Microsoft Passport Authentication Scheme

The 5.5 Policy Server allowed you to create a Passport Authentication Scheme.

The 6.x Policy Server allows you to create a Passport Authentication Scheme.

SAML 1.0 producer support

SAML 1.0 producer support is available in mixed mode.

IMS Role-based Access Control (RBAC) Support

The 5.5 Policy Server User Interface allowed the binding of IMS roles to policies.

The 6.x Policy Server User Interface does not provide RBAC capabilities.

Global Rules and Responses

In a pure 6.x mode, the 6.x Policy Server supports policies containing global rules and responses.

In mixed-mode, users cannot create global rules and responses with the 6.x Policy Server.

Web Services Variable

In a pure 6.x mode, the 6.x Policy Server supports Web Services variables.

Note: Web Services variables may not appear after you upgrade your existing 5.x policy store to 6.x. To prevent this, create a new policy store instance, export your existing policy store, and import the policy store into the new policy store instance.

In mixed-mode, the 6.x Policy Server does not support Web Services variables.

Impersonation

In a pure 6.x mode, the 6.x Policy Server provides support for impersonating a user.

In mixed-mode, the 6.x Policy Server does not provide support for impersonation.

SAML-compliant SAML Artifact

In a pure 6.x mode, the 6.x Policy Server utilizes a SAML-compliant artifact for SAML 1.0 producer functionality.

In mixed-mode, the 6.x Policy Server requires 6.x Web Agents, but can be used with 5.x QMR 4 (or higher) SAML Affiliate Agents and 6.x SAML Affiliate Agents to obtain SAML 1.0 producer support.

SAML 1.1 and SAML 2.0 Support

In a pure 6.x mode, the 6.x Policy Server provides support for a number of SAML 1.1 and SAML 2.0 profiles.

In mixed mode, the 6.x Policy Server does not support SAML 1.1 and SAML 2.0 profiles, including the SAML 1.1 and 2.0 assertion generators and authentication schemes.

SiteMinder Federation Security Services Components

In a pure 6.x mode, the 6.x Policy Server provides support for all of the Federation Security Services features listed in the Federation Security Services Guide.

In mixed mode, the 6.x Policy Server only supports the SAML 1.0 producer/artifact profile.

Policy Evaluation Performance for Large Policies

The runtime performance of the Policy Server is improved in policy evaluation for very large policies.

The 6.x Policy Server provides more effective policy evaluation in pure mode than in mixed.

Policy Server Exception and Error Handling

The Policy Server's error logging and tracing is significantly revised, to facilitate maintenance and problem diagnosis.

In mixed-mode, the 6.x Policy Server does not provide this capability.

Cluster-to-cluster Failover and Agent to Policy Server Load Balancing

SiteMinder 6.x has Policy Server "clusters" to provide for increased availability and ease of configuration.

In mixed-mode, only 6.x Agents support this feature.

Automatic Trusted Host Key Rollover

Administrators can define a centralized policy for the generation and automatic rollover of the shared secret (key) that is used to encrypt communication between trusted hosts and the Policy Server.

In mixed-mode, only 6.x Agents support this feature.

Logout Reason Code Support

The SiteMinder v6.x SDK provides specific reason codes for user logout scenarios, such as idle timeout, session time out, and user explicit log off.

In mixed-mode, only 6.x Agents support this feature.