WSO2 Identity Server Review

A stable solution for single sign-on and role-based permissions


What is our primary use case?

This tool is a way for data centers to secure their connectivity. My primary use case for this product is to synchronize with the LDAP server, and allow single sign-on, role-based access.

How has it helped my organization?

We are able to use this tool to better secure next generation data centers, which use software defined networks. An example of this is the telecom industry. We will also be using it to develop e-commerce websites.

What is most valuable?

For us, the single sign-on access and the role-based permissions are the major requirement. These are the features that I find most valuable. 

What needs improvement?

I have two suggestions for improving the product. First, improvements have to been made in the high availability architecture. This has to do with the master-slave replication, and how the load balancing is handled between the identity servers. The way in which it is handled has to be improved.

My second suggestion has to do with LDAP synchronization.  Ideally, the agents should be simplified beyond what they are now.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I would rate the solution's stability eight or nine out of ten. It is not crashing or stopping anywhere. I'm not giving a score of ten because of the points for improvement that I mentioned.

What do I think about the scalability of the solution?

The scalability is there. Currently we are able to support more than one hundred thousand users, and we are able to manage them using LDAP.

We have multiple projects where this solution is used. One of these projects has thirty internal users, and the external users are their customers. It is a huge customer base.

Another one of our projects has approximately one hundred users, which will be more than ten thousand customers.

Generally, there are two kinds of projects. The first I call "light", where the customers are the end users. This makes for a very large number of users. The second type of project is an operational team, where there are approximately one hundred users, or real-time operation team members. Their customers will total more than ten thousand.

We do have plans to increase our number of clients.

How are customer service and technical support?

With our subscription, their technical support is really very good. There are a lot of documents available, but they are quite difficult to understand and deploy based on this alone.

If you previously used a different solution, which one did you use and why did you switch?

Beyond evaluating a couple of other products, we did not use a different solution.

How was the initial setup?

I found the initial setup to be easy. It was not complex.

The initial deployment will take two days, maximum, and two team members are sufficient to handle it. After the initial deployment, we had to do further customization on our website. This took us approximately two to three weeks.

We currently have a five member team for maintaining the solution. 

What about the implementation team?

We deployed the solution ourselves.

What was our ROI?

We do recognize a return on our investment. However, because this is only one of the tools in our full solution, I cannot tell you exactly how much this component contributes.

What's my experience with pricing, setup cost, and licensing?

Price matters to us, and the primary reason that we adopted this solution is that it is open source. This means that the actual product is free of cost; however, we do have a support licence that we can pay for by yearly subscription.

We do very well with this. We have to take their support, but that is a minimal charge if I'm comparing it to other identity managers.

Overall, the licensing is ok. If you are paying for support then you will be supported very well.

Which other solutions did I evaluate?

We evaluated a couple of other products before settling on this one. One of the solutions that we tried was CyberArk for privileged access management.

What other advice do I have?

This is a really good, open source product.

I would suggest purchasing a subscription for technical support. It is a lightweight program, and the documentation is sufficient. However, there are specific features that you may want to use, and for this you may need full, in-depth support when it comes time to deploy.

Once you purchase the subscription, it is like a perpetual license. You can do everything yourself.

I would rate this product eight out of ten. Other than the small improvements that I have suggested, it is a very good solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email