About the client

• CA Technologies is a world leader in providing enterprise IT management and Software solutions
• Specialists in understanding, building and managing IT capabilities to effect digital transformation for business growth of clients
• Received TSIA Certification for Global Excellence in Service Operations
• Winner of several awards including the Red Hat Innovation Award for Application Development

The Challenge

Deployment of federated solutions in the 150 plus partner environments and setting up on-premises enterprise security solutions were the potential challenges that confronted CA.

Our Solution

SecureKloud, powered by FuGen, proceeded to validate, test and certify the operation of each federated SSO connection between the CA SiteMinder Federation and the SaaS Partner application.

SecureKloud established the federated connection with the SaaS Partner or Social IDP and verified for interoperability with the Partners across profiles, applications and client types.

Deploying federation solutions across Partner environments

CA Technologies offer expert Software and SaaS packages to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. CA SiteMinder is one among its many inventive products, built by the company as a centralized web access management system that enables user authentication and single sign on, policy-based authorization, identity federation, and auditing of access to Web applications and portals.

With hundreds of cloud SaaS applications deployed, each set to specific conformity standards and its own set of supported profiles and bindings, CA had to ascertain the effective functioning of its CA SiteMinder products federation, with each of the SaaS Partner applications, under varied conditions and configuration choices. By accomplishing this, CA wanted to highlight the flexibility and uniqueness of the CA SiteMinder. CA chose to team up with SecureKloud to establish this strategic business goal, eventually enhancing the goodwill among its SaaS partners for the CA SiteMinder product to great heights.

SecureKloud Solution

SecureKloud provided to CA’s requirements with a factory of pre-validated/pre-certified SaaS connections and by employing a Multidomain Identity Service Platform (MISP), in a private cloud environment, to act as the Identity Provider (IDP) in establishing the federation partnership with the selected SaaS Partners.

SecureKloud installed CA SiteMinder Federation R12.5, to act as an Identity Provider (IDP) within its sandbox MISP environment and tested the setup with a virtual Relying Party (RP), which was also hosted within the sandbox environment. SecureKloud obtained Signing and encryption certificates for the IDP endpoint from a select Certificate Authority. A discovery and pre-qualification exercise was launched, to ascertain the SaaS Partner’s level of conformance and its definition of scope, including a list of applications, modules and client tools to make a go/no-go decision with the specific Partner. Interoperability with the SaaS Partner for the specified profiles and bindings, applications, and client types was validated. In a strategic move, Federation Compliance and Validation Reports for each partnership were prepared, to support the federation authentication and trap any error that might occur during the federation.