Oracle Access Management delivers risk-aware, end-to-end multifactor authentication (MFA) and single sign-on (SSO) that integrate identities and systems across cloud and on-premises.
N/A
Symantec SiteMinder
Score 8.0 out of 10
N/A
Symantec SiteMinder (formerly Layer 7 SiteMinder from CA, now from Broadcom) provides a unified access management platform that applies an authentication mechanism to positively identify users; provides single sign-on and identity federation for access to any application; enforces granular security policies to stop unauthorized access to sensitive resources; and monitors and manages the entire user session to prevent session hijacking.
OAM is designed to be scalable, and it can handle large-scale deployments with thousands of users and applications. It provides a centralized framework for managing access to web applications and resources, enabling organizations to define and enforce security policies across their entire IT environment. OAM offers a range of authentication and authorization mechanisms, including multi-factor authentication and OAuth-based authentication, making it suitable for organizations that need to meet different security and compliance requirements.
We currently are working to set up Single Sign On and auto provisioning with a new vendor. Symantec SiteMinder visualizes things like SAML responses and assertion attributes within the console extremely clearly. This makes making adjustments on the Vendor's side or even working with Vendor support clear and effective. The only time I would avoid trying use Symantec SiteMinder as a local IDP would be when I am trying to minimize complexity or overhead troubleshooting needs.
Oracle Access Management allows superior session management capabilities. It can maintain and terminate session states using access engine and endpoint cookies or security tokens.
It allows for automated single sign-on as well as protocol translation.
The suite allows for real-time fraud detection and prevention capabilities. This is especially useful where our applications are accessed by tens of thousands of users simultaneously.
The product could be improved by simplifying changing the master password. That is, if you change a password in one place, it would be good to automate changing the password for all the gateways so that change is less complicated.
It should be more Customizable for Customer Specific needs.
Oracle Access Management connects well with Oracle Database but doesn't work smoothly with Microsoft AD.
Usability with this platform is pretty good after you get a handle of things. I must say for new users it can take some time for training and adoption. This however is not just limited to Oracle products but most major ERP. Once you get past the initial training period all should be well from there.
6.5 Symantec SiteMinder's usability is high but the barrier to entry can be intimidating for an unfamiliar user. Symantec SiteMinder support can be difficult to get a hold of when needed leading to situations where you're not sure how to proceed. Overall, if you have experience with SSO, federations, SAML, and IDP's, then you will be fine
Both are great products. From a technical point of view Oracle Access Management implementation is relatively simple due to the possibility to adjust the functionality and appearance of the system to the customer's needs. SAP is a robust product but not user friendly and more expensive. Overall cost and product functionality was what drove us to implement Oracle Access Management.
We use Microsoft Windows Azure AD which can act similarly in comparison to Symantec SiteMinder. While this experience is somewhat narrow, Symantec SiteMinder seems to have more flexability/customization and caters to the crown that prefers to automate and work with linux. I am less familiar with Azure's automated abilities, however, Symantec SiteMinder allows to automate various factors that already line up with our existing Linux environment and setup
