<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1110556&amp;fmt=gif">
Skip to content
    June 25, 2024

    Ensure Full Stack Observability of Symantec SiteMinder with DX Application Performance Management

    Key Takeaways
    • Implement full-stack observability to enhance visibility and proactively identify application performance issues.
    • Utilize AI-driven insights to optimize user experiences and improve system reliability and efficiency.
    • Monitor key performance metrics to enable timely responses and reduce application downtime.

    Perception is not reality

    When an application breaks and we hear things like, “My login is not working,” or “The web app is slow,'' more often than not SiteMinderTM seems to be in the line of fire. However, in my experience, it has usually been a third-party or other configured item like firewall rules that have turned out to be the culprit. Now I am not saying that it is never SiteMinder. Potentially the issue could be anywhere, but I guess the bigger question here is how do we prove it one way or the other?

    SiteMinder reference architecture

    Before we dive into how we can help security and application teams answer the question, “Where is the problem?” let’s look at SiteMinder’s reference architecture.

    SiteMinder provides secure single sign-on (SSO) and flexible access management to applications and web services on premises, in the cloud, from a mobile device, or at a partner’s site. It is critical for flawless delivery of business-critical applications.

    The Access Gateway is the entry point, routing the traffic depending on whether the resource is protected or not and also if it's available in cache or not. Depending on that, the request may then go to the policy server. There can be numerous decision points. In most cases, a user entitlement store like SAML or LDAP is also present and interacts with the policy server for user authentication and authorization rules.

    SiteMinder sits in between users and the application for secure access. Given that, it is important that a monitoring system keeps an eye on the critical flow between these endpoints. It should have the ability to observe and record the availability and performance aspects and report any errors or anomalous behavior proactively. This system should be sophisticated and purpose-built by experts who understand SiteMinder really well.

    ESD_FY24_Academy-Blog.Ensure Full Stack Observability of Symantec SiteMinderTM with DX Application Performance Management.Figure 1

    DX Application Performance Management (DX APM) for Symantec SiteMinder for SSO

    At a very high level, DX APM for SiteMinder is a combination of DX APM plugins that are shipped with these SiteMinder components: Access Gateway, Policy Server, and Web Agent. They extract key performance metrics from these components and report to the DX APM Infrastructure Agent (APM IA), which collects and forwards the data to DX APM SaaS. These out-of-the-box plugins are shipped with SiteMinder, which eliminates the need to go through the trouble of downloading and installing them separately. Plugins only have to be enabled and configured to send the monitoring data to the DX APM instance. 

    ESD_FY24_Academy-Blog.Ensure Full Stack Observability of Symantec SiteMinderTM with DX Application Performance Management.Figure 2

    DX APM also provides out-of-the-box alerts and dashboards. With out-of-the-box plugins, metrics, alerts, and dashboards, monitoring SiteMinder becomes really easy and quick to set up. It also correlates the metrics and alarms to identify where the actual problem is that needs to be fixed. For example, some of the out-of-the-box policy server metrics measure the policy server queue length, response time, database average response time, and so on. Similarly, on the gateway and the web agent, it monitors the response times, the loads in transactions per second, etc. DX APM not only provides these metrics in a single view for visual correlation but also presents performance breach alarms. Here, it also correlates the alarms, which can then be used for faster triage and remediation. 

    ESD_FY24_Academy-Blog.Ensure Full Stack Observability of Symantec SiteMinderTM with DX Application Performance Management.Figure 3

    Creating the bridge between IT operations and security teams

    IT operations and security teams follow different workflows at different enterprises. Some use ”follow the red” on a dashboard, while others prefer to get notified of a problem based on the severity. And then, of course, there are teams that leverage the best of both workflows. Firstly, regardless of the standard procedures, teams often struggle to find the root cause and reduce the mean time to identify the real problem. Secondly, IT operations teams and security teams often find it challenging to collaborate because they lack a unified view of monitoring data.

