Layer7 Access Management

Are you thinking of migrating your CA Single Sign-On deployment to AWS?

By Madhusudhan Yoganath posted 03-22-2019 02:27 AM


Many organizations are migrating elements of their IT infrastructure to the cloud and adopting a “cloud first” approach. It’s a significant step for CTOs/CIOs to take, as it requires a new mindset, new tooling and has an impact on people, processes and technology.

But the rewards can be significant – lower TCO while benefiting from the cloud provider’s capabilities like easier provisioning, scalability and high availability for maintaining the support for the critical applications the business requires. Most of the savings is a result of optimizing resources for what they actually need and consume. In many cases, their on-premises capacity is likely to be over provisioned. It is also possible to provision disaster recovery environment without any capital expense. There are also advantages which result in IT teams becoming more efficient and reducing operations costs. This is because public cloud providers offer wide capabilities and tools in these areas and continually invest in them.

And not only these, organizations can become more agile, due to the use of innovative platform technologies that enable IT teams to focus on delivering business applications.

AWS (Amazon Web Services) is a market leader in this infrastructure cloud platform space and has a vast global presence.

Lower the TCO and simplify infrastructure operations of your CA Single Sign-On deployment 


The above-mentioned benefits apply to deploying CA SSO onto a public cloud like AWS and also, to ensure that your applications on the cloud can be securely accessed comprehensively using CA SSO capabilities. There are no capital expenses needed and there will be savings in infrastructure investment, implementation and operations. There are customers who have already deployed CA SSO on AWS, running it in production and happily reaping these benefits.


Running CA SSO natively on AWS gives your end users the same access and security experience that they are accustomed to, regardless of where the application is hosted - on-prem, cloud, SaaS or mobile.


In fact, deploying CA SSO on AWS, can be a complimentary part of the migration of workloads to AWS, accelerating more applications to be deployed and enable faster cloud adoption, simply because, it provides the necessary security controls to address complex access control use cases for AWS based resources and enable secure access to the applications in the cloud.



Before you start planning the deployment of CA SSO on AWS, there are several things to consider for an effective deployment such as availability zones, security considerations, VPC (virtual private cloud configuration), placement and settings to reduce latencies between components, based on transaction load patterns etc.


The following link will help you with the preliminary guidelines to be considered for deploying CA SSO on AWS - Things to consider before deploying CA SSO on AWS.

It is highly recommended to get in touch with a Broadcom services partner, to help you plan the migration, in greater detail. 


To summarize, following are the generally accepted benefits of running workloads in AWS.

  • Optimize cost with pay per use pricing
  • Achieve higher level of availability
  • Provision disaster recovery environment without any capital expense
  • Faster provisioning
  • Leverage the latest and greatest security updates and stay compliant and secure, with reduced operations cost.



We are continuously innovating the product to leverage the best of the breed capabilities offered by modern technologies like Kubernetes for automating deployment, scaling, and upgrades.
In fact, we already have a container validation kit for CA SSO which can be deployed on AWS EKS (Elastic Kubernetes Service) 

. Image result for AWS EKS

If you need to trial it out, please sign up for our validation project on, to access the build.

1 comment


03-22-2019 11:30 AM

Thank you for sharing this with the community!

Are you thinking of migrating your CA Single Sign-On deployment to AWS?