NetIQ Identity Manager Review

If it works, Designer is a charm, but it can be a pain to keep updated.


What is most valuable?

Designer and Analyzer are very nifty tools to deploy new drivers. Also, the iManager fallback for small configuration changes is very handy, but the feature I like the most is the extremely detailed tracing possibilities.

How has it helped my organization?

It saves us a full time employee in account management and once it's in place it is not expensive at all because of the extremely low license fee that is charged by NetIQ in the Netherlands.

What needs improvement?

If it works, Designer is a charm, but it can be a pain to keep updated because of all the Java stuff that regularly goes wrong. A re-installation of the software is necessary in that case.

For how long have I used the solution?

We've been using this and previous versions for the past 10 years.

What was my experience with deployment of the solution?

Yes, there are some bugs in the bi-directional eDirectory driver, most are fixed now and not all of them apply in every situation.

What do I think about the stability of the solution?

Only on the eDirectory of the connected system, which would sometimes crash during driver start-up. We still haven't found a solution for this but it happens only twice a year.

What do I think about the scalability of the solution?

No, and we're currently scaling towards 40+ drivers and 120,000+ identities and it just keeps working. I know of big environments where they fan out changes to a second vault and from there fan out to the connected systems. This, however, is because of the level of complexity of what the university wants to achieve, not because the product itself can't handle it. Also, this is a million+ identity vault.

How are customer service and technical support?

Customer Service:

We've never had official contact with customer service. I do have unofficial contact with them but that's because they're friends.

Technical Support:

I've never needed professional technical support and the community support is excellent.

Which solution did I use previously and why did I switch?

Yes I looked at using different sets of scripts, but they were hard to manage and extremely hard to test.

How was the initial setup?

The initial setup was straightforward and so was the implementation of the initial AD driver. It became a bit harder when we wanted to change user and group placements. Nothing you can't learn from docs and testing it yourself thoroughly though.

What about the implementation team?

First implementation was in-house, second and third (moving to bigger production systems) were outsourced. The vendor team I would rate 9/10.

What was our ROI?

The ROI for the new, very big implementation is about a year. Keep in mind that licenses for this product cost next to nothing and that in this new project we're phasing out other third party tools which cost a lot of money per year.

What's my experience with pricing, setup cost, and licensing?

The costs are unclear but it's an estimated €150,000 to €300,000 for the implementation. We save about half that amount on 14 implementations of other third party software (EduConnector and UMRA's Tools4Ever and ForeFront Identity Manager). License fees amount to about €10,000.- a year for 120,000 identities and about 40 to 50 connected systems.

Which other solutions did I evaluate?

Yes, we also looked at Microsoft ForeFront Identity Manager, UMRA's Tools4Ever and EduConnector (local Dutch software vendor).

What other advice do I have?

NetIQ Identity Manager is by far the most flexible product available, and the pricing is incredibly good, even if you're not situated in the BeNeLux.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
3 Comments
author avatarSenior Software Engineer at a tech vendor
Vendor

Have you considered Oracle's Identity Management solution (OIM)? Oracle is a world-wide company and offers amazing 7x24 support. My experience with their identity solutions are basically, "it just works" too.

author avatarNetwork Engineer with 501-1,000 employees
Vendor

OIM pricing is so far out of our budget (literally hundreds of thousands of dollars a year compared to just thousands of dollars) that we have never considered it. Microsoft Forefront was on the table, but its flexibility and ease of management was just not on par with NetIQ IDM.

author avatarIMConsultant269
Consultant

Nice description Bas, with latest updates it looks to get better and better, especially IDM home which is getting the improved UI. It is one of the best and affordable product on the market and you can't beat event based updates.

Guest