Best Account & User Provisioning Software: Reviews & Comparisons
To help you find the best user provisioning software, IT Central Station ranked them based on hundreds of real user reviews, from our esteemed community of enterprise technology professionals. You'll find comparisons of pricing, performance, features, stability and many other criteria. Read below to find out what your peers have to say about provisioning software vendors such as Oracle, SailPoint, IBM, CA Technologies and others.
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score.
The score is calculated as follows: The product with the highest count in each area gets the highest available score.
(20 points for Reviews; 16 points for Views, Comparisons, and Followers.)
Every other product gets assigned points based on its total in proportion to the #1 product in
that area. For example, if a product has 80% of the number of reviews compared to the product
with the most reviews then the product's score for reviews would be 20% (weighting factor) *
80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our
rating scale of 1-10. If a product has fewer than ten reviews, the point contribution
for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews;
two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old,
as well as those written by resellers, are completely excluded from the ranking algorithm.
The best part of Oracle Identity Manager is how well it will align to the business. There are features that are more generally required by business and you can easily get them with Oracle Identity Manager. If you compare it with Azure, with... more»
When I joined my project, they had been using a meta directory for identity management and application provisioning. There were around 150,000 active accounts, out of which many were redundant. They had left the organization 10 years ago.... more»
One thing is the size of the infrastructure that is required for Oracle to implement. In addition, the maintenance cost and pricing. With an Oracle implementation, we need to have a high availability of infrastructure where you need a minimum... more»
* The GUI is very impressive and clean (even cleaner and minimalistic in v7). * JobQueueInfo does an amazing job tracking all processes. * Synchronizations are easy to set up. * Reporting capabilities are fantastic once you get the hang of... more»
* Auditing becomes easier from an admin perspective. * There is more control over everything. * Processes are much better defined. * People tend to take some functional roles much more seriously. There were some roles that were very old in... more»
* DBQueue processes can bottleneck the system at times. In v7, its apparently re-architectured, and is better. There can be too many of them and they process very slowly, causing actual processes to take a lot more time to complete. * There... more»
I like the core functionality of what IBM provides, like provisioning the triggers. Also, how you can maintain not only SAP back end systems, but non-SAP. The functionality that IBM provides if you're able to implement a certain logic, and if... more»
The current functionality allows you only to change one user at a time. There is no option to maintain the business roles from the UI using like standard validation, imports, or whatever you have to build your business roles one by one.... more»
Automation of access provisioning, maintenance, and de-provisioning based on HR employment status. The ability to add in different applications for proper lifecycle management was critical to a successful and streamlined business operation.... more»
This is based off using Account Courier and Password Courier exclusively, and may not be indicative of more recent features included in the platform. The entire provisioning and management process needed to be driven by manually developed... more»
Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites. These are heavily customizable and can fully integrate with in-house provisioning systems.
Allows users to use a single password across a set of multi-tenant application suites. This would have otherwise required 50-100 unique passwords per application. This allows the user to inject a centralized password (a.k.a. authentication... more»
The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available. The majority of the "IMS profiles" we use are too dangerous to... more»
WebSEAL is a reverse proxy web server that performs authentication and authorizations. It is similar to CA SiteMinder Secure Proxy Server. The advantage of WebSEAL is that WebSEAL supports SPNEGO protocol and Kerberos authentication to... more»
The combination of TAM with IDM in IBM Tivoli Identity Manager helped us to realize robust and secure authentication infrastructure in accordance with industry regulations and laws. * Providing centralized authentication authority and enforce... more»
Due to a constraint of the built-in browser in a Handy phone (called NTT i-Mode), the former version of TAM could not be used in the Japan market. The issue was resolved by the decline of Japan-specific Handy phones. Cookies were not... more»
* Role Based Access Control * Provisioning, Re-provisioning, De-provisioning and Undo-De-provisioning policies * Data validation policies * Workflows * If Then Else statements * Approval Workflows * Schedule Workflows * Escalation * Virtual... more»
* Heavily Automates - it will automate the entire provisioning, re-provisioning, de-provisioning and undo-de-provisioning tasks * Complete Audit Trail - it gives an audit trail for each and every activity * Increase in accountability –... more»
* Web console – it should have more customization options in terms of look and feel of the landing page * Workflow policies – Additional policies for folder access provisioning * Bring back attestation – Attestation feature is dropped from... more»
Over time, it will improve the way my organization functions. We've had some challenges as far as rolling it out, but that's the goal. We have a consistent set of processes, so we need a consistent toolset to be able to disperse across our... more»
One of the things they don't have is, they don't provide support for what are called service accounts, non-human accounts, non-human IDs. That's critical. In addition to that, we have some role mining capabilities that Oracle really hasn't... more»
* Identifies, debugs and models the privileges of your organization, adapting it to business strategies. * Helps discover roles based on available patterns. * Enables review campaigns to certify user privileges, roles and resources,... more»
In the processes where we need to analyze data, IG has enabled and facilitated the analysis of privileges, generation of roles to cover RBAC and integrate with the solution of Identity Manager, as well as the compliance aspect by the... more»
The administrative part is not very intuitive. Actually I think it is because it requires specialization and knowledge in what is done. I found an option to import specific information, but the functionality was non-existent so they have to... more»
As a company, the most valuable feature that we have is our almost real-time feed from our HR systems into CA Identity Manager, which then feeds down to all of our directories or applications that an employee could potentially need to access.
