CA SSO vs. IBM Tivoli Access Manager

CA SSO is ranked 3rd in Single Sign-On (SSO) with 18 reviews vs IBM Tivoli Access Manager which is ranked 4th in Single Sign-On (SSO) with 13 reviews. The top reviewer of CA SSO writes "The flexibility helped us meet the requirements of our customer". The top reviewer of IBM Tivoli Access Manager writes " I can integrate with in-house provisioning systems. The profiling element is complex. ". CA SSO is most compared with Okta, IBM Tivoli Access Manager and Oracle Access Manager. IBM Tivoli Access Manager is most compared with Okta, Oracle Identity Manager (Oracle IAM) and CA SSO. See our CA SSO vs. IBM Tivoli Access Manager report.
You must select at least 2 products to compare!
13,366 views|1,780 comparisons
Most Helpful Review
Find out what your peers are saying about CA SSO vs. IBM Tivoli Access Manager and other solutions.
310,362 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer?I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed.You can quickly deploy the entire product with a basic config within couple of hours.It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.The most valuable feature is the Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways.The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that.If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.

Read more »

The integration effort with the end application is quite straightforward and easy.Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites.SAML 2.0.OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server.The Verify feature: A push method which customers are going for.

Read more »

CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together.The GUIs are not very clear, especially when integrating with other products from CA.The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid.I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur.

Read more »

Multi-factor authentication with social integration needs to improve.The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available.The self-service portal needs improvement.An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help.Looking at their roadmap, they have a broad grasp of the security features which the industry needs.

Read more »

Pricing and Cost Advice
CA solutions are generally expensive but for the customer the ROI is big.I recommend conducting a PoC on every available product before choose one.The price is quite comparable to the other enterprise-level solutions in that market.

Read more »

The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts.

Read more »

Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.
310,362 professionals have used our research since 2012.
Answers from the Community
Tushar Kulkarni
Avg. Rating
Avg. Rating
Top Comparisons
Compared 50% of the time.
Compared 18% of the time.
Compared 6% of the time.
Compared 17% of the time.
Compared 16% of the time.
Also Known As
Single Sign-On, SiteMinderTivoli Access Manager, IBM Security Access Manager
CA Technologies

CA Single Sign-On provides secure single sign-on and flexible access management to applications and Web services on-premise, in the cloud, from a mobile device or a partner’s site. For over a decade, CA Single Sign-On has been a leader in enterprise-class secure Web single sign-on and identity federation, providing a comprehensive solution that addresses access to applications and cloud services.  CA Single Sign-On delivers unparalleled reliability, availability, scalability and manageability.

Take an Assessment

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
Learn more about CA SSO
Learn more about IBM Tivoli Access Manager
Sample Customers
British Telecom, CoreBlox, DBS, HMS, Itera ASA and SimeoEssex Technology Group Inc.
Top Industries
Financial Services Firm43%
Healthcare Company9%
Comms Service Provider9%
Financial Services Firm21%
Manufacturing Company11%
Healthcare Company11%
Insurance Company33%
Financial Services Firm22%
Financial Services Firm19%
Comms Service Provider14%
Marketing Services Firm8%
Company Size
Small Business3%
Midsize Enterprise3%
Large Enterprise94%
Small Business11%
Midsize Enterprise22%
Large Enterprise67%
Small Business30%
Midsize Enterprise11%
Large Enterprise59%
Small Business27%
Midsize Enterprise18%
Large Enterprise55%
Find out what your peers are saying about CA SSO vs. IBM Tivoli Access Manager and other solutions.
310,362 professionals have used our research since 2012.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email