CA IAM r12 Helps Secure and Streamline Business Enablement of SOA and Web Services

Business Wire, Nov 12, 2007

Reduces Risk and Eases Regulatory Compliance with Intelligent Access Controls and Comprehensive Reporting

ISLANDIA, N.Y. -- CA, Inc. (NYSE: CA) today announced CA IAM r12, a major new version of its identity and access management solution that helps customers more securely and efficiently enable their businesses with service oriented architecture (SOA) and Web services.

CA IAM r12 provides the identity lifecycle management, access management, workflow automation, delegated administration, reporting, federation and other capabilities IT organizations require to efficiently and securely deliver critical business services and provide internal and external users with an enhanced customer experience -- regardless of platform. The new version:

* Enhances security controls for emerging SOA architectures and other application architectures on both distributed and mainframe platforms.

* Facilitates the extension of IAM capabilities to all business services across the enterprise to support policy-based security and governance.

* Eases regulatory compliance and governance by automating IAM-related controls, providing security policy analysis and comprehensive reporting.

* Increases inter-enterprise business enablement through enhanced identity federation.

* Provides support for IPv6 and FIPS PUB 140-2 for added security.

"CA IAM is the cornerstone solution within CA's Security Management offerings and is an essential component of an integrated approach to IT management. As IT organizations are called upon to provide a wider range of services to more users and user communities -- and as IT security controls come under increased regulatory scrutiny -- the management of identities and access rights is becoming more challenging than ever," said Dave Hansen, senior vice president and general manager of CA's Security Management business unit. "CA IAM r12 addresses this challenge by empowering IT to more effectively and efficiently manage access to data and applications -- even in SOA and Web services environments."

CA is rolling out CA IAM r12 in phases. The first phase features CA SOA Security Manager, an innovative solution that provides comprehensive identity-based Web services security -- including authentication, authorization, auditing and protection against XML threats -- all in a single integrated solution. It also includes new versions of CA SiteMinder, CA Directory, and five CA solutions for z/OS (see http://ca.com/press/release.aspx?cid=158358).

"At the same time as it accelerates business innovation and adaptability, SOA also presents serious new management, governance, and security challenges," said Robin Bloor, partner, Hurwitz & Associates. "To successfully meet these challenges -- and fully capitalize on SOA's potential benefits -- IT organizations must adopt best practices and supporting technologies that ensure centralized, policy-based security management for an increasingly dynamic and modular set of IT services. With CA IAM r12, CA is addressing this key technology requirement of the emerging SOA market."

CA SOA Security Manager r12

CA SOA Security Manager r12 enables IT organizations to centrally manage the security of their enterprise SOA/Web service deployments. By abstracting security from the Web services themselves, CA SOA Security Manager helps customers to significantly reduce the administrative burdens and other costs associated with providing security for SOA/Web services

CA SOA Security Manager r12 inspects the security information contained in XML documents submitted by service consumers and uses this information to determine access. It provides enterprise-level functionality for SOA/Web services that are exposed internally and externally, keeping XML threats out while simultaneously controlling access for legitimate service consumers. It also:

* Delivers expanded security management for Web services through the SOA Security Gateway, which provides a proxy-based security policy enforcement point (PEP), mitigation of XML malware threats, and automated routing and protocol translation.

* Expands coverage of heterogeneous IT environments by adding an agent for J2EE Application Servers to its existing agents for Web servers.

CA SiteMinder Web Access Manager r12

CA SiteMinder Web Access Manager r12 is an industry-leading centralized Web access management solution that provides user authentication, single sign-on, policy-based authorization, identity federation, and auditing of access to Web applications and portals. It features new application and policy lifecycle-management capabilities that, combined with its business-friendly definition of applications and data, speed the deployment of Web applications through controlled delegation of security administration. CA SiteMinder Web Access Manager r12 also includes:

* Expanded support for federation to devices with non-traditional browsers, such as mobile phones.

* New policy analysis and reporting that improves security control and eases regulatory compliance.

* An extensible architecture that enables more rapid addition of new access management capabilities such as enhanced identity federation and Web services security management.