We performed a comparison between IBM Tivoli Access Manager [EOL], Okta Workforce Identity, and Symantec Siteminder based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, Auth0 and others in Single Sign-On (SSO)."The integration effort with the end application is quite straightforward and easy."
"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"The Verify feature: A push method which customers are going for."
"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."
"SAML 2.0."
"It made things a lot easier, especially with passwords."
"What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method that enabled you to define that only the trusted devices including the Workspace One agent were able to access the applications directly without an additional authentication step."
"The most valuable features of Okta Workforce Identity are MFA, and SSO, which have high security."
"We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days."
"The most valuable features are ease of operation and visibility."
"The product is easy to use."
"The support for YubiKey is really good because you don't actually have to type in your username and password."
"The solution so far has been very stable."
"It is reliable."
"I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed."
"It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days."
"It has the ability to authenticate and authorize users. It is the main feature for our security."
"Ease of use is very good, for administrating it. It's very well known."
"If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On."
"A valuable feature of Siteminder is the way it handles bulk traffic. The features it has, in terms of routing the traffic and load balancing, are good."
"SAML is the best thing we're using right now because there is no need for creating an external account."
"Multi-factor authentication with social integration needs to improve."
"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."
"The self-service portal needs improvement."
"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"In some setup cases, there are issues with attributes not going in properly."
"The integration with third-party tools needs to be improved."
"Therefore, if you have 10 million users, that's almost 100 million, so it is costly."
"A room for improvement in Okta Workforce Identity is its price. It could be cheaper. The biggest benefit of the solution is that everything works securely without extra steps, so you're saving on your workforce's time and effort because your applications work smoothly and securely, but you'd need to pay some amount of money for that. Another area that could be improved, though not necessarily regarding Okta Workforce Identity, is the SSO applications because so many of the source applications charge extra money to put the SSO to work, which means you have to buy a more expensive license. Nowadays, SSO is a mainstream functionality and it should be out-of-the-box in those applications because it's so easy to set up."
"It's not compatible with on-premises installations, unless you host it as a SaaS. We were not able to do that. For example, imagine a scenario where the cloud is not available. Then, Okta will not work for you. That use case will readily fail because it doesn't have an on-premises installation that you can use to authenticate or provide identity and access management. If you have a purely on-premises solution that is not connected to the internet, then this will not work. This is one area that can be improved."
"The only area of concern in the solution stems from the fact that my company needs some help regarding the setup phase from a partner."
"Application updates are lacking. Customer support needs to be improved."
"Okta Workforce Identity could improve the way passwords are reset and how it interfaces with Microsoft."
"The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur."
"In future releases, I would like to see maybe more capabilities with some more modern authentication."
"They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting."
"We are finding some compatibility issues. We're still working with CA on them."
"As we are moving in to the mobility space, this is where we really see SiteMinder and their other product really come together to provide a solution base to a different area where the IoT is coming, the different business communications are happening. All of those things require authentication and we really want to see this product grow into that role."
"The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid."
"If the reporting feature can be integrated into SSO itself that will be an icing on the cake."
"The tech support has not been very good for us so we don't use them anymore. We have had some issues. Nobody is perfect."
More IBM Tivoli Access Manager [EOL] Pricing and Cost Advice →
Earn 20 points
Earn 20 points