We are currently on SiteMinder r12.52 SP1 and in progress of doing a parallel upgrade to r12.8 SP2. We have several large scale web applications that are being protected by the webagent installed on Apache web servers as the web front end. Our Info Security department is looking into adding an additional layer of security by adding multi-factor authentication (OTP) to our current SiteMinder form-based authentication scheme.
We are bringing in Okta to demo their IAM product along with their crucial mult-factor authentication feature, which is included as a standard package and is the primary reason for our management to potentially replace CA SSO with Okta. Our CA SSO product is deeply integrated into many of our web applications and therefore replacing it with Okta or any other IAM product will be a significant undertaking.
To compete with Okta's multi-factor authentication, what is the easiest and most seemless way for us to add One-Time-Password as a form of multi-factor authentication to our SiteMinder infrastructure and implement it to the web application that is currently being protected by the webagent?
Thanks in advance for your input.