F5 BIG-IP Access Policy Manager (APM) vs One Identity Active Roles comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between F5 BIG-IP Access Policy Manager (APM) and One Identity Active Roles based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Zscaler, Palo Alto Networks and others in Secure Web Gateways (SWG).
To learn more, read our detailed Secure Web Gateways (SWG) Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"On the outside, the main differentiation is because Lookout ingest. They have ingested basically all of the apps for the last ten years and all the versions of all the apps, and we have that in a corporate database that allows us to do very large-scale machine learning and analysis on that data set. That's not something that any of the competitors really have the capability to do because they don't have access to the data set. A lot of the apps you can no longer get them because that version of the app is five or six years old, and it just doesn't exist anywhere anymore, except within our infrastructure. So, the ability to have that very rich dataset and learn from that dataset is a real differentiator.""The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade.""The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices.""The solution is stable."

More Lookout Pros →

"F5 BIG-IP APM is relatively easy to use.""The tool is reliable and easy to configure.""Stickiness is the most valuable feature of the product.""The product allows us to create customized portals for your users.""The performance of the solution is valuable.""The solution is stable and reliable.""The most valuable feature is the virtual IP creation. It's our most frequently used feature.""We have seen a return on investment from F5 BIG-IP Access Policy Manager. It provided access at a time when we didn't have it."

More F5 BIG-IP Access Policy Manager (APM) Pros →

"It gives us attribute-level control and the AD management features work very well.""The solution is stable.""The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them.""It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool.""In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well.""Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner.""Active Roles improved the management of users, groups, and AD objects in the organization.""The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."

More One Identity Active Roles Pros →

Cons
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products.""Lookout was moving into the SSE space. And so their work on SecureWeb Gateway and SD-WAN is still sort of evolving.""The stability depends on the service from where you access it. Because sometimes, the place you are in, you have Gateway. You don't have Gateway. The gateway is overutilized. At the end, you need to go through their gateways. And this is the key point here. You have a tracking point. If it's not well orchestrated, and it scales up as you add more to the existing team, you will suffer""We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."

More Lookout Cons →

"The initial setup was complex.""F5 BIG-IP Access Policy Manager has room for improvement in integration with other products.""Integrating identity providers and single sign-on solutions can simplify user authentication and access control.""The solution’s GUI looks very old.""The solution is quite costly.""The operational deployment is not great.""We do not have knowledgeable support teams locally.""In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the CLI side."

More F5 BIG-IP Access Policy Manager (APM) Cons →

"The initial setup was quite easy, but it was time-consuming. It took about three months.""In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets.""Most of the time it just works.""I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget.""The way you can search groups could be better.""The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint.""There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them.""The solution needs an attestation process that includes certification and recertification attestation."

More One Identity Active Roles Cons →

Pricing and Cost Advice
  • "The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it."
  • "Lookout is definitely on the lower end when it comes to price point and that seems to be the only differentiator. The technology is in place in this space and it's really about who is coming in at the better price point now."
  • "In terms of feature performance versus cost, they're a good value."
  • "The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For example, Lookout costs 2/3rd of Prisma's licensing price."
  • More Lookout Pricing and Cost Advice →

  • "Recently, they have simplified the licensing"
  • "The product is very expensive."
  • "The tool is a little bit expensive."
  • More F5 BIG-IP Access Policy Manager (APM) Pricing and Cost Advice →

  • "The licensing model is a simple user-based model, not that much complicated."
  • "The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
  • "The pricing is on the higher end."
  • "It's fairly priced."
  • "It's expensive."
  • More One Identity Active Roles Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Secure Web Gateways (SWG) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The licensing costs are good. Prisma has much more options and support for security, but it has a higher cost. For… more »
    Top Answer:The solution could improve identity integration as well. Zero trust, it's a good start as a zero-trust solution… more »
    Top Answer:The most valuable feature is the virtual IP creation. It's our most frequently used feature.
    Top Answer:The tool is a little bit expensive. I rate the pricing a six out of ten.
    Top Answer:In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the… more »
    Top Answer:The solution is fairly priced. That said, I have nothing to compare it to.
    Top Answer:The solution has not enabled us to reduce password reset times. It has not automated provisioning. The group attestation… more »
    Comparisons
    Also Known As
    CipherCloud
    F5 Access Policy Manager
    Quest Active Roles
    Learn More
    Overview

    Lookout is a well-established and powerful secure web gateway (SWG) solution that protects more than 200 million users from threats that can result from the penetration of unsecured web traffic into their networks. Lookout is designed to enable organizations to work remotely while maintaining a tight blanket of security over their confidential business data. It provides administrators with security that extends from their endpoints to the cloud service that they are using to run their organization’s network. 

