What is most valuable?
From my experience, most of the product features are meant for specific purpose(s) of its own demand and need. Implementing the feature depends on case to case, considering the organization's enterprise/middleware infrastructure design.
TAM component integration and their SSO capabilities and transparency are the most valuable features I have found.
How has it helped my organization?
It applies access controls on an organization's web space while running on its components independently, while being highly available. We can isolate our organization infrastructure from security considerations, as we have our entire organization security policy centralized, organised & administered from its API.
What needs improvement?
Older TAM versions are not compatible for connecting to a DB. I'm not sure if it is available in iSAM 8/9.
However, since iSAM 9 was released as an appliance model, I don't think having a DB as a TAM database directly makes any difference for the users.
For how long have I used the solution?
I have used it for five years.
What was my experience with deployment of the solution?
We have not encountered any deployment issues. There were a few challenges while implementing ETAI, and ETAI++ integration with the existing infrastructure.
Kerberos setup/run time & virtual hosting concepts have some limitations.
What do I think about the stability of the solution?
We have not encountered many stability issues.
What do I think about the scalability of the solution?
We have not encountered many scalability issues.
How is customer service and technical support?
Customer service is 8/10. Technical Support
Technical support is 8/10.
Which solutions did we use previously?
I have used CA SiteMinder, as well.
I don't see any technical reason for switching a strategic product from IBM TAM. However, considering the iSAM way of making an appliance model, which creates dependency on the cloud for infrastructure, we may think of other options.
How was the initial setup?
Initial setup is straightforward, but we might have to consider the solution architecture to make full use of its components' capacity.
What about the implementation team?
Implementations were in-house projects.
Which other solutions did I evaluate?
Before choosing this product, we evaluated CA SiteMinder and Oracle Access Manager.
What other advice do I have?
It is a very good security product to integrate with any middleware infrastructure.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Mar 07 2017