Compare CA SSO vs. One Identity Active Roles

CA SSO is ranked 3rd in Access Management with 16 reviews while One Identity Active Roles which is ranked 5th in Access Management with 6 reviews. CA SSO is rated 8.2, while One Identity Active Roles is rated 8.8. The top reviewer of CA SSO writes "The flexibility helped us meet the requirements of our customer". On the other hand, the top reviewer of One Identity Active Roles writes "Management features offer added value by showing more fields, while automation helps mitigate risk". CA SSO is most compared with Okta, Ping Identity and Oracle Access Manager, whereas One Identity Active Roles is most compared with One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes. See our CA SSO vs. One Identity Active Roles report.
Cancel
You must select at least 2 products to compare!
CA SSO Logo
14,353 views|1,956 comparisons
Most Helpful Review
Find out what your peers are saying about CA SSO vs. One Identity Active Roles and other solutions. Updated: July 2019.
361,058 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer?I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed.You can quickly deploy the entire product with a basic config within couple of hours.It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.The most valuable feature is the Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways.The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that.If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.

Read more »

The provisioning and deprovisioning saves a lot of time and skips a lot of errors.It gives us attribute-level control and the AD management features work very well.It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool.The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see.It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system.

Read more »

Cons
CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together.The GUIs are not very clear, especially when integrating with other products from CA.The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid.I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur.

Read more »

For the AAD management feature, it needs to improve the objects that we can manage and the security.Most of the time it just works.It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch.For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript.

Read more »

Pricing and Cost Advice
CA solutions are generally expensive but for the customer the ROI is big.I recommend conducting a PoC on every available product before choose one.The price is quite comparable to the other enterprise-level solutions in that market.

Read more »

The licensing model is a simple user-based model, not that much complicated.

Read more »

report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
361,058 professionals have used our research since 2012.
Ranking
3rd
out of 22 in Access Management
Views
14,353
Comparisons
1,956
Reviews
16
Average Words per Review
652
Avg. Rating
8.1
5th
out of 22 in Access Management
Views
4,024
Comparisons
1,017
Reviews
6
Average Words per Review
585
Avg. Rating
8.8
Top Comparisons
Compared 56% of the time.
Compared 9% of the time.
Compared 6% of the time.
Also Known As
Single Sign-On, SiteMinderQuest Active Roles
Learn
CA Technologies
One Identity
Overview

CA Single Sign-On provides secure single sign-on and flexible access management to applications and Web services on-premise, in the cloud, from a mobile device or a partner’s site. For over a decade, CA Single Sign-On has been a leader in enterprise-class secure Web single sign-on and identity federation, providing a comprehensive solution that addresses access to applications and cloud services.  CA Single Sign-On delivers unparalleled reliability, availability, scalability and manageability.

Take an Assessment

Active Roles is a single, unified and rich tool to automate the most troublesome user and group management tasks. With One Identity Active Roles, you can streamline user and group administration, solve security issues – and meet those never-ending compliance requirements by managing and securing on-prem, and cloud AD resources simply and efficiently with a single, intuitive solution.

Offer
Learn more about CA SSO
Learn more about One Identity Active Roles
Sample Customers
British Telecom, CoreBlox, DBS, HMS, Itera ASA and SimeoCity of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Find out what your peers are saying about CA SSO vs. One Identity Active Roles and other solutions. Updated: July 2019.
361,058 professionals have used our research since 2012.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email