We just raised a $30M Series A: Read our story

Schedule a 30-minute demo or reference call with a real user from the PeerSpot community. Available only to members that are in a buying process for this product and have contributed a review that's then published.

Symantec Identity Governance and Administration OverviewUNIXBusinessApplication

Symantec Identity Governance and Administration is #4 ranked solution in top User Provisioning Software and top Identity Management (IM) tools. IT Central Station users give Symantec Identity Governance and Administration an average rating of 8 out of 10. Symantec Identity Governance and Administration is most commonly compared to SailPoint IdentityIQ:Symantec Identity Governance and Administration vs SailPoint IdentityIQ. The top industry researching this solution are professionals from a computer software company, accounting for 34% of all views.
What is Symantec Identity Governance and Administration?

The Symantec Identity Governance and Administration (formerly CA Identity Suite) provides comprehensive identity management and governance capabilities with a simple, intuitive user experience. This user experience can dramatically simplify processes such as user access requests and access certifications, resulting in improved productivity and user satisfaction. In addition, the Symantec Identity Governance and Administration performs risk analysis and certification and enables remediation actions in real-time during the access provisioning steps, thereby improving audit performance and risk posture with preventive policy enforcement.

While providing these business and governance-centric capabilities for business users, the Symantec Identity Governance and Administration also delivers core enterprise-grade identity management and governance capabilities, including broad provisioning support for on-premise and cloud apps, extensibility and flexibility to integrate with other IT systems and consumer-grade scale. This means organizations are not forced to choose between usability and performance. With the Symantec Identity Governance and Administration, they can have both.

Symantec Identity Governance and Administration was previously known as CA Identity Suite, Symantec IGA, Layer7 Identity Suite, CA Identity Manager (CA IDM), CA Identity Minder, CA IAM, CA Identity Manager (CA IDM), CA Identity Governance.

Symantec Identity Governance and Administration Buyer's Guide

Download the Symantec Identity Governance and Administration Buyer's Guide including reviews and more. Updated: November 2021

Symantec Identity Governance and Administration Customers

Acciona, Core Blox, DBS

Symantec Identity Governance and Administration Video

Archived Symantec Identity Governance and Administration Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
FM
Senior Manager at a tech services company with 501-1,000 employees
Real User
Has good technical support but the setup and patching are complex

Pros and Cons

  • "Word mining and risk campaigns are the most valuable features of this solution."
  • "In the next release, there should be provisioning of your certifications."

What is our primary use case?

We use the private cloud deployment model of this solution. 

What is most valuable?

Word mining and risk campaigns are the most valuable features of this solution.

What needs improvement?

I would like to have differential campaigns. In the next release, there should be the provisioning of your certifications. When you remove access or grant extra access to someone, it would be good to have direct provisioning to different sources.

What do I think about the stability of the solution?

It's stable and runs well. 

How are customer service and technical support?

Technical support is good and efficient. 

How was the initial setup?

The initial setup was easy. Sometimes upgrades are a little bit complex. There are many components where you have to apply a patch to each component of the solution. For the installation, I would say it's a little bit complex. It's a little bit complex to set up but when it's okay, it runs fine.

What other advice do I have?

My advice to someone implementing this solution is to take a few days to plan with professional services for the setup. 

I would rate it between a six and seven out of ten. Not a ten because of the complex setup and because we had some issues applying some patches. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
RC
Solution Architect with 1-10 employees
Real User
You can set it up in a PoC very quickly to demonstrate its provisioning capabilities, but it has a lot of room for improvement

Pros and Cons

  • "When comparing it to other products, you can set up CA IAM in a PoC very quickly to demonstrate its provisioning capabilities."
  • "It is easy to use, and does not requires an extensive programming or development background."
  • "The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements."

What is most valuable?

Ease of use for the configuration of provisioning accounts through an account template concept for an OOTB connector.

It does not requires an extensive programming or development background. The screen of the admin tool creates an account on the system to CA IAM, which provides it to the OOTB connector, then you can simply configure CA IAM to do the provisioning. CA IAM can help with the automation of user provisioning at the same level as the system admin. 

When comparing it to other products, you can set up CA IAM in a PoC very quickly to demonstrate its provisioning capabilities.

