We performed a comparison between IBM Security Identity Governance and Intelligence, One Identity Active Roles, and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."Lifecycle management, governance and documentation."
"I would rate the price eight out of 10, with 10 as the best value for money."
More IBM Security Identity Governance and Intelligence Pros →
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Secure access is the most valuable feature."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"The solution is stable."
"Self-registration and self-service password management are valuable features. The role modeling feature is also very useful. It allows you to model your enterprise role."
"What I found most valuable in Symantec Identity Governance and Administration is its simple GUI. It's also easy to deploy compared to other products. With other products, you have to install the Windows version inside the Windows machine on all units, but with Symantec Identity Governance and Administration, it can work offline, so the solution is a little bit easier than other systems."
"Out-of-the-box the product has a lot of opportunity for configuration and sophisticated identity management capability."
"It has improved our user management. It is definitely streamlined."
"Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture)."
"It has good endpoint support and endpoint connectivity to different versioning endpoints."
"Streamlines user access, consolidates applications."
"I've used it to manage users, create and update, delete users, change passwords, and assign and change rules."
"The solution is a bit pricey for some regions."
"Self service center is not always easy to understand."
More IBM Security Identity Governance and Intelligence Cons →
"The way you can search groups could be better."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The ability to send logs to a SIEM would be very beneficial."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"Most of the time it just works."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules."
"Reporting could be improved."
"The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."
"The support from Symantec Identity Governance and Administration could improve."
"They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a cloud version."
"Identity Manager has a lack of entitlement support, unlike other products that I have worked with."
"The development process to create this connector is not as easy as I would like."
"There are times that it takes too long to generate reports and to run the assessment tools to collect the information."
More IBM Security Identity Governance and Intelligence Pricing and Cost Advice →
More Symantec Identity Governance and Administration Pricing and Cost Advice →