Padlock Icon Cyber Security of Digital Data Network Protection, Secure Technology Blockchain Data Network Connectivity Background, And Secure Information for Privacy 3d rendering
VMware vSphere Kubernetes Service (VKS) CNCF / Open Source Financial Services Health/Life Sciences Home Page Public Sector Security & Compliance Security Advisories Technology Partners Workloads

Better Together: Modernizing Access Management with Symantec SiteMinder and VMware vSphere Kubernetes Service

,

In today’s hybrid environment, enterprises often struggle to balance proven security systems with the speed of modern application development. Today, we are highlighting a powerful combination that bridges this gap: Symantec SiteMinder running on vSphere Kubernetes Service (VKS) within VMware Cloud Foundation (VCF).

​​Together, Symantec SiteMinder and VCF deliver a unified platform that brings identity security and cloud‑native infrastructure together, rather than forcing teams to choose between them.

The Challenge: Scaling Security at the Speed of Apps

As organizations shift toward containerized environments, maintaining consistent security policies across legacy and modern applications remains a top priority. Traditional access management often struggles to keep up with Kubernetes-driven workflows, leading to “security silos” where modern apps and legacy systems use different, disconnected authentication methods.

​​At the same time, Kubernetes introduces its own complexity—new control planes, new automation patterns, and rapidly changing release cycles—which can overwhelm teams that are already responsible for business‑critical identity services. The result is a growing risk that identity becomes the bottleneck for application modernization.

The Solution: A Unified Security Fabric

By deploying SiteMinder on VKS, within VMware Cloud Foundation, organizations gain the best of both worlds: enterprise-grade identity security and modern operational agility. This integrated approach ensures consistent security across your entire infrastructure while leveraging automated, high-performance container orchestration.

The combination of SiteMinder, VKS, and VCF creates a single platform that standardizes how you deploy, secure, and operate identity services across VM‑based and containerized workloads. SiteMinder provides battle‑tested single sign‑on (SSO), policy management, and federation, while VCF with VKS delivers a fully integrated, enterprise‑ready Kubernetes runtime on top of vSphere.

​​Because VKS is delivered as part of VCF, Kubernetes becomes a first‑class citizen alongside virtual machines, using the same management plane, lifecycle tooling, and governance controls your teams already trust. That means your identity platform modernizes in lockstep with your infrastructure, instead of becoming a separate island that needs special treatment.

Figure: Solution Architecture Diagram of SiteMinder on VKS

How the Platforms Complement Each Other

CapabilitySymantec SiteMinder on VKSVMware Cloud Foundation with VKSBetter together value
Identity and accessCentralized SSO, policy enforcement, legacy and modern appsIntegrated private cloud with built-in Kubernetes runtimeUnified security fabric across VMs and containers
Operations and lifecycleContainerized policy servers and access gatewaysSingle control plane, automated lifecycle and upgradesOne toolset for infra, Kubernetes, and identity services
Scalability and resilienceHorizontal scaling, stateful deployment patternsCluster-level resiliency, self-healing, resource poolingConsistent performance under changing demand
Visibility and complianceRich security logging and monitoring integrationsCentralized observability and operations for VCF domainsFaster troubleshooting with shared telemetry

Here is why this combination is a game-changer for modern identity management: 

1. Operational Simplicity for Cloud Admins

One of the biggest hurdles in Kubernetes adoption is the operational learning curve. VKS is built directly into VMware Cloud Foundation, allowing infrastructure teams to provision and manage Kubernetes clusters using familiar vSphere‑centric tools and processes. This means your security team can deploy SiteMinder Policy Servers, Access Gateways, and supporting components on Kubernetes without having to build and maintain a separate Kubernetes stack.

Key aspects of this operational alignment include:

  • ​​Unified platform – VCF provides a turnkey private cloud platform, combining compute, storage, networking, and Kubernetes under a single operational model.
  • Consistent lifecycle – Broadcom validates and manages compatibility across vSphere, VCF, and VKS, simplifying upgrades and reducing the risk of broken integrations as Kubernetes evolves.
  • Familiar interfaces – Teams can use existing GUIs, CLIs, and APIs for provisioning VKS clusters and underlying infrastructure, minimizing retraining and configuration risk.