It fits for organizations having simple, basic provisioning requirements. If your organization has complex provisioning use cases and requirements, then you must have an architect and developer on the team to help bridge the gap that CA IAM cannot provide.

What needs improvement?

The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We have encountered issues with stability.

What do I think about the scalability of the solution?

We have encountered issues with scalability.

How are customer service and technical support?

Our experience with the technical support team is good. CA technical support is very keen to help their customers. 

Most issues are solved by the our team, but at least, their team has provided moral support to us.

Which solution did I use previously and why did I switch?

We did previously use a different solution, and we switched for several reasons.

How was the initial setup?

The initial setup can be both straightforward and complex. This is up to an organization's requirements of the CA Identity Manager solution.

What about the implementation team?

This product is the same as other CA IDM product, which can help improve organizations, similar to the messaging on the product brochure.

In real life, it is up to the skill of the implementation team as to how they can configure the product to serve the business processes of the organization. The reason why some IDM projects have failed comes from implementation. The team must be good at the functional, technical, and designing of business processes. The product could be mediocre, but the implementation team must be top gun. Choose an implementation team wisely, especially when your requirements and processes are complex. A good product under a poor team cannot bring about the result seen on the product brochure.

What's my experience with pricing, setup cost, and licensing?

The connector is free, and bundled with the product.

What other advice do I have?

The product is considered good, in the top five. Looking at the product features carefully if your organization has complex provisioning requirements and business processes to find gaps.

Finally, always search for the best implementation team, who has skills and experience.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,873 professionals have used our research since 2012.
Efrén Yanez
Security Manager & CM Specialist & Mainframe Specialist at a tech services company with 11-50 employees
Real User
Identifies, debugs and models the privileges of your organization, adapting it to business strategies.

What is our primary use case?

The primary uses cases are:
- The analysis of privileges to generate roles
- Revision of segregation of rights based on client rules
- Certification of privileges (compliance)
- Fulfill the cycle of existing privileges, under review / approval and delivery to the IM solution to materialize the changes and maintain the standard

How has it helped my organization?

In the processes where we need to analyze data, IG has enabled and facilitated the analysis of privileges, generation of roles to cover RBAC and integrate with the solution of Identity Manager, as well as the compliance aspect by the certification of privileges “Compliance”.

Additionally it helps us in analyzing predefined SoD rules for SAP and any others applications where the client defines their business policy rules.

What is most valuable?

  • Identifies, debugs and models the privileges of your organization, adapting it to business strategies.
  • Helps discover roles based on available patterns ("basic roles" / "Iterated Search" / "Characteristic Roles" / "Rule Hierarchies Roles" / "User Hierarchy Based Roles" / "Structured Search" / "Obvious Roles").
  • Enables review campaigns to certify user privileges, roles and resources, activating the RACI model in the process.
  • Identity Governance comes with Connector Xpress but if you have Identity Manager you can use the integration between them and import the information that comes from CA Identity Manager and its connectors.
  • Allows the construction of segregation of rights (SoD) rules by definition of the client and enables “detective" and "corrective" levels for violations of business rules policies.
  • Provides a set of SoD rules for SAP in order to apply "best practices" to this type of "endpoint" (more than 3,000 rules / Consult CA Technologies if available in last version).
  • Helps to analyze privileges to find points of cleaning and improvement (Similar Roles / Roles Hierarchy / dual link / Suspect connections / Collectors, etc.).
  • Regulatory compliance is one of the objectives of the solution.
  • Covers the life cycle of enterprise privileges and maintains the role model "shallow" or "deep" / "functional" or "granular per application".
  • Helps you take advantage of the Identity Governance on the portal but better if you integrate with Identity Suite (best user experience).
  • You can enable LDAP authentication (AD/others) or integrate with CA Single Sign-On for portal access.
  • Real integration between CA Identity Manager and CA Identity Governance for better use of compliance approved roles, data exchange, and improved customer experience.
  • Data Transformation available using PDI (Pentaho Data Integration)
  • New functionality when integrating with Identity Portal.

What needs improvement?

The administrative part is not very intuitive. Actually I think it is because it requires specialization and knowledge in what is done.