    Users of Lookout are able to proactively detect threats and keep themselves secure from a field of threats that constantly evolves. IT teams can protect their organizations without having to rely on any other security solutions. This singular solution can run on multiple kinds of mobile devices. The privacy of individuals is preserved while keeping compliance rules intact. Additionally, users gain access to a number of tools that enable them to prevent security breaches from taking place.

    Lookout Benefits

    Some of the ways that organizations can benefit by deploying Lookout include:

    • Ease of deployment. Lookout is a solution whose design makes it easy for users to deploy it. It provides users with simple, step-by-step instructions that remove the need for organizations to devote extensive amounts of time to make sure that it is properly set up. Anyone can quickly set up the solution without undergoing technical training. 
    • Built-in support. Users of the Lookout application have access to built-in demos that can teach them how to use various solution features. Instead of spending time trying to figure out the application, users can watch the demo that is most relevant to them and see for themselves how that particular feature is used.
    • Easy-to-use user interface. Lookout’s user interface is laid out in an intuitive way that makes it easy for administrators to navigate. This interface is present in both the mobile and desktop versions of this solution. 
    • Settings customization. Lookout has a built-in settings customization menu. This makes it possible for administrators to easily customize their settings so that they best conform to their needs. 

    Lookout Features

    • Activity monitoring and activity tracking. Lookout’s activity monitoring and activity tracking capabilities enable users to keep a close eye on the activities that are taking place in their networks. IT teams and administrators have the ability to watch their networks for any unusual activity. These features ensure that organizations can keep ahead of any potential threats. They provide the kinds of insights and warnings that make the jobs of those IT teams and administrators much easier and more streamlined. 
    • Encryption. Organizations that employ Lookout can encrypt their networks and keep crucial business data from being read by unauthorized parties. This feature keeps the secrets organizations are trying to keep out of the wrong hands.
    • Anti-virus tools. Lookout provides users with tools to block threats from harming their networks. These tools can successfully block 99.6 percent of threats without raising false alarms. 

    F5 BIG-IP Access Policy Manager (APM) is an access management proxy solution for managing global access to the enterprise networks, cloud providers, applications, and application programming interfaces (APIs). Through a single management interface, BIG-IP APM consolidates remote, mobile, network, virtual, and web access. 

    BIG-IP APM can also serve as a bridge between modern and classic authentication and authorization protocols and methods. For applications which are unable to support modern authentication and authorization protocols, like SAML and OAuth with OIDC, but which do support classic authentication methods, BIG-IP APM converts user credentials to the appropriate authentication standard supported by the application.

    BIG-IP APM Benefits:

    • Ease of use
    • Flexibility
    • Ability to integrate with other systems
    • Security features
    • Granular access control
    • Responsive and helpful support team

    BIG-IP APM Features:

    • Support for Identity Aware Proxy (IAP) enabling Zero Trust application access
    • Context-based authorization with dynamic L4/L7 ACLs
    • Integration with third-party MFA solutions
    • DTLS 2.0 mode for delivering and securing applications
    • SAML 2.0 identity federation support
    • Support for OAuth 2.0 authorization protocol
    • SSO support for classic authentication (Kerberos, header- based, etc.), credential caching, OAuth 2.0, SAML 2.0, and FIDO2 (U2F)
    • AAA server authentication and high-availability
    • Integration with leading IAM vendor products (Microsoft, Okta, Ping Identity)
    • BIG IP Edge Client and F5 Access integrate with VMware Horizon ONE (AirWatch), Microsoft Intune and IBM MaaS360
    • Risk-based access leveraging third-party UEBA and risk engines (HTTP Connector)

    Reviews from Real Users

    Below are some reviews and helpful feedback written by BIG-IP APM users.

    Mahmmoud Rabie, Senior Site Reliability Engineer, writes that BIG-IP APM is "A highly stable solution for load balancing, but the initial setup is complex."

    Clyde LivingstonSenior Process Specialist at Telstra, says that BIG-IP APM is "Easy to use, useful access remotely, but lacking stability."