The multitude of end-points that we can connect to, whether it is an out-of-the-box connector or through a JNDI or a JDBC connection. We can connect to just about every application that we so far have tried to connect to with relative ease.
One of the biggest features that we are looking at is more cloud-based options. Right now, there is a connector to Office 365. While it is okay for smaller companies like us, as a 300K plus operation, it is not really quite where it needs to... more»
The most valuable features are the comprehensiveness; the whole identity lifecycle management; the centralized view of people requesting access to provisioning, to SLD, and to access review; basically, the whole suite. The features are there.... more»
I would like them to focus on profile-based provisioning and make what we call the birthright access management. We need to have an easier way for people to find out the birthright rules and based on the birthright roles, the people get... more»
* Highly customizable is one of the main advantages of the ForgeRock product. I personally like the Custom Authentication Modules design. * Ability of ForgeRock support and its development team to provide patches and functionalities. * Highly... more»
For the current client environment, we have started with ForgeRock OpenAM 13.0.0 version and asked for many patches and features for our solutions. The ForgeRock team added functionalities in the form of patches and version upgrades so... more»
Similar to other products, they do have some improvement scope the in the documentation part. I do feel they became more organized and better, in terms of documenting, as they are growing with the new versions, but there is also more scope.... more»
A number of new features, such as application firewall and load balancer, were added to this solution. These features are no longer available as a software version, but only as an appliance (virtual or hard). The same appliance firmware... more»
It acts as a reverse proxy, a single point for authentication and authorization. Advanced access control introduces adaptive or risk-based authentication. Federation makes it possible to federate using SAML and OAuth.
I would like to see the possibility to administer the appliances from one “master” appliance, instead of having to log in to each particular appliance. If you have for example 4 appliances, two act as reverse proxy and two as master... more»
For many years we had Novell eDirectory as the main directory, to which was added LDAP, AS400, Active Directory, Google, and SAP. The greater strength was to keep the identities synchronized without failures in both attributes and passwords.... more»
We had a 20 year old provisioning system which was built primarily for manual activities. Identify Manager helped us move to a more automated model with fewer manual interactions. This definitely had a lot of added value for us.
Keeping up with the market and support for functionality and other core endpoints like Active Directory and Exchange that right now seems to be missing. So it needs a little more work around keeping up with what the industry is going.
Currently, it is only for select users, but the infrastructure is in place to expand to a larger group. The increased security for those users is beneficial, as well as getting them used to the app. Just getting used to 2FA is a benefit, as... more»
The gateway server is a RADIUS server, but it lacks the functionality of returning RADIUS attributes other than those that are required for the gateway to authenticate the users. This could be improved a lot by providing additional values,... more»
* The xPress technologies Through the implementation of "Identity Suite Virtual Appliance" have created a supremely quick and convenient way to install with even high availability. Multiple scenarios available on a single console.
It has increased our automation and maintenance of SLA security functions. Additional compliance of all activity relate to provisioning, self-service, and all critical transaction of security management.
The following is a list of features that I have observed being used by my client that I have implemented: 1. User identity provisioning & lifecycle management 2. User Identity Profile/Attribute management 3. Self-Service Tool for end-user... more»
I have seen an organization benefit through the automation of mundane repeat tasks related to setting up user identities, and managing user access as per a defined role. One of the key business driving factors for OIM implementation has been... more»
The underlying architecture of the product is quite complex and hard to maintain and troubleshoot. Self-Service capabilities are quite limited, and the out-of-box capabilities are limited and customizations are quite complex.
