two functional components: the Policy Server, and SiteMinder Agents. The Policy Server engine is the Policy Decision Point (PDP) for policies related to authentication and authorisation. The SiteMinder Agents are the Policy Enforcement Points (PEPs) and are deployed on Web servers or via a reverse proxy server to control access to Web server content and application servers. They also regulate access to Java 2 Platform Enterprise Edition (J2EE) components. The Policy Server provides a valuable audit capability which can be used to analyse access history and to aid regulatory compliance CA SiteMinder WAM supports a wide range of authentication technologies, including X.509 certificates, onetime password (OTP) tokens, and Smart Cards, in addition to the ubiquitous user ID and password. With Web transactions increasingly conducted through multiple steps involving a web of commercially distinct entities, federation capabilities are important and in Butler Group s opinion CA SiteMinder WAM scores well on this front. The solution supports identity federation through Security Assertion Markup Language (SAML) tokens, and WS-Federation via Microsoft s Active Directory Federation Services (ADFS) Regulatory compliance and the mitigation of risks related to loss of reputation from incidents of identity theft (among other security breaches) are key factors driving consolidated Web access management. For large companies, the aforementioned objectives necessitate a solution with high user scalability, careful monitoring of access patterns, and support for a wide range of common applications and Web and application server platforms. In Butler Group s opinion, CA scores well on all of the aforementioned requirements. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 2

The SiteMinder solution has proven scalability and is used by BT to manage over 40 million transactions a day and by a large global bank to manage over 100,000 security policies. Crucially, the r12 release adds scope-based delegation capabilities to SiteMinder s administration module. Policies can be much nuanced, existing policies can be easily reused and policies can be readily deployed and modified through an XMLbased import/export feature. The solution also has good reporting capabilities and OEMs Business Objects XI R2. Furthermore, support for Web servers (agents for Apache, IIS, SunOne, Domino, etc) application servers (agents for WebLogic and WebSphere), applications, OS platforms, user directories, and authentication schemes, is comprehensive. Special SSO agents (separately licensed) are provided for common line of business applications from PeopleSoft, Siebel, SAP, and Oracle. While the feature set is impressive, Butler Group believes the lack of support for site and serverbased licensing at lower user license levels is an area of concern (enterprise or site licenses tend to be negotiated on large transactions of perhaps more than $1m in user licenses).the per-user based licensing scheme, while obviously decreasing with volume and, importantly, differentiated for B2C users, might not be fair for instances when user numbers, particularly for peak demand, are hard to predict. CA offers two tiers of per-user pricing: External Users for consumers and partners, and Internal Users for employees. Pricing is proportional to value, with External Users being the lowest cost and Internal Users the highest. Product Operation Solution Architecture CA SiteMinder WAM is comprised of two key components: the Policy Server, and Web Agents. The Policy Server acts as the policy decision point, which means it determines whether an individual user s access request is allowed based on the appropriate policy. Its role is to provide policy management, authentication, authorisation, auditing, and administration tasks. The Web Agents are policy enforcers, tasked with managing access to applications and content, based on security policies. They can be used with Web servers, application servers, and enterprise applications like Enterprise Resource Planning (ERP) software. They can also be deployed as part of a reverse proxy server. All access requests are first intercepted by the Web agent and have to provide credentials to the Web agent or to the secure proxy server. These credentials are then transmitted to the policy server which authenticates them against the appropriate user store (such as Lightweight Directory Access Protocol (LDAP), databases and mainframes). Where entitlements match, the user is granted access assuming that they meet the requirements of the authorisation policy. The entitlement information and the user profile are routed to the target application to ensure the delivery of secure and possibly personalised content. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 3

Figure 1: CA SiteMinder WAM Component Architecture Source: CA D A T A M O N I T O R The following list details the key functional components and attributes of the CA SiteMinder WAM: Authentication and Authorisation SiteMinder supports a wide range of authentication techniques including SAML assertions (SAML 1.0, 1.1, 2.0), user IDs and passwords, passwords over Secure Sockets Layer (SSL), OTP tokens (RSA ACE and SecureID), smartcards, custom forms, biometrics, X.509 certificates, or an appropriate combination of factors. CA s unified access management allows authentication and authorisation to work in conjunction to grant the appropriate level of access. For example, a user with a simple password credential can be allowed a lower level of access compared to a user with more secure credentials. Identity federation is based on standards such as SAML, and WS-Federation (Microsoft ADFS). Browser-based identity federation requires a separate license on top of a base CA SiteMinder WAM license. SiteMinder provides fine-grained authorisation, allowing authorisation policies to be based on application roles, time, and even type of authentication credential. SiteMinder integrates with CA Single Sign On, enabling an integrated approach towards implementing SSO for Web-based and non Web-based applications. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 4