For identity owners, this means SiteMinder deployments can move at the same pace as application and infrastructure teams, leveraging shared automation, ticketing, and governance frameworks instead of bespoke processes.

2. Enterprise-Scale Performance

SiteMinder is designed for high-concurrency environments. Running it on VKS allows you to leverage:

  • Automated scaling – VKS clusters can scale SiteMinder components horizontally, allowing Policy Servers and Access Gateways to handle spikes in authentication and SSO traffic.
  • Self-healing – Kubernetes automatically restarts failed SiteMinder pods, while VCF ensures the underlying ESXi, storage, and networking layers are resilient and monitored.
  • Persistent and performant storage – VCF supports Cloud Native Storage (CNS) options such as vSAN and other shared storage technologies to back SiteMinder stateful components.

Beyond raw performance, the “better together” value shows up in lifecycle operations. VCF provides centralized health monitoring, capacity planning, and lifecycle management across workload domains, so SiteMinder clusters benefit from consistent patching and upgrade practices alongside the rest of your environment.

3. Bridging the Gap Between Legacy and Cloud-Native

Many enterprises rely on Symantec SiteMinder as the policy and SSO backbone for mission‑critical web and packaged applications. At the same time, new services and APIs are being built on Kubernetes to deliver modern digital experiences. Running SiteMinder on VKS in VCF enables a unified identity plane that spans both worlds.

  • Shared identity layer – SiteMinder can enforce consistent authentication and authorization policies for applications running on VMs and Kubernetes clusters managed by VCF.
  • CNCF‑aligned platform – VKS delivers a conformant Kubernetes distribution that aligns with upstream releases, helping organizations modernize applications without locking into proprietary orchestration.
  • Phased modernization – Applications can be migrated or refactored in stages, while maintaining a stable SSO experience, because the same identity platform serves both legacy and cloud‑native workloads.

This unified approach reduces the need to bolt on separate identity solutions for new Kubernetes-based services, streamlining both security design and developer experience.

4. Enhanced Scalability and Resilience

Security workloads like Policy Servers and Access Gateways can experience sudden spikes in demand. The integration allows for:

  • Stateful scaling – SiteMinder components like the Policy Server and Admin UI are deployed as StatefulSets, ensuring data persistence and stability.
  • Auto-scaling – The solution is validated for autoscaling, allowing your identity infrastructure to grow or shrink based on real-time traffic.
  • High availability – Built-in Kubernetes self-healing ensures that if a SiteMinder pod fails, it is automatically restarted to maintain uptime.

5. Integrated Observability

Security is only effective if it is visible. Our jointly validated solution integrates SiteMinder with Enclave Services to provide a complete view of your environment:

  • Monitoring – Prometheus and Grafana track the health and metrics of your SSO environment.
  • Logging – Fluent Bit and Elasticsearch (part of the ELK stack) centralize logs for faster troubleshooting and compliance auditing.

This “single pane of glass” approach for both infrastructure and identity services is a core part of the better together story, reducing gaps between security, platform, and operations teams.

Conclusion

Deploying Symantec SiteMinder on vSphere Kubernetes Service isn’t just about moving identity to containers; it’s about standardizing your access management and SSO services on a modern private cloud platform that is designed to support evolving workloads, from traditional web apps to AI‑enabled services.

You gain:

  • The proven, enterprise‑grade access management capabilities of Symantec SiteMinder.
  • The agility of a CNCF-certified, upstream-conformant Kubernetes runtime: vSphere Kubernetes Service.
  • The operational consistency, resiliency, and governance of VMware Cloud Foundation.

All of this works together to ensure your identity services are resilient, scalable, and easy to manage—without forcing you to rebuild your security foundation each time your application architecture evolves.

To go deeper into the deployment patterns, reference components, and configuration details for this joint solution, explore the published Reference Architecture to see the full deployment breakdown.

Discover more from VMware Cloud Foundation (VCF) Blog

Subscribe to get the latest posts sent to your email.

Anika Suri

Anika leads Product Marketing for VMware’s ISV partners on vSphere Kubernetes Service. With over 16 years in the industry, she’s a tech polyglot who has spoken the languages of Engineering,…

Justin Stanton

Justin Stanton leads Product Marketing for Symantec’s Identity & Access Management portfolio at Broadcom, where he brings together deep experience across Product Marketing and Product Management. With a background spanning…

Related Articles