We performed a comparison between IBM Security Identity Governance and Intelligence, One Identity Active Roles, and SailPoint IdentityIQ based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."I would rate the price eight out of 10, with 10 as the best value for money."
"Lifecycle management, governance and documentation."
More IBM Security Identity Governance and Intelligence Pros →
"Active Roles improved the management of users, groups, and AD objects in the organization."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"Secure access is the most valuable feature."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"This solution has improved our organization through its ease of application onboarding, approvals, provisioning, and lifecycle UI performance."
"The solution is stable and reliable."
"The Certification and Provisioning features are most valuable."
"The solution is very good at the management of the identity lifecycle."
"The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure."
"One of the most valuable aspects of SailPoint is its open integration interface."
"We are happy with the SailPoint IdentityIQ’s stability."
"This solution is easy to configure."
"The solution is a bit pricey for some regions."
"Self service center is not always easy to understand."
More IBM Security Identity Governance and Intelligence Cons →
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"The solution needs an attestation process that includes certification and recertification attestation."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"It is not readily available and cannot be downloaded from the net."
"In the past, we had a lot of problems with SailPoint IdentityIQ, particularly in providing access and provisioning. There were some gaps in the operation of the solution because they were manual rather than automated, and the users and administrators were given access directly via Active Directory, and it wasn't appropriate for us at the time to use. In terms of integration, we could provide a more automated solution after a minimum number of years, but not in the SailPoint IdentityIQ platform, but there were problems in the registration, for example, with putting information inside ADP, but in general, we were able to solve those problems, and after implementing SailPoint IdentityIQ we had increased evaluations."
"I would like for the next release to have a more user-friendly interface."
"The connector for EPIC, ServiceNow, and Duo."
"What it doesn't do is provide notice in the event of a vulnerability or offense from the security."
"Regarding the scope for improvement in the solution, reporting is an area that can be a bit more UI-oriented."
"It tends to be more expensive, but at the end of the day, it works."
"The mover process for this solution could be improved."
More IBM Security Identity Governance and Intelligence Pricing and Cost Advice →