Since my migration over to the security side of the alliances business I have had to quickly adapt and learn an entirely new vernacular, gain a deeper understanding of customer application security requirements and connect with an entirely new group of partner vendors. One of our largest partners and most consistently co-installed vendors is SiteMinder from CA. While the F5 BIG-IP APM product helps to facilitate universal access and authentication to web based applications, CA SiteMinder to provide authorization security to parts of sites or specific areas of a web based application. Many of our joint customers however, would like a combined solution that can provide both of the above mentioned capabilities from a single appliance. In an ideal world migrating the functionality of SiteMinder agents to the BIG-IP would simplify the process of enforcing user authorization. This would have the effect of simplifying your overall AuthN and AuthZ functions.
Now with the SecureAuth PDP server, F5 iRules and BIG-IP APM these processes can be simplified.
The SecureAuth PDP (Policy Decision Point) solution enables the enterprise to remove the SiteMinder agents on the web servers and still allow the enterprise to control authorization via the SiteMinder policy server.
SecureAuth PDP enables the removal of the SiteMinder agents via enabling the F5 BigIP APM (Access Policy Mnager) to enforce the SiteMinder policies. The F5 APM is a purpose built network component that runs on the F5 BigIP. F5 BIG-IP APM is designed to be utilized as an scalable authentication/authorization point to proxy traffic destined for web and application servers.