Best Identity and Access Management (IAM) Solutions
Over 253,234 professionals have used IT Central Station research.
Compare the best Identity and Access Management (IAM) vendors based on product reviews, ratings, and comparisons.
All reviews and ratings are from real users, validated by our triple authentication process.
See all 84 solutions in Identity and Access Management (IAM)
Average rating based on reviews
Number of total page views
Number of times compared to another product
Total number of reviews on IT Central Station
Number of followers on IT Central Station
The total ranking of a product, represented by the bar length, is based on a weighted aggregate
score. For Views, Comparisons, Reviews, and Followers the score is calculated as follows: The
product with the highest count in each area gets the highest available score of 17.5 points.
Every other product gets assigned points based on its total in proportion to the #1 product in
that area. For example, if a product has 80% of the number of reviews compared to the product
with the most reviews then the product's score for reviews would be 17.5% (weighting factor) *
80% = 14. For Average Rating, the maximum score is 30 points awarded linearly based on our
rating scale of 1-10. If a product has fewer than ten reviews, the point contribution
for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews;
two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old,
as well as those written by resellers, are completely excluded from the ranking algorithm.
When selecting Identity and Access Management solutions, it's important to examine your organization's requirements including if internal and/or remote access is required. According to IT Central Station users, key aspects of I&A solutions to consider include: multi-platform support, robustness, integration options, stability, automation options, and SDK availability.
Identity and Access Management (IAM) Reviews
Read reviews of Identity and Access Management (IAM) that are trending in the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
Randomizing local accounts on all endpoints * ERPM's greatest ability is that it can easily randomize ALL local accounts on almost any endpoint. One of biggest security risks that occur within a company is the ability of an attacker to... more»
One of the features that ERPM is capable of providing is giving users the ability to 'request' admin credentials on their machines for a specific purpose (provided you have removed all users from local admin on their machines). You can force... more»
The best part of Oracle Identity Manager is how well it will align to the business. There are features that are more generally required by business and you can easily get them with Oracle Identity Manager. If you compare it with Azure, with... more»
When I joined my project, they had been using a meta directory for identity management and application provisioning. There were around 150,000 active accounts, out of which many were redundant. They had left the organization 10 years ago.... more»
One thing is the size of the infrastructure that is required for Oracle to implement. In addition, the maintenance cost and pricing. With an Oracle implementation, we need to have a high availability of infrastructure where you need a minimum... more»
The main areas of focus of BeyondTrust products is Privileged Access Management. Along with it, they've also bundled the PAM solutions with a Vulnerability Management solution. We all know Retina Network Security Scanner has been around for... more»
We implemented the BeyondTrust suite of products as part of our initial evaluation and continued to use the product because we liked it very much. We distribute security solutions to our customers, so we can only sell something to our... more»
I'm of the thought that the best products in the market have room for improvement, always, and so is the case with this product as well. I have always submitted the improvements / bugs list to the vendor and am looking forward for them to be... more»
* The GUI is very impressive and clean (even cleaner and minimalistic in v7). * JobQueueInfo does an amazing job tracking all processes. * Synchronizations are easy to set up. * Reporting capabilities are fantastic once you get the hang of... more»
* Auditing becomes easier from an admin perspective. * There is more control over everything. * Processes are much better defined. * People tend to take some functional roles much more seriously. There were some roles that were very old in... more»
* DBQueue processes can bottleneck the system at times. In v7, its apparently re-architectured, and is better. There can be too many of them and they process very slowly, causing actual processes to take a lot more time to complete. * There... more»
Before I used CA Identity Suite, it was a separately installed component, nowadays offered as a Virtual Appliance, and that saves considerable time for installing and controlling it. Deployment Express saves time for modifications and things... more»
With the Virtual Appliance, combined with CA Identity Manager and GovernanceMinder as one solution, it eliminates having multiple infrastructure requirements, multiple products, and gives a holistic view of access granting.
