CA Identity Manager (CA IDM) Review

Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.


Improvements to My Organization:

We previously manually provisioned staff, but now Identity Manager allows us to do auto-provisioning. Auto-provisioning means that when there's any HR activity associated with an employee, it automatically, for example, de-provisions if the employee is fired or moves positions with different access privileges.

We used to have a manual for new hired instructing them to send and email or make a phone call. It used to take 7 days for this process, for example, if we hired a $200/hour consultant. It didn't matter from a security admin perspective because they knew the new hire was coming on board, but it took a lot of manual effort and time.
Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.

Room for Improvement:

I'd like to see it better integrated with the other CA security products.

Deployment Issues:

We've had no issues with deployment.

Stability Issues:

We're still executing Identity Manager, so far we haven't had a very bad experience. It looks like it's good, but we still have to learn a lot about how to use the product, but so far from what we've seen, it's a prominent product.

Scalability Issues:

We scaled for fifteen targeted endpoints. We are still at six, so we are still within the scoping half of what we anticipated. So far, so good.

Initial Setup:

The initial setup was IDM v8, but we could not really upgrade to v12. I don't remember on top of my head what were the technical reasons because the product has changed quite dramatically. It's a completely different architecture and everything, but the migrations we are doing now, from one version of 12 to another is quite straightforward.

Other Advice:

Have something in your mind, like a handful of targeted endpoints. Stick with them, implement it, then extend to the others. Don't just change your scope.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email