CA Identity Suite [EOL] Review

Eliminates multiple infrastructure requirements and products, gives a holistic view of access granting

What is our primary use case?

We are using it for internal user policing and user attestation, and it is covering almost all the use cases that we are looking for.

How has it helped my organization?

With the Virtual Appliance, combined with CA Identity Manager and GovernanceMinder as one solution, it eliminates having multiple infrastructure requirements, multiple products, and gives a holistic view of access granting.

What is most valuable?

Before I used CA Identity Suite, it was a separately installed component, nowadays offered as a Virtual Appliance, and that saves considerable time for installing and controlling it.

Deployment Express saves time for modifications and things like that. 

User attestation and role mining capability for governance.

What needs improvement?

I really haven't thought about features for that next release because it is addressing all of our needs right now. 

I would say, there is one. If there was a seamless integration between portal and IdentityMinder, then that would help a bit, but I don't see many challenges yet.

I know the product so well I find it easy the way it is right now. And because the Virtual Appliance has combined everything - there was a time when the installation was a little complex. But the Virtual Appliance makes it easy now. You can spin up IDM or Identity Suite in a few hours and it is ready to use.

For how long have I used the solution?

Still implementing.

What do I think about the stability of the solution?

I have been using CA Identity Manager and GovernanceMinder for a long time, maybe eight, nine years now, and I've found in certain cases it may not be that stable. And that will be purely because of way it is implemented. 

But the way I have been implementing this product it is extremely stable and can sustain access.

What do I think about the scalability of the solution?

I have never worried about the scalability of the product. It is scalable for horizontal and vertical, however you want to scale. And with Virtual Appliance it is excellent, easy to scale the environment.

How is customer service and technical support?

We are in the middle of implementation of Identity Suite and we have used technical support for a few things, but they were just knowledge-gap types of things. Nothing major.

Technical support is easy. All of the CA portal is trying to get the most out of the knowledge that they already have. And I think that they're doing a good job there.

CA technical support sticks to their SLAs on response time. They try to get that right, knowledgeable person on the call. If the person is not able to act, they go and reach out to the engineering or wherever he can to get the job done.

Which solutions did we use previously?

I use a couple of different solutions. 

I have been working in this field for twelve years now, and comparing all of the products, the major thing that stands out is, I can have my security engineers do their job of security engineering rather than building their own solution. Of course, you have to do a little bit of a customization building something, which really falls outside of the product, but to build basic provisioning and attestation processes, you don't have to do much customization. 

I don't have to use this product as a development tool to develop something which is a custom need for the organization. I can have my security engineers do the security engineering and looking at the security holes, and streamlining the provisioning processes, rather than customizing something to make the business processes.

How was the initial setup?

I am involved in the initial setup by directing, designing it, and setting up a part for the administration of CA Identity Suite.

IM itself is a complex topic, but with the knowledge that I have, I find it very easy. And there are, out of the box, some key features like Policy Xpress, Connector Xpress.

It can be complex based on the environment. But if you design it correctly and change your processes to be realistic, I think it's not complex. It's just: What do you want to do?

Which other solutions did I evaluate?

I was looking at Oracle, and SailPoint, and CA.

What other advice do I have?

Regarding the important criteria when selecting a vendor, first is the product capabilities, the requirements for the product, and how easily it can address them.

The next thing, obviously, is the relationship, what they can offer. The most important thing with CA is that they go beyond their capability, beyond their commitments, to make customer the successful. And that applies to the product team, the support team, the customer relationship; whichever team you take at CA, I think they go above and beyond to make the customer successful. That's the most important part of it. 

There are a lot of good products on the market but most products need a lot of customization to get there. With Identity Suite, the security engineer can focus on the identity management topic, and give the business processes confidence easily.

I give Identity Suite a nine out of 10. The one point I'm withholding is because the IM space, specifically the Identity Access Management provisioning side of it, is constantly changing. But it's really the best.

If you are going for a similar solution, I would really see how much development time you are putting into your solution. Maybe there is a solution that is easy to install but then, in the entire lifecycle of that product, the installation is about 20 - 30%. The other 70% is the administration of the product.

IdentityMinder has a really easy way of installing it right now - the Virtual Appliance, obviously.

And the other thing is, you don't have to go out of the product range to develop something, to have a business process integration done, and the basic role mining administration done. There are some instances where you have to go for customization, but as compared to other products, it is not that often. You don't need to have the development skill set on your staff, as compared what you would need for other products.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email