We performed a comparison between One Identity Active Roles, One Identity Safeguard, and SailPoint IdentityIQ based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"It gives us attribute-level control and the AD management features work very well."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"All the features are promising, but we love the reporting feature because we can get each and every report. That's a major compliance requirement. Its reporting is really amazing, and it has made life a lot easier."
"We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff."
"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."
"The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."
"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
"It's a good solution for managing identities under OneFile for authorization."
"One Identity Safeguard is stable and provides great performance."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"SailPoint IdentityIQ has a good and straightforward user interface. They also have a lot of resources and documentation available to understand the process."
"The tool's GUI is user-friendly."
"User provisioning and the role management features are good."
"Provisioning in multiple environments."
"Security and administration for any new/current access."
"The solution is one of the main security products you need to control access and have visibility into what's happening in your organization. It helps with managing access to applications, ensuring governance, and obtaining certifications."
"What I like most about SailPoint IdentityIQ is that it's simple to use and easy to configure and deploy."
"This solution is easy to configure."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"Most of the time it just works."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The way you can search groups could be better."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The solution needs an attestation process that includes certification and recertification attestation."
"Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."
"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"The interface is better now, but it still could be improved a lot. It needs more organization, menus, automatic refresh of information, and Web 2.0."
"There is room for improvement in the launch module. They built in a launch button but they don't have effective instructions for configuring it to allow it to launch an RDP session. They're working on that, but the button is in the live product. If they were going to install something that wasn't useful, they should have just disabled it and not rolled it out with the product."
"There is a lack of documentation and many problems with the plugins."
"It needs more marketing."
"Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."
"One needs to understand that SailPoint is into full-fledged IAM practice with a long-term vision, and customers will get a quick ROI with best practices implementation."
"In the past, we had a lot of problems with SailPoint IdentityIQ, particularly in providing access and provisioning. There were some gaps in the operation of the solution because they were manual rather than automated, and the users and administrators were given access directly via Active Directory, and it wasn't appropriate for us at the time to use. In terms of integration, we could provide a more automated solution after a minimum number of years, but not in the SailPoint IdentityIQ platform, but there were problems in the registration, for example, with putting information inside ADP, but in general, we were able to solve those problems, and after implementing SailPoint IdentityIQ we had increased evaluations."
"Scalability is hard, especially when you are doing it in real time."
"The user interface is not very user-friendly."
"Certifications could include additional access levels or practices."
"They should lower the price and technical support should be better."
"I would like for the next release to have a more user-friendly interface."
"Competitors are advancing by offering integrated solutions encompassing access and privileged access management in a single unified platform. IdentityIQ's focus has remained primarily on identity and access governance, neglecting to expand its offerings to include these additional functionalities within its existing product. Enhancing their product by incorporating modules for access management, privileged access management, and third-party access governance could address this gap."