Policy Formulation and Administration CA offers extensive role and policy information reuse capabilities in keeping with the realities of the company s target market. The Policy Server sits atop user directories and supports a wide range of solutions such as Sun Java System Directory Server, IBM Directory Server, Novell edirectory, Microsoft AD, and OpenLDAP. SiteMinder can also leverage relational databases such as Microsoft SQL Server, IBM DB2, and Oracle Relational Database Management System (RDBMS) as a user repository. SiteMinder can read user information out of mainframe user stores such as ACF2/TopSecret/RACF. An XML-based migration tool for import and export of policy objects is provided. Policies related to a domain, an application, and entire policy stores can be exported. The import/export of policy objects can support dependencies. SiteMinder deployment sites often involve policies in the order of tens or hundreds of thousands and administration has been streamlined through a delegation feature. Typically, administrators are assigned specific categories and scope. Scope relates to administrator rights, such as view objects or create, modify, and delete. The delegation feature allows administrators to assign categories and scopes to other administrators, who can further cascade delegation to low level administrators and even business users themselves in a highly simplified and scoped form, and a hierarchy of policy formulation and modification responsibilities can be built. The administration module also has built-in search capability. Reporting and Analysis SiteMinder is bundled with the CA Report Server which is based on Business Objects XI R2. The Report Server provides analysis reports on policy and audit data. In addition, in February 2008, CA released Wily Manager for SiteMinder WAM, integrating CA s key application performance management solution Wily Introscope with the access management solution. Well aligned with CA s enterprise IT management vision, the Wily Introscope integration allows the analysis of Web application performance to include Web security details. Also, Wily Introscope allows monitoring of Policy Server and Agent performance, enabling notifications to IT operations in the broader context of application performance. Scalability SiteMinder is a highly scalable WAM solution (testing indicates SiteMinder can support in excess of 100 million users of Web applications using standard off-the-shelf hardware and software and standard SiteMinder features). Scalability can be achieved in terms of number of users and number of protected resources and is achieved primarily through efficient connection management and policy processing; caching of policy and user data; load balancing for user stores and policy server clustering; policy store and user store replication; support for multi-cpu servers. The solution provides provision for Policy Server Cluster failover as can be seen from Figure 2, which also illustrates a global deployment topology for SiteMinder. Clusters of Policy Servers can be configured. In case of failure of one cluster, the other cluster can perform the task of evaluation of user s entitlements. This fault-tolerant deployment thus ensures high performance. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 5

Figure 2: CA Scalability in a Global Deployment Scenario Source: CA D A T A M O N I T O R Product Emphasis CA SiteMinder WAM is focussed on enabling secure SSO access to multiple owned and affiliate Web applications and providing fine-grained authorisation and comprehensive support for authentication technologies. Its goal is to provide a comprehensive solution, so it also addresses five additional areas: it supports identity federation through a standards-based approach; it provides a solution architecture that scales to millions of users; it offers administrative capabilities that enable consistent and structured policy formulation and management of hundreds of thousands of policies; it enables reuse of existing role definitions through support for a wide range of user directories; and it supports integration with related identity and access management solutions, to achieve a higher level of integrated access management across Web and non-web applications, along with holistic performance management. These types of capabilities are aligned with CA s Enterprise IT Management vision. In Butler Group s opinion, the SiteMinder solution is category leading, and the solution s installed base and deployment growth attest to its alignment with the requirements of the target market. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 6