I really haven't thought about features for that next release because it is addressing all of our needs right now. I would say, there is one. If there was a seamless integration between portal and IdentityMinder, then that would help a bit,... more»
I think that one of the advantages of the CyberArk PAS suite is that it is modular. On top of the basics, you can implement modules to: * Manage (verify, change and reset) privileged passwords and SSH keys * Manage (isolate and monitor)... more»
I see companies that already have thought about their privileged accounts, while others have not? And so on. Thinking about these things helps customers to organize their data/privilege accounts in the CyberArk solution. It then helps the... more»
With every version, I can see that the product wins on functionality and user experience. On the latter though, I hear from customers that on the UI level, things could be better. CyberArk continuously asks for feedback on the product (e.g.,... more»
* The visual interface of the scripting * The fact that you don't need to be an actual developer to be able to use the product * Logging, automation, and scheduling, as well as the capability to script via COM objects to create front end web... more»
Before using UMRA, the creation of users at a School District with 34,000 students used to take approximately three to four weeks to implement using LDIF imports via batch files. Then, after implementing UMRA, all user creations got... more»
The UMRA Forms of the product is fantastic, especially for those who do not have the expertise to create the web front ends using COM automation. The problem is that the company may be concentrating on creating something other than the Forms... more»
I like the core functionality of what IBM provides, like provisioning the triggers. Also, how you can maintain not only SAP back end systems, but non-SAP. The functionality that IBM provides if you're able to implement a certain logic, and if... more»
The current functionality allows you only to change one user at a time. There is no option to maintain the business roles from the UI using like standard validation, imports, or whatever you have to build your business roles one by one.... more»
As a security engineer, I mostly implement the Enterprise Password Vault Suite (Vault Server, Central Policy Manager, Password Vault Web Access) as this is the base upon which every additional component is built. I am using and implementing... more»
When implementing CyberArk, I see that a lot of security issues are addressed by the solution. For example, audit issues for privileged (non-personal) accounts, which have a sufficient amount of impact on the organization when being... more»
In every product, there is room for improvement. Within CyberArk, I would like to see more support for personal accounts. It can be done right now, but I can imagine changing a few aspects would make this easier and more foolproof. Next to... more»
Automation of access provisioning, maintenance, and de-provisioning based on HR employment status. The ability to add in different applications for proper lifecycle management was critical to a successful and streamlined business operation.... more»
This is based off using Account Courier and Password Courier exclusively, and may not be indicative of more recent features included in the platform. The entire provisioning and management process needed to be driven by manually developed... more»
Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites. These are heavily customizable and can fully integrate with in-house provisioning systems.
Allows users to use a single password across a set of multi-tenant application suites. This would have otherwise required 50-100 unique passwords per application. This allows the user to inject a centralized password (a.k.a. authentication... more»
The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available. The majority of the "IMS profiles" we use are too dangerous to... more»
This tool is in Leader's quadrant in Gartner Quadrant report. Not just because it has more features than other but also it improves the way organization function. CyberArk can be used as many as you can think of. Such Granular ways of... more»
Since this tool major utilizing modules are PAM and PSM, hence AIM and OPM are least considered by client. Client is somehow reluctant to use these features. Yes, i do agree that these Modules are not that friendly but also CyberArk do not... more»
Account discovery, account rotation, and account management features make it a well-rounded application. Account discovery allows for auto-detection to search for new accounts in a specific environment such as an LDAP domain. This allows... more»
In the past, standard practice was to assign role-based rights to standard accounts. Moving away from this structure allows us to require that all heightened access accounts be “checked out” and only operate within a set window. CyberArk... more»
Like any software, improvements and upgrades are a necessity. As CyberArk is used by many Fortune 100 and Global 2000 companies, they offer custom solutions that need to be continuously improved as the company changes. I am looking forward to... more»
