CA has announced the planned release of additions and advancements in its Identity and Access Management product portfolio, including CA Federation Manager, a new product designed to ease the deployment and management of federated partnerships; an enhanced CA SOA Security Manager; and an integrated solution for Secure Web Business Enablement that will feature multiple CA Identity and Access Management products including CA Federation Manager and the enhanced CA SOA Security Manager.

"As organizations' IT operations have grown to be more Web-based, CA has been there to help secure and manage that part of their operation, which has become critical to their business success," said Dave Hansen, corporate senior vice president and general manager, CA Security Management. "CA is a leader in identity and access management and we are proud that our global customers ranging from government organizations to Fortune 500 companies trust us to help secure, manage and grow their Web-based businesses. Today's announcements strengthen our IAM portfolio to provide our customers with tools they need to confidently grow that business even more."

CA Federation Manager

CA Federation Manager is being designed to deliver greater deployment flexibility and ease of use for customers who want to establish federated partnerships quickly in conjunction with or separate from their Web access management system. CA plans to make that possible by providing to customers a CA Federation Manager endpoint that they in turn can provide to their partners at no additional cost. This will help overcome any technological hurdles so that CA customers and their partners can federate more quickly for business success.

CA SOA Security Manager

Service Oriented Architectures and Web services are emerging as the next major wave of application architectures as organizations strive to improve the speed, flexibility, and cost of building and deploying applications for both internal and external uses. However, according to an independent global survey sponsored by CA, 43 percent of senior IT executives perceive security threats as the most critical issue in the implementation of SOA and Web services-based applications. The survey also showed that this concern about security is justified as the executives surveyed reported experiencing an average of seven XML targeted attacks against externally facing SOA or Web services applications in the past year.

CA SOA Security Manager provides a comprehensive SOA and Web services security platform which abstracts security from the underlying services and provides both content based Web services security-authentication, authorization, federation, and audit-as well as defense against XML-centric threats in a single integrated solution. The abstraction of security policies from the application services avoids the cost, inflexibility and risk of security silos.

The latest planned release of CA SOA Security Manager, also part of the planned SWBE solution, is being designed to enhance and improve security policy management and support additional platforms and standards. In addition, CA SOA Security Manager currently can be used in conjunction with CA SiteMinder Web Access Manager to provide a comprehensive Web security system, protecting both Web sites as well as Web services, or it can be deployed in standalone mode securing only Web services.

CA Secure Web Business Enablement

As a planned part of CA's Identity and Access Management portfolio, CA's SWBE solution will be anchored by CA SiteMinder WAM and will combine it with CA Federation Manager, CA SOA Security Manager and CA Identity Manager to administer Web users.

The CA SWBE solution is currently planned to provide customers with essential capabilities to expand and improve an organization's Web business operations by enhancing the reach, quality, and security of its online relationships. It is being designed to help organizations confidently broaden their use of the Web to efficiently transact business, either internally or with business partners and customers, by delivering proven, auditable, and scalable security capabilities that control access to Web applications, SOA and Web services, enable identity federation, and automate user administration.