We performed a comparison between IBM Tivoli Access Manager [EOL], Symantec Siteminder, and Tools4ever HelloID based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, Auth0 and others in Single Sign-On (SSO)."OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"The Verify feature: A push method which customers are going for."
"The integration effort with the end application is quite straightforward and easy."
"SAML 2.0."
"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."
"Authentication & Authorization are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO."
"It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days."
"It provides the breadth and the width to provide solutions for the different kinds of technologies which we have."
"As our identity model continues to mature, probably the Federation is most valueable."
"It has the ability to authenticate and authorize users. It is the main feature for our security."
"All of our applications get a point, click, and you are in, while we increase security at the same time."
"Ease of use is very good, for administrating it. It's very well known."
"Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways."
"You don't need to be a specialist in Identity and Access Management solutions to understand the software and configure it."
"The Single Sign-On capabilities are endless and we haven't found a single app so far that couldn't be set up for SSO."
"Now we can easily control who has access to which client or client application."
"The most valuable feature is the option to use SSO from different sources such as Microsoft AD, ADFS, Azure AD, SAML, form-based, etc."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."
"The self-service portal needs improvement."
"Multi-factor authentication with social integration needs to improve."
"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."
"We would like to the OAuth be more stable, more issues being fixed rather than not."
"I would prefer to see their SAML integration be a more streamlined and easier interface."
"The GUIs are not very clear, especially when integrating with other products from CA."
"Some of the new protocols, like OAuth 2.0, could be improved."
"The support could be faster."
"The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur."
"The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live."
"They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting."
"I would like to have the built-in provisioning module improved."
"Integration with other Tools4ever applications such as SSRPM and IAM would be nice."
"When something needs to be changed with the sign-on policies, we have to apply this manually to every client environment that we have."
"Sometimes it generates a username that is not unique, but at the time of this writing, it is not possible to generate a new one that is unique."
More IBM Tivoli Access Manager [EOL] Pricing and Cost Advice →