WebSEAL is a reverse proxy web server that performs authentication and authorizations. It is similar to CA SiteMinder Secure Proxy Server. The advantage of WebSEAL is that WebSEAL supports SPNEGO protocol and Kerberos authentication to... more»
The combination of TAM with IDM in IBM Tivoli Identity Manager helped us to realize robust and secure authentication infrastructure in accordance with industry regulations and laws. * Providing centralized authentication authority and enforce... more»
Due to a constraint of the built-in browser in a Handy phone (called NTT i-Mode), the former version of TAM could not be used in the Japan market. The issue was resolved by the decline of Japan-specific Handy phones. Cookies were not... more»
* Role Based Access Control * Provisioning, Re-provisioning, De-provisioning and Undo-De-provisioning policies * Data validation policies * Workflows * If Then Else statements * Approval Workflows * Schedule Workflows * Escalation * Virtual... more»
* Heavily Automates - it will automate the entire provisioning, re-provisioning, de-provisioning and undo-de-provisioning tasks * Complete Audit Trail - it gives an audit trail for each and every activity * Increase in accountability –... more»
* Web console – it should have more customization options in terms of look and feel of the landing page * Workflow policies – Additional policies for folder access provisioning * Bring back attestation – Attestation feature is dropped from... more»
Every feature of this product - Password Management, Session Management and so on has its own value depending on different use cases, but I like: * It's a clientless product and does not require any third-party product for any of its... more»
Due to regular growth of an organization infrastructure, managing passwords within the organization becomes extremely difficult. In larger organizations with a large user and infrastructure base, it can be very difficult to ensure that the... more»
CyberArk has evolved a lot in the last 16 years and has nearly all the features required for effective operation. The only area for improvement is using a native client while connecting to the target device instead of the current method of... more»
Over time, it will improve the way my organization functions. We've had some challenges as far as rolling it out, but that's the goal. We have a consistent set of processes, so we need a consistent toolset to be able to disperse across our... more»
One of the things they don't have is, they don't provide support for what are called service accounts, non-human accounts, non-human IDs. That's critical. In addition to that, we have some role mining capabilities that Oracle really hasn't... more»
* Identifies, debugs and models the privileges of your organization, adapting it to business strategies. * Helps discover roles based on available patterns. * Enables review campaigns to certify user privileges, roles and resources,... more»
In the processes where we need to analyze data, IG has enabled and facilitated the analysis of privileges, generation of roles to cover RBAC and integrate with the solution of Identity Manager, as well as the compliance aspect by the... more»
The administrative part is not very intuitive. Actually I think it is because it requires specialization and knowledge in what is done. I found an option to import specific information, but the functionality was non-existent so they have to... more»
We have used CA's security stack. We have used CA Identity Manager, CA SSO, CA Privileged Access Manager Server Control, CA Identity Governance and CA Strong Authentication. The total integration of the product was very beneficial for us.... more»
CA Identity Suite has been extremely helpful for us from the user onboarding/offboarding. We are a company where SOX/PCI, other regulatory compliance is very important to us. It kept us honest from the standpoint of meeting the regulatory... more»
The key feature I would like to see is close loop remediation, which is in conjunction with CA Identity Governance today. That will be one of the key features, including the mobility features on password self-service, which will be another... more»
As a company, the most valuable feature that we have is our almost real-time feed from our HR systems into CA Identity Manager, which then feeds down to all of our directories or applications that an employee could potentially need to access.
The multitude of end-points that we can connect to, whether it is an out-of-the-box connector or through a JNDI or a JDBC connection. We can connect to just about every application that we so far have tried to connect to with relative ease.
One of the biggest features that we are looking at is more cloud-based options. Right now, there is a connector to Office 365. While it is okay for smaller companies like us, as a 300K plus operation, it is not really quite where it needs to... more»
What do our users think about their Identity and Access Management tools?
What do users discuss in their identity and access management reviews in 2017?
What have their experiences been this year?
In the excerpts below, users discuss valuable features and room for improvement for the following... more»
What do IT Central Station community members say about the user provisioning software that they use?
