Microsoft Forefront [EOL] Review

Has the possibility to code “any” feature requirement, but the web UI needs to be updated to this century

What is our primary use case?

Impossible to give one value because so many things have an effect on the product selection:

  1. Price
  2. Server platform
  3. Amount of built-in integrations (implementation work amount)
  4. Requirements for coded integrations (implementation work amount)
  5. Implementation work and time
  6. Use cases specialties
  7. Role management for users
  8. Service agreements for vendors/sub-vendors
  9. Deprovisioning use cases for selected entities
  10. (Real-)time requirements for provisioning events

What is most valuable?

  1. Price / licensing model
  2. Implementation speed and work amount for first phase
  3. Solid and stable provisioning engine
  4. Possibility to code “any” feature requirement.

How has it helped my organization?

We do not use this product. We implement it for the customers.

What needs improvement?

  1. Real-time provisioning events/triggering
  2. Role management
  3. Role/access/permissions revisioning/verification events (e.g., annually permissions have to be renewed).
  4. Permission deprovisioning for certain use cases (work amount might be high).
  5. No built-in entity model for Service Agreement management and tying those to users and their permissions.
  6. Web user interface from 1990s. Users laugh at it.

For how long have I used the solution?

Four years.

What do I think about the stability of the solution?

  1. SQL deadlocks quite easily, but same happens for a plethora of other IDM products.
  2. Web sessions often timeout after just minutes and there is no clear indication where to tune it.

What do I think about the scalability of the solution?

Product has been enough for our customers’ requirements.

How is customer service and technical support?

A six out of 10.

Which solutions did we use previously?

FIM 2010, SailPoint, and Efecte Identity.

How was the initial setup?

Normal IDM complexity. Always something, but it always can be solved.

What's my experience with pricing, setup cost, and licensing?

Remember that only ‘warm-bodies’ are counted. It is my understanding that the product could be used for ‘machine id’s’ for free, because those do not count as real users.

Which other solutions did I evaluate?

SailPoint and Efecte Identity.

What other advice do I have?

Requirements, use cases, and requirements. Then, how much the customer has budget for it. Do not forgot the expectations of management. Other products fulfill other requirements. It is all about knowing what you buy and get, then settling for what you have bought.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email