DEPLOYMENT Resources required for deployment include internal resources for administering user and policy store repositories (LDAP, RDBMS, Mainframe); internal security analysts to interpret and communicate security policies including password policies, installation/deployment policies and application access policies; Web developers to integrate SiteMinder with Web applications or to develop custom authentication schemes or login pages; and an operations team to monitor and maintain SiteMinder in production. Other resources are required depending on the technology used (non-password authentication methods: X509 certificates, SecurID, etc) or for the underlying Web servers that will support the Web application (IIS, Apache, etc.). For some of the large scale deployments, the services of third party systems integrators such as Deloitte & Touche, Price Waterhouse Coopers, and/or CA s internal professional services may be advisable. The time taken for implementation depends on the number of applications that will be protected by SiteMinder and the level of integration and complexity. However, on average, it takes 8-12 weeks to gather requirements, formulate architecture, implement, and deploy for an initial set of applications or portals. Post implementation, time taken for integration varies from a few hours for an application with simple integration requirements to a more involved integration process for Web applications with complex and relatively inflexible security infrastructure. The deployment approach for the SiteMinder architecture can be highly modular. The baseline requirements are a Policy Server to provide the Policy Decision Point, and a web agent or proxy server to provide a Policy Enforcement Point, plus a user repository and a policy store. Once these components have been deployed additional modules can be added to build out the infrastructure on an incremental basis. An additional policy server could be added to facilitate load balancing and failover for example, plus extra Web agents and proxy servers, and applications can be added into the infrastructure. Other modules such as the Administrative User Interface (to manage all or specific policy servers) can be added as can the CA Report Server. Other optional add-on products include SiteMinder Federated Security Services and ERP/CRM SSO agents, plus CA SOA Security Manager, which can be layered on top of the base SiteMinder infrastructure. SiteMinder provides role-based training for operators, administrators, and consultant/implementers, at three different levels. Training can be delivered in the form of Computer Based Training (CBT), classroom, and Web-based training. CA s support service responsiveness varies from one hour for the highest severity level and one business day for the lowest severity level, level 4. The solution is available on a variety of platforms. SiteMinder agents are available on IIS, Apache (ASF, HP and Red Hat versions), Tomcat, Sun One/Sun Java System, IBM HTTP Server, Domino, Oracle HTTP Server, WebSphere, WebLogic, SAP, Siebel, and Oracle Application Server. The Policy Server is available on Windows, Solaris, HP-UX, and Linux. SiteMinder can integrate with a wide range of systems in various ways. CA provides a set of documented Application Programming Interfaces (APIs) for enabling WAM/SSO for diverse off-the-shelf, and custom built applications. It can also integrate out-of-the-box with CA Single Sign-on to enable SSO to non-web applications covered by this product. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 7

The potential risks faced by WAM deployments are relatively low as they have very minimal impact on end users and regular business processes. As would be expected from a solution of this nature, the risks that do exist are related to scope and phasing. PRODUCT STRATEGY SiteMinder s target market is horizontal and includes large and medium sized organisations across geographies that require controlled access to numerous Web applications. However, organisations in sectors such as financial services, government, healthcare, telecommunications, high-tech manufacturing and utilities vertical markets typically have huge Web communities where the data is sensitive and of high value. The target customer for SiteMinder would typically have more than $250M in revenues, more than 5,000 employees, and more than 10,000 non-employee users. However the average SiteMinder customer has a lot more than 10,000 non-employee users. The expected Return on Investment (ROI) depends on the current and post deployment state of the customer. The sources of ROI include reduced application development and maintenance costs, reduced security administration costs, reduced user helpdesk/call centre calls, and reduced security compliance costs, plus increased and easier deployment of revenue enhancing and cost saving applications that require security. The sales channels are both direct (on a global basis), and also through Value-Added Resellers and systems integrators. CA expects the percentage of sales through the indirect channel to increase. The key business partnerships that support this product for sales, service, and implementation are with systems integrators and value added resellers. Global business partners include Deloitte, PWC and Accenture. Hitachi and Nissay are important partners in Japan while Deloitte, Fujitsu, CapGemini, PWC and Unisys are key partners in Europe. Relationships with specialised security boutique firms are also important in North America. Technology partners include vendors of authentication technology, Web servers, application servers, and directories, among others. CA s FlexSelect licensing program supports SiteMinder licensing. FlexSelect is a flexible system for purchase financing/licensing/leasing and is used to license all of CA s products. The licensing is based on the number of users, segmented into consumers, business partners, and employees. As would be expected from a solution of this nature, volume licensing is supported and per user costs are much lower for large volumes. The project value for a typical implementation is US$200K for product licenses and $200K for related design and implementation services. The cost of annual maintenance and support depends on the licensing approach and CA reports that, when using the perpetual software license scheme, maintenance cost approximates 20% of the license cost annually. The company introduces major releases every 2-3 years to deliver key architectural changes. New features are made available approximately once every 6-9 months via Service Packs. Minor enhancements and defect support are introduced through monthly Cumulative Releases. CA s development pipeline includes support for additional advanced authentication schemes, additional platform certifications, integration of option packs, and integration with the latest releases of related tools such as CA SSO v8.1. There are also plans for continued investment in federation technology and related security for Web services. CA s feature set and development pipeline indicate a continued focus on the extremely comprehensive requirements of the company s target market, aligned with the stated vision of distributed enforcement, and delegated policy management, with centralised auditing and administration. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 8

