We performed a comparison between IBM Tivoli Access Manager [EOL], OneLogin by One Identity, and Symantec Siteminder based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, Auth0 and others in Single Sign-On (SSO).
"SAML 2.0."
"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."
"The Verify feature: A push method which customers are going for."
"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"The integration effort with the end application is quite straightforward and easy."
"In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
"The solution's ability to save and manage of all my passwords is great."
"Ease of integration with AD."
"The solution allows the user to search logs based on a specific time."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"It's super useful to have a single pane of glass when it comes to access management."
"The single sign-on and the fact that we can integrate everything in one place and control from there were valuable features of this solution."
"We almost never have outages nor see slowdowns."
"SAML is the best thing we're using right now because there is no need for creating an external account."
"It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days."
"It has the ability to authenticate and authorize users. It is the main feature for our security."
"It's agent-based. It's convenient to deploy and integrate."
"Right now, federation that comes out-of-the-box with single sign-on is the most valuable feature that we have, and also scalability."
"It is very scalable. We have a very large customer base: 75 million customers."
"Authentication & Authorization are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO."
"Multi-factor authentication with social integration needs to improve."
"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."
"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"The self-service portal needs improvement."
"OneLogin offers a Virtual LDAP feature that we utilize, although it differs slightly from traditional LDAP servers."
"More off-hour support."
"having a RESTful implementation instead of RPC would have been more desirable."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"The tool must be made more robust."
"To offboard, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that."
"I'd like OneLogin to have a customization section that displays the company's offerings, categorized by different topics."
"This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users."
"In future releases, I would like to see maybe more capabilities with some more modern authentication."
"I'd like to see a rework of the user directory configuration."
"The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live."
"An area Siteminder could improve on is that there are a few limitations, in terms of new protocols for OpenID. If I want to have different scopes, the features are limited. They also do not have APIs exposed, which is a major drawback. API is a feature I would like to see included in the next release."
"Better documentation. I went through some sessions on single sign-on for version 12.7."
"All the problems that we reported actually have never been resolved. We could not capture enough information for CA to be able to debug the problem."
"They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting."
"To add more value to this solution it needs to be more user-friendly."
More IBM Tivoli Access Manager [EOL] Pricing and Cost Advice →
Earn 20 points
Earn 20 points
