DATA SHEET

CA SiteMinder® Secure Proxy Server r12.5

At a Glance
The CA SiteMinder Secure Proxy Server (SPS) is a high-performance proxy gateway that provides an
optional deployment model in the CA SiteMinder family for securely enabling online business and
single sign-on.

Key benefits/results Business challenges

• Centralized security to block unauthorized
user and high network topology
• Alternate methods of session management to
offer flexibility in supporting mobile devices
• Policy driven redirection so users in one group
are proxied to one Web server and other users
are proxied to a different Web server
• Reduced cost of ownership because single
sign-on and federated identity are aggregated
in one component
Key features
Many IT administrators face restrictions about where external-facing Web servers may be located
in their networks. These include not placing a website in an Internet-facing DMZ, or only ensuring
that authenticated traffic is allowed to enter the organization. This reduces the administrator’s
flexibility and may delay their ability to quickly deploy new applications. Additionally, IT
administrators are continuously asked to provide more services with lower budgets.
CA SiteMinder SPS gives IT administrators the architectural flexibility they need while
delivering CA SiteMinder Web Agent and CA SiteMinder® Federation capabilities in a simple
to deploy proxy server.
Mobile platforms and applications create additional challenges for the IT admin to manage
CA SiteMinder sessions. CA SiteMinder SPS provides administrators additional tools for
managing users’ sessions across this growing segment of end-user devices.

Single Sign-on (SSO): The embedded Solution overview

CA SiteMinder® Web Agent enables SSO across
an enterprise.
Multiple session schemes: SPS supports
multiple session schemes based on SSL ID,
mini-cookies, device IDs for mobile devices, URL
rewriting, IP addresses, and schemes from the
Session Scheme API.
Mobile device coverage: Cookie-less session
schemes and SPS’s in-memory session storage
provide a solution that extends to include
mobile devices.
Intelligent proxy rules: Allow configuration
of different paths for fulfilling client requests
based on characteristics such as the requested
virtual host, URI string, or HTTP cookie content.
CA SiteMinder SPS gives you the ability to securely connect to Web servers and applications
in a centralized manner that does not require distributed agents.
CA SiteMinder SPS is also ideal for companies that need additional session management
flexibility, including the ability to transparently route users, support additional user agents,
or seamlessly integrate with the existing enterprise infrastructure. It provides access
control, single sign-on, and entitlement management while serving as a secure gateway
to a company’s backend servers.
Access to the entire enterprise can be managed through a single enforcement point, and
the internal network topology is opaque to external users. CA SiteMinder SPS can provide
SSO both as a standalone component and in conjunction with CA SiteMinder Web Agents
and supports multiple session schemes and the proxy rules control the flow of requests to
destination servers.

Access control for HTTP and HTTPS requests:

SPS enables flow control of HTTP and HTTPS
requests to and from destination servers using
an embedded CA SiteMinder Web Agent.
CA SiteMinder® Secure Proxy Server r12.5

Critical differentiators Centralized Access Control with CA SiteMinder SPS

CA SiteMinder SPS versus a traditional reverse
proxy configuration:

• Certificate authentication from the proxy

to the backend Web server prevents anyone
from going “around” the proxy by requiring
certificate authentication from the proxy to
the Web server
• Built-in identity federation; no need to use
additional J2EE servers
• Session linker support for ERP systems
• Ability to run multiple instances of
CA SiteMinder SPS on a single server;
reduces hardware costs
• Alternative session schemes; minicookie,
ssl_id, IP Address, simple URL rewriting, Agility Made Possible: the of both worlds by deploying a combined
agent/reverse proxy solution to meet
API for custom solutions CA Technologies advantage their specific needs. The CA Technologies
• Intelligent proxy rules; ability to forward CA SiteMinder offers the best of both worlds comprehensive portfolio of modular IT
traffic based on user attributes, device type in Web Access Management. CA SiteMinder management solutions helps you unify IT
SPS is a reverse proxy solution that and simplify the management of today’s
• Hosts password services templates
provides centralized control from the DMZ. complex computing environments across the
• Fully supported by CA Technologies CA SiteMinder Web Agents offer distributed enterprise—and get greater business results.
enforcement points for de-centralized
Related products/solutions organizations that want to capitalize on the
CA SiteMinder. Provides SSO both as a organizational and architectural advantages
standalone component and in conjunction of this approach. The ultimate flexibility is
with CA SiteMinder Web Agents. provided in a hybrid model that allows one
organization to take advantage of the best

For more information, please visit ca.com/access-management

Agility Made Possible: the CA Technologies advantage

CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments
to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation,
transform infrastructure and secure data and identities, from the data center to the cloud. CA Technologies is committed to ensuring
our customers achieve their desired outcomes and expected business value through the use of our technology. To learn more about our
customer success programs, visit ca.com/customer-success. For more information about CA Technologies go to ca.com.

Copyright © 2012 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility
for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document “as is” without warranty of any kind, including, without limitation, any implied warranties of merchantability,
fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost
data, even if CA is expressly advised in advance of the possibility of such damages. CS2936_1012