In Butler Group s opinion the factors driving the WAM market, such as the need to ensure Web security; the need to automate compliance related controls and reporting in an exhaustive, verifiable, and centralised way; identity federation; and Web services security, will continue to be pressing concerns in the large enterprise and mid-market segment. Given all of the above, (and also CA s indirect channel expansion plans) in Butler Group s opinion, CA s strategy is well aligned with the needs of the target market. COMPANY PROFILE CA, Inc. (NYSE:CA), positions itself as one of the world s largest management software providers. CA software and expertise unify and simplify complex IT environments in a secure way across the enterprise for greater business results. CA calls this Enterprise IT Management (EITM ) a clear vision for the future of IT. It s how an enterprise can manage systems, networks, security, storage, applications, and databases securely and dynamically, based on a common platform and an integrated architecture, with scope to expand the footprint to cater for innovation and new areas of technology. Founded in 1976, CA is headquartered in Islandia, N.Y., has 14,500 employees, operates in more than 150 offices in 45 countries, and has achieved ISO 9001:2000 certification. Revenues and operating income for the last three fiscal years were as follows: Table 1: Financial Details Year ending 31 March 2008* 2007 2006 Revenue (US$ Million) 4,277 3,943 3,772 Change on Previous Year (%) 8 5 5 Total Net Income/(Loss) (US$ Million) 500 121 160 *unaudited figures Source: CA D A T A M O N I T O R CA has a stated policy to enhance and protect its clients IT investments by integrating a wide range of systems in heterogeneous environments. To maintain this stance it has a wide range of partnerships with technology vendors, systems integrators, and IT consultancies. CA currently serves 99% of the Fortune 1000 companies across every major industry worldwide. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 9

SUMMARY Butler Group believes that the CA SiteMinder WAM solution presents a feature set that is among the front runners in the Web Access Management market place. In addition, CA s huge installed base, totalling over 1,300 deployment sites, has led to a rich ecosystem of complementary solutions. Butler Group would like to point out that large scale multilateral federation would typically require a separately licensable add-on. In Butler Group s opinion, the CA practice of separately licensing features that address critical or even typical requirements for large enterprises is not optimal, and it is not unique to SiteMinder or the Identity and Access Management suite. However, the solution s feature set, scalable architecture, flexible administration, and integration with related CA tools is best in class, and is extremely relevant to large companies with significant Web infrastructure. Table 2: Contact Details CA Inc. World Headquarters One CA Plaza Islandia NY 11749 USA Tel: +1 (800) 225 5224 Fax: +1 (631) 342 6800 www.ca.com CA Inc. EMEA Headquarters Ditton Park Riding Court Road, Datchet Slough Berkshire, SL3 9LL UK Tel: +44 (0)1753 577733 Fax: +44 (0)1753 825464 www.ca.com Source: CA D A T A M O N I T O R Headquarters Europa House, 184 Ferensway, Hull, East Yorkshire, HU1 3UT, UK Tel: +44 (0)1482 586149 Fax: +44 (0)1482 323577 Butler Direct Pty Ltd. Level 46, Citigroup Building, 2 Park Street, Sydney, NSW, 2000, Australia Tel: + 61 (02) 8705 6960 Fax: + 61 (02) 8705 6961 Butler Group 245 Fifth Avenue, 4th Floor, New York, NY 10016, USA Tel: +1 212 652 5302 Fax: +1 212 202 4684 For more information on Butler Group s Subscription Services please contact one of the local offices above. Important Notice This report contains data and information upto-date and correct to the best of our knowledge at the time of preparation. The data and information comes from a variety of sources outside our direct control, therefore Butler Direct Limited cannot give any guarantees relating to the content of this report. Ultimate responsibility for all interpretations of, and use of, data, information and commentary in this report remains with you. Butler Direct Limited will not be liable for any interpretations or decisions made by you. Butler Group. This Technology Audit is a licensed product and is not to be photocopied Page 10

2024 © travelsdocbox.com Privacy Policy | Terms of Service | Feedback