Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The short version is that we gained significant insight into the issues of access governance. This allowed us to turn an auditing nightmare into praise from our auditors.
It gives the best user experience, enabling us an overview of all user entitlements.
This solution is better on the IT personnel, because now they spend less (or almost no time) managing user rights.
The most valuable feature for me is the built-in security, which is the best that I have seen.
The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc.
Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good. It's also very flexible. It's quite easy to customize and we have customized it a lot.
For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.
This is almost a complete solution for us.
It reduces the viral attacks on my website. It also allows certain users access to see what happens daily.
We have received good support from the tech support team.
CA PAM is working well for us.
The DB clustering is a really good benefit of using CA PAM.
We can enforce complicated password policies and very important frequent password changes.
The product is very scalable in terms of concurrent sessions that it can handle at a time, number of device it can support, accounts that it can manage, or number of nodes that you can deploy in a cluster.
The support team could be improved on. The first level of support essentially looks up knowledge base articles and often can't provide the answer needed.
The initial setup was complex. We have a lot of different systems. The journey from implementing to joining all the systems was difficult.
The performance could use improvement. Sometimes synchronizations take too long.
A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory, on the fly.
More integration with SAP and with the internet of things would be good. We also have system devices that we could manage as identities, so that would be a feature to add.
One of the things we would like is the ability to have more than one system role manager. That would be nice. For example, when people are on vacation, sometimes it gets a little hard to administrate system roles.
The system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people.
It should be able to give a client version of the product, rather than just a web-portal.
The setup is complex.
I would like this solution to be simpler. It should have a one-click access that works together with AWS.
An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username.
We experience stability issues after every patch upgrade. This is a place where CA needs to improve drastically.
The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc.
Pricing and Cost Advice
There is a one-time licensing cost, and there is also a yearly subscription fee.
It's costlier that some other products, and there is nothing that fits every solution.
We are using a self-built solution. It would cost too much to get that up to the standard of what we need. In the long-term, it is cheaper to buy a solution that has what we need. Though, we are still running the previous solution, as we are still in the implementation phase.
It needs flexibility in the licensing or packaging, because you buy the entire package at once, and sometimes the customers are a bit overwhelmed with whatever they get. I would like if they could cut the licensing or packaging into somewhat smaller things.
It has helped to reduce customer costs.
We are paying for premium support, which is expensive. However, we do receive very good, fast support.
It helps us save on licenses for applications because we are following the account lifecycle, as well as account reactivation.
We have the premium support and are very satisfied. They are always answer our questions very quickly. For the moment, we are very satisfied, but I think it's because we are paying for the premium support.
It is reasonably priced.
It is more expensive than other solutions on the market.
I would prefer better licensing options for the 20-100 users we have at a given time.
Pricing is fair compared to other top vendors.
The licensing is simple and scalable.
out of 60 in Identity Management (IM)
Average Words per Review
out of 30 in Privileged Access Management
Average Words per Review
Compared 17% of the time.
Compared 15% of the time.
Compared 10% of the time.
Compared 37% of the time.
Compared 26% of the time.
Compared 7% of the time.
Also Known As
|Quest One Identity Manager, Dell One Identity Manager||CA PAM, Xceedium Xsuite, CA Privileged Access Manager|
One Identity Manager helps you mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. IAM can be driven by business needs, not IT capabilities. With Identity Manager, you can manage user identities, privileges and security across the enterprise, putting you in control of identity management and taking the burden off your IT staff.
CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources. It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers
Learn more about One Identity Manager
Learn more about Symantec Privileged Access Manager
|Texas A&M, Sky Media, BHF Bank, Swiss Post, Union Investment, Wayne State University. More at OneIdentity.com/casestudies||NEOVERA, Telesis, eSoft|
Financial Services Firm39%
Software R&D Company31%
Comms Service Provider13%
Financial Services Firm8%
Financial Services Firm24%
Comms Service Provider12%
Software R&D Company26%
Financial Services Firm19%
Comms Service Provider15%