IBM Tivoli Access Manager Review
The SSO, URL-based access control, OAuth 2 and OIDC are the most valuable features.


How has it helped my organization?

It provides robust security.

What is most valuable?

The SSO, URL-based access control, OAuth 2 and OIDC are the most valuable features.

The URL-based access control has become more important due to the paradigm shift towards RESTful APIs, i.e., where URLs uniquely represent the resources to be protected. IBM TAM has a rich authorization model which simulates the system/environment to be protected by its protected object space. This makes it easy to visualize the hierarchical model of the end system and to attach ACLs/policies and customized rules, to the objects to be protected.

OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server.

OIDC is fast becoming equally or more popular than SAML and is certainly the modern developers choice for SSO, i.e., for both the cloud/on-prem apps. The newer version of the IBM TAM supports OIDC, which can act as the OIDC provider.

What needs improvement?

The user interface for LMI needs improvement.

The Local Management Interface (LMI), especially for the older IBM Tivoli Appliance Manager (TAM) version, can be improved in terms of overall UI/UX and also, in terms of the performance of the monitoring dashboard.
The LMI for version 9 is much better in that respect.

An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help.

What do I think about the stability of the solution?

There were no stability issues.

What do I think about the scalability of the solution?

There were no scalability issues.

How is customer service and technical support?

I would rate the technical support a 6/10.

What about the implementation team?

The initial setup was of medium level complexity. The subsequent configuration was complex.

What other advice do I have?

Go for the latest version.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Add a Comment

Guest
Why do you like it?

Sign Up with Email