Monitor SiteMinder policy server and agent performance and availability.
Correlate Web application performance with SiteMinder performance.
Determine if SiteMinder is impacting performance.
Facilitate collaboration between application support and security team.
"provides comprehensive, real-time metrics such as: average response time for login; successes, failures, and errors per measurement period; and socket availability for SiteMinder processes. Wily Manager for SiteMinder collects this information from SiteMinder Policy Servers and SiteMinder agents for all Web server and application server transactions into a single view that enables application support and security specialists to collaborate and better understand how authentication performance affects their Web applications."
It's also interesting to note that this functionality was built into their Wily Technology infrastructure (which CA acquired in early 2006) instead of their Unicenter infrastructure. Looking through their systems management portfolio however, it makes sense as the Wily products focus on web applications while Unicenter focuses on the traditional enterprise architecture components such as networks, mainframes and midrange servers.
It looks to be a much more focused monitoring offering than IBM's (which I blogged about here) and Oracle's (which I blogged about here) from an access management product perspective. It addresses a few things that customers have commonly asked for in the past, most notably the need to figure out how much impact the security infrastructure is having on the performance of their applications. None of the vendors have been able to give a satisfactory answer here. At least now, CA can monitor it.
That's not to say CA are ahead of Oracle and IBM. They've just chosen to focus on another aspect of monitoring their Identity and Access Management infrastructure. Strategically, the three vendors look to have taken the following approaches:
- Oracle - Sink their teeth deeper into becoming a Systems Management vendor and do this by releasing a fully functioning (that's debatable as I have yet to see it in action) software product for their Identity and Access Management suite, which is proving to be an area of focus for the security market and as a result is gaining mind share and respect for Oracle in the security space.
- IBM - Address a customer need by addressing the issue at a high level and providing basic functionality. They have not released a full product yet because the functionality provided does not warrant such a move and doing so would see a backlash from customers and unfavourable views from the industry. This is also why they have released this integration component free (assuming customers already have the relevant Tivoli products required at either end). They have probably released this in preparation for a bigger, more fully featured release of their monitoring suite focusing on the Identity and Access Management products.
- CA - Address a specific need of their customer base and do it better than their competitors while giving up some of the selling advantages of being more general in their approach like IBM have done.