NetIQ Identity Manager Review

It is reliabile when it comes to synchronizing directories.


What is most valuable?

Its reliability when it comes to synchronizing directories is the most valuable feature. It is very safe to be based on events.

How has it helped my organization?

For many years we had Novell eDirectory as the main directory, to which was added LDAP, AS400, Active Directory, Google, and SAP.

The greater strength was to keep the identities synchronized without failures in both attributes and passwords. The provisioning of identities at reasonable times greatly reduces the time of a new user's registration.

What needs improvement?

The Operations and Information Security.

For how long have I used the solution?

We have been using this solution for 15 years, i.e., since its inception and the time it was called Novell NDS for NT.

What do I think about the stability of the solution?

There were no stability issues, IDM is one of Novell's most stable products. Errors are human, just be careful in its use.

What do I think about the scalability of the solution?

There were no scalability issues. In fact, we have incorporated many users by acquisitions and it is safe to climb; your performance does not degrade.

How are customer service and technical support?

Technical support is very good, but in my country the ecosystem of consultants is scarce. In Argentina, in addition to Micro Focus (previously Novell), there are only two or three partners whose focus is IDM. But the few that are there, they possess very good technical level, generally ex-Novell.

Which solution did I use previously and why did I switch?

A few years ago, I had the opportunity to analyze its competitors. IBM and Oracle and both were horrible; especially Oracle as it is difficult to implement, has unfriendly interfaces, there is an absence of connectors, and there are almost no specialists in the region. Oracle did not even work.

How was the initial setup?

Given that identity management is itself an IT specialization that requires a lot of knowledge, the implementation is simple. That is to say, if it is clear that the tool is intended, sinceneeds can vary from a simple synchronization of keys to a complete and automated process.

What's my experience with pricing, setup cost, and licensing?

IDM licensing has accessible values even for installations of thousands of users. Once the input values were not so cheap, but the annual maintenance is very accessible. The ROI is seen in the hours saved in provisioning.

Which other solutions did I evaluate?

We first had IDM for several years and then, compared it to IBM and Oracle against aggressive bidding; these were not worthwhile though.

What other advice do I have?

Analyze if you want to unify the keys of different identities of the same user or if you want to propagate an identity in several platforms. The latter option is recommended, although it demands more effort.

Go little by little. Install the core in a new metadirectory, separate from the production one, and implement the one-to-one connectors. This is advisable because the impact on the end user is high (in the positive sense) since it is still a change. Then, take advantage of all of its functionalities, as it is common to see that after installation, several connectors do not use other parts of the tool. For example, the role-based authorization flows, circuits to request a device, or automation of response by the loss of passwords.

Do not confuse identity management with single sign-on. This is another discipline and there are other products for it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
2 Comments
author avatarStormy Steigenga, Cissp
Real User

I agree, it does a good job with password syncing between directories.

author avatarSylvainMaertchik
TOP 5LEADERBOARDReal User

As a IDM consultant, I manage several NetIQ IDM production site and the synchronization engine works well without any problem.

Guest
Sign Up with Email