What do IT Central Station community members from larger enterprise companies say about the user provisioning software that they use?
How does Oracle Identity Manager differ from CyberArk... more»
Berkley LambThis article doesn't make sense. these are two different tools with two... more»
After an experience of 7 years in the IT gaming field, the next period was filled with a lot of new informations and oportunities of developement.
Working for a leading system integrator and provider of IT services, has many advantages as access to new technologies, and the ability to learn new... more>>
LinkTo ►► firstname.lastname@example.org ◄◄
All invitations to connect on LinkedIn are welcome - LION - 7K+ Never I D K
Mohammad is a seasoned IT Security Professional with 10+ years of hands on IT experience, He has actively worked on multiple IT Security & Infrastructure Projects for major... more>>
Business requirements analysis and building solution architecture, high level design, detail level design documents and implementation of integrated enterprise solutions
Technologies : WebLogic 11g, Oracle API(or Enterprise) Gateway (OEG Server, Policy Studio, Policy Center, Service Monitor... more>>
• Proficiency in business process mapping, requirement study, client interaction for finalizing requirements and defining functional specifications for application implementation
• An effective communicator with relationship management and problem solving skills
• Ability to... more>>
Senior Consultant - Information Security Engineering
CISSP with 15+ years of enterprise-level experience in Information Security and Identity & Access Management, specializing in Directory Services, Provisioning, Single Sign-on technologies, RBAC, Access Governance, Privileged Identity Management (certified in CyberArk), File Integrity... more>>
10+ years of experience in Information Security covering areas of both enterprise and consumer security – Identity & Access Management. Played various roles in last 10 years across Implementation, Architecting, Design & Development, Support, Pre-Sales, across multiple organizations.
Information Technology and IT Security professional with 7.6 year experience in planning, solution designing implementation/deployment of Privileged Identity management, Security Support and Operations, Process implementation and documentations, LDAP Directories, Privilege Single Sign-On (PSSO),... more>>
Microsoft Forefront Identity Manager
Microsoft Identity Lifecycle Manager
Microsoft Active Directory Federation Services
IBM Tivoli Access Manager
IBM Tivoli Identity Manager
IBM Tivoli Federated Identity Manager
IBM Tivoli Directory Server
IBM Tivoli Enterprise Single Sign... more>>
I have more than 4 years of experience in the field of Oracle Products and have worked on integrating Oracle Banking Platform with many other Oracle Products.
* Oracle Application Development Framework (ADF)
* Oracle Service Oriented Architecture... more>>
A results-driven and customer-focused Software Engineer with 11+ years of IT experience. A Engineer with very strong understanding of IAM concepts and processes and experience in the design and/or architecture of complex security and IAM solutions as well as products.
Last 10+ years working in... more>>
I have been for many years (17) an Innovative 'Business Technology' pursuer, looking to leverage Information Technology to meet the Business Goals and beat the Business Challenges in fast growing and changing Enterprise Business Environments.
10 years of experience and specialises in the design and implementation of enterprise Account Provisioning Systems. Other experiences cover payment gateways, secured mobile FMCG, and secured web applications
a) Total IT Experience - 10 Years
b) Security... more>>
Experienced Professional with a distinguished 16-year career in the IT Infrastructure Management Services Industry. Strong track record of successfully executing IT Projects with proven history of meeting schedule and business goals. Demonstrated ability to support business transformation aiming... more>>
Identification of business needs, Collection of requirements, architecture, Mid-tier and UI design, implementation, testing, deployment and maintenance,
Identity Management Administration and Development
Sr. Consultant with more than 10 years of experience in understanding Business Data flows and designing & coordinating Data Interfaces
Enterprise Solutions implementation, HR and other interfaces, Technical strategy and management
Not sure which Identity and Access Management (IAM) solution is right for you?Download our free Identity and Access Management (IAM) Report and find out what your peers are saying about CyberArk, Oracle, SailPoint, and more!