We are integrating the Identity Suite with CA SSO. We are looking for some advice on how to best protect the ID Suite Admin console such that it is not accessible from the internet. Once we protect the Admin Portal w/ SSO, this will make it so that anyone with knowledge of the Admin portal URL and admin/password can log in and potentially cause harm through the Admin Portal.

We would want to protect the User Portal with SSO, and leave the Admin Portal with native authentication.

Reviewing the SiteMinder Configurations Documentation there is a specific realm configured for the admin page:

Omit this realm from your Siteminder configuration and the Portal Admin page will use the native authentication pages.