    Chris LamSenior Solution Consultant at Macroview Telecom Limited, states that BIG-IP APM is "Useful for remote access VPN and VPI integration with VMware.

    One Identity Active Roles is a highly regarded solution for Active Directory (AD) security and account management. One Identity Active Roles will enhance group, account, and directory management while eradicating the need for manual processes. The end result is a significant increase in the overall speed, efficiency, and security of the organization.

    Using One Identity Active Roles, users can:

    • Easily increase and strengthen native attributes of Active Directory (AD) and Azure AD.

    • Quickly unify and automate group and account management while protecting and securing critical administrative access.

    • Free up valuable resources to concentrate on other IT tasks, fully confident that your user permissions, critical data, and privileged access are safe and secure.

    Managing accounts in AD and Azure AD can be tremendously challenging; continually keeping these important systems safe and secure presents an even greater challenge. Traditional tools can be inefficient, error-prone, and very disjointed. In today’s robust marketplace, organizations are finding it somewhat difficult to keep pace with the constant access changes in a hybrid AD ecosystem. Additionally, there are significant security issues to consider (government compliance, employee status/access changes, and other confidential business requirements). And, of course, there is a requirement to properly manage Active Directory and Azure Active Directory access in addition to managing all the other numerous SaaS and non-Windows applications that organizations use today.

    Users can easily automate all of these tedious, mundane administrative tasks, keeping their systems safe and error-free. Active Roles ensures users can perform their job responsibilities more effectively, more efficiently, and with minimal manual intervention. Active Roles was created with a flexible design, so organizations can easily scale to meet your organizational needs, today, tomorrow, and in the foreseeable future.

    Reviews from Real Users

    A PeerSpot user who is a Network Analyst at a government tells us, “It has eliminated admin tasks that were bogging down our IT department. Before we started using Active Roles, if one of our frontline staff members deleted a user or group, it could take several hours to try to reverse that mistake. Whereas now, the most our frontline staff can do is a deprovision, which just disables everything in the background, but it's still there. We can go in and have it back the way it was two minutes later. Instead of it taking two hours, it only takes two minutes.

    Becky P., Sr Business Analyst at George Washington University, shares, “In addition, with the use of workflows and the scheduled tasks, we were able to automate and centrally manage a number of the processes as well as utilize them to work around other product limitations. Those include, but are not limited to syncing larger groups, which have 50,000 plus members, to Azure AD. We sync up to Azure AD using ARS. If we had not already had ARS in place, it would have been impossible for us to have done so in the time period we did it in. We did it in under six months. ARS probably saves us at least two weeks out of every month. It's reduced our workload by 50 percent, easily.”

    Sample Customers
    City Bank, Ricacorp Properties, Miele, American Systems, Bangladesh Post Office
    City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm10%
    Manufacturing Company10%
    Government7%
    REVIEWERS
    Comms Service Provider27%
    Media Company18%
    Computer Software Company18%
    Financial Services Firm18%
    VISITORS READING REVIEWS
    Financial Services Firm13%
    Computer Software Company12%
    Government12%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm18%
    Aerospace/Defense Firm18%
    Government9%
    Non Profit9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government10%
    Healthcare Company8%
    Company Size
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise16%
    Large Enterprise62%
    REVIEWERS
    Small Business46%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    REVIEWERS
    Small Business28%
    Midsize Enterprise6%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise11%
    Large Enterprise67%
    Buyer's Guide
    Secure Web Gateways (SWG)
    March 2024
    Find out what your peers are saying about Cisco, Zscaler, Palo Alto Networks and others in Secure Web Gateways (SWG). Updated: March 2024.
    765,386 professionals have used our research since 2012.

    F5 BIG-IP Access Policy Manager (APM) is ranked 18th in Secure Web Gateways (SWG) with 12 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. F5 BIG-IP Access Policy Manager (APM) is rated 8.2, while One Identity Active Roles is rated 8.6. The top reviewer of F5 BIG-IP Access Policy Manager (APM) writes " Facilitates packet inspection, modification, and offloading and offers visibility and troubleshooting capabilities, allowing for pre-production server testing". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". F5 BIG-IP Access Policy Manager (APM) is most compared with Citrix Gateway, CyberArk Privileged Access Manager, Microsoft Remote Desktop Services, Ivanti Connect Secure and Cisco ISE (Identity Services Engine), whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes.

    We monitor all Secure Web Gateways (SWG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.