Once it's in place, it's easy to use. You definitely need insight into how your company provides access to users. Especially if it's going to be role based, which most of it is. It reduces the amount of time needed for analysts to provision... more»
I'd like to see the user interface be a little bit better as far as deploying the infrastructure, the back end, but I hear that it's coming. Most of the troubleshooting workflow is based on logs, so if the logs were consolidated we would need... more»
Oracle Identity Manager is not in production yet. We are evaluating the product. There is a very strong motivation to get it out there into production and there is a need for it. Sooner or later, we will be doing it. We need an application to allow role-based access. That is our next phase of implementation. We need to get there. Once our current engagements are... more»
My pain point was while migrating my current user base. There is a certain point during that phase of the install where, if you get past it and make a mistake, there is no possibility of going back to a point before the mistake was done. If you cross that point, you have to start all over. That was my bad experience. I had to try it over and over to understand... more»
What do our users think about their Identity and Access Management tools?
What do users discuss in their identity and access management reviews in 2017?
What have their experiences been this year?
In the excerpts below, users discuss valuable features and room for improvement for the following... more»
Technology Architect with over 16 Years of IT experience in software Industry in diverse areas like Reliability Engineering, Program,Project and Process Management, Team Management, Operations Management, Database Administration, Design, Development, System analysis and Study, Implementation,... more>>
Business requirements analysis and building solution architecture, high level design, detail level design documents and implementation of integrated enterprise solutions
Technologies : WebLogic 11g, Oracle API(or Enterprise) Gateway (OEG Server, Policy Studio, Policy Center, Service Monitor... more>>
CISSP - Certified Information Systems Security Professional (ISC)² , certified IT security professional and having technological forte in the area of IDAM (Identity and Access Management) solutions, Federation , Web Services security, SOA and middle-ware security .
Worked extensively with... more>>
10+ years of experience in Information Security covering areas of both enterprise and consumer security – Identity & Access Management. Played various roles in last 10 years across Implementation, Architecting, Design & Development, Support, Pre-Sales, across multiple organizations.
As a technical lead lead in Wipro, I am working with a team managing the identity and access for a secured environment for a banking client.
In total I have about 9 years of industry experience with Telecom and banking domains.
My niche is IBM Security Access Manager (WebSEAL) along with... more>>
Identity and Access management professional with 4 year and 3 months experience in the areas of Internet Security using IBM and Oracle tools and Technologies.
Engagement in some of the large scale environment like SBI General Insurance Corporation Ltd (INDIA), UK Asset Resolution (UK) and... more>>
Microsoft Forefront Identity Manager
Microsoft Identity Lifecycle Manager
Microsoft Active Directory Federation Services
IBM Tivoli Access Manager
IBM Tivoli Identity Manager
IBM Tivoli Federated Identity Manager
IBM Tivoli Directory Server
IBM Tivoli Enterprise Single Sign... more>>
I have more than 4 years of experience in the field of Oracle Products and have worked on integrating Oracle Banking Platform with many other Oracle Products.
* Oracle Application Development Framework (ADF)
* Oracle Service Oriented Architecture... more>>
Over 9+ years of experience with technical exposure in IDM and ERP solutions. Lead a team of IDM Developers before moving on to become a senior consultant. Have exposure of both CA and Oracle IDM Products
Specialties: Identity and Access Management. Information security. Governance.
I have been for many years (17) an Innovative 'Business Technology' pursuer, looking to leverage Information Technology to meet the Business Goals and beat the Business Challenges in fast growing and changing Enterprise Business Environments.
10 years of experience and specialises in the design and implementation of enterprise Account Provisioning Systems. Other experiences cover payment gateways, secured mobile FMCG, and secured web applications
a) Total IT Experience - 10 Years
b) Security... more>>
Identification of business needs, Collection of requirements, architecture, Mid-tier and UI design, implementation, testing, deployment and maintenance,
Identity Management Administration and Development
A results-driven and customer-focused Software Engineer with 11+ years of IT experience. A Engineer with very strong understanding of IAM concepts and processes and experience in the design and/or architecture of complex security and IAM solutions as well as products.
Last 10+ years working in... more>>
8 years of experience in Identity and Access Management and Information Security Domain.
Key player in execution of IAM projects for multiple clients in various domains like telecom, retail, banking, insurance, health care.
Expertise in design and implementation of Identity and Access... more>>
Sr. Consultant with more than 10 years of experience in understanding Business Data flows and designing & coordinating Data Interfaces
Enterprise Solutions implementation, HR and other interfaces, Technical strategy and management