    DX APM provides a platform to foster collaboration through role-based access and privilege control. So, in a scenario where the policy server queue length spike is affecting the average response times, both  security and IT operations teams can view the same performance metrics and create tickets, assign problems, and notify the right team with the contextual information required for triage. This creates a self-service environment for the responsible teams, driving accountability and laying the foundation to automate mundane issue triage and remediation.

    At Broadcom, apart from the quick time to value as described above, we also recognize that sometimes you do come across new needs or gaps. Both the DX APM and SiteMinder teams work in close collaboration and address those gaps as can be seen from the screenshots below. Metrics like URL timing is a good example of such collaboration. In this case, the log from FWTrace.log is parsed and KPIs extracted and reported to DX APM. The same applies to CA Directory and Host TCP Queue metrics.

    ESD_FY24_Academy-Blog.Ensure Full Stack Observability of Symantec SiteMinderTM with DX Application Performance Management.Figure 4

    Benefits of DX APM for SiteMinder

    • Fast time to- value: Built-in DX APM integration with SiteMinder and SaaS option for quick proof-of-concept and testing
    • Out-of-the-box KPIs: For full SiteMinder component visibility
    • Built-in dashboards: Out-of-the-Box dashboard templates provide both broad overviews and deep insights
    • Built-in alerts: For proactive monitoring
    • Continuous improvement: For close collaboration between DX APM and SiteMinder teams to extend monitoring coverage

    Srikant Noorani

    Srikant Noorani, Client Services Architect focusing on AIOps and Observability, has over 20 years experience working on complex technical challenges. A hands-on architect with a passion for guiding enterprises in their digital transformation journey, Srikant has worked on the largest APM deployments plus DevOps,...

    Other resources you might be interested in

    icon
    Blog October 8, 2025

    Nobody Cares About Your MTTR

    This post outlines why IT metrics like MTTR are irrelevant to business leaders, and it emphasizes that IT teams need network observability to bridge this gap.

    icon
    Blog October 8, 2025

    Tag(ging)—You’re It: How to Leverage AppNeta Monitoring Data for Maximum Insights

    Find out about tagging capabilities in AppNeta. Get strategies for making the most of tagging and see how it can be a game-changer for your operations teams.

    icon
    Office Hours October 6, 2025

    Rally Office Hours: October 2, 2025

    The Rally Model Context Protocol (MCP) Server acts as a standardized interface for AI models and developer tools. Learn about this exciting new feature then follow the weekly Q&A session with Rally...

    icon
    Blog October 1, 2025

    Why 1% Packet Loss Is the New 100% Outage

    In an era of real-time apps and multiple clouds, the old rules about 'acceptable' network errors no longer apply. See why you need end-to-end observability.

    icon
    Office Hours September 30, 2025

    Rally Office Hours: September 25, 2025

    Rally Office Hours delivers an essential product tip: Learn to transition from Legacy Custom Pages to powerful Custom Views. Plus, Q&A insights.

    icon
    Blog September 26, 2025

    Defining the Network Engineer of Tomorrow

    Read this post and see why the most important investment isn't in new hardware, but in transforming your team from device managers to service delivery experts.

    icon
    Blog September 26, 2025

    Harnessing AppNeta’s Browser- and HTTP-based Workflows to Track User Experience

    AppNeta’s browser- and HTTP-based workflows let you see what users actually experience. Preempt issues before they become headaches for your end users.

    icon
    Blog September 26, 2025

    “Rego U” Recap: Why SPM Is Still Hot

    Rego Consulting’s Annual Conference underscored why strategic portfolio management (SPM) is still essential. Leverage SPM to bridge strategy and execution.

    icon
    Blog September 23, 2025

    What's New in AutoSys 24.1: Built for the Modern Automation Landscape

    See how AutoSys 24.1 is designed to streamline your daily tasks, accelerate troubleshooting, and simplify how you integrate with the latest technologies.