I found an option to import specific information, but the functionality was non-existent so they have to update the documentation or remove it from the menu (import from ITIM). Improve release updates when there is an obsolete function or it is not still supported.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

No.

What do I think about the scalability of the solution?

No.

How are customer service and technical support?

When you open a ticket with priority-one, the technical support is excellent - 10/10. However, when the ticket is priority two, three, or four, then it's 7/10.

Which solution did I use previously and why did I switch?

I did not use a previous different solution. 

How was the initial setup?

The initial basic configuration is simple, but deploying the solution in greater depth and integration with high implementation reach requires expertise and certain complexities.

What's my experience with pricing, setup cost, and licensing?

About prices when validated with other solutions where the "SAP" endpoint will be included, Identity Governance is a good option. But if you are going to integrate with Identity Manager it is better to acquire IDS, it will be more economical.

Which other solutions did I evaluate?

No.

What other advice do I have?

Important to find someone with experience implementing this type of solution to ensure the success of its implementation.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PS
Lead Solution Advisor at a financial services firm with 10,001+ employees
Real User
Features, stability, and support are good, but it needs better integration with HR systems

Pros and Cons

    • "The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."

    What is our primary use case?

    We are using CA Identity Management product to provide an identity management service for the largest in the retail industry.

    Performance is good, but the other side, the drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems.

    How has it helped my organization?

    The solution in which we have brought in CA Identity Manager, it is like combining multiple HR sources. It helps reduce thousands of hours of work.

    What is most valuable?

    Policy Xpress.

    What needs improvement?

    It needs to be connected to major HR systems. That is a major thing. And if they can connect it to GRC systems, that's good to have in an identity product.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    Stability is very good. We have been using it the last three years. I haven't seen any issues.

    How is customer service and technical support?

    I would evaluate them at five out of five. Every tech support guy who works at CA is good. I don't have any issues.

    How was the initial setup?

    It was straightforward. Even when you're installing dependent software, like a database or something else, I consider it it straightforward.

    What other advice do I have?

    When we are choosing a vendor we will go for whether they have the capability to connect to the target system. The basic feature would be connectivity. If the product doesn't have the capability to connect to that system, we will need to do something else to get or push this information to that system. Connectivity is the main thing.

    I'd rate it seven out of 10. Those connectivity issues are the only reasons. Functionality-wise, it's good. The features that they have are good.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    Rahul KS
    Technologist at a healthcare company with 10,001+ employees
    Real User
    Policy writing and provisioning are easy, but should be improved

    How has it helped my organization?

    It has improved our user management. It is definitely streamlined.

    What is most valuable?

    Writing policies and provisioning are easy.

    What needs improvement?

    Policy writing and provisioning are easy, but should be improved. Provisioning has a dependency on Windows.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    No, we have not.

    What do I think about the scalability of the solution?

    No, we have not.

    How are customer service and technical support?

     I would say they are good, but there is always room to improve.

    Which solution did I use previously and why did I switch?

    Yes, custom codes. It was not as reliable as CA Identity Manager.

    How was the initial setup?

    How has it helped my organization?

    It has improved our user management. It is definitely streamlined.

    What is most valuable?

    Writing policies and provisioning are easy.

    What needs improvement?

    Policy writing and provisioning are easy, but should be improved. Provisioning has a dependency on Windows.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    No, we have not.

    What do I think about the scalability of the solution?

    No, we have not.

    How are customer service and technical support?

     I would say they are good, but there is always room to improve.

    Which solution did I use previously and why did I switch?

    Yes, custom codes. It was not as reliable as CA Identity Manager.

    How was the initial setup?

    It was complex with lots of requirements.

    What's my experience with pricing, setup cost, and licensing?

    It is expensive, same as the other tools in the market.

    Which other solutions did I evaluate?

    I prefer Oracle Identity Manager, which is more stable. 

    What other advice do I have?

    Get the latest version and good architecture before implementing the solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user779286
    Consultant at Deloitte
    Vendor
    Consolidates applications, streamlines user access, but Identity tool needs better audit reporting

    Pros and Cons

    • "Streamlines user access, consolidates applications."
    • "The Identity tool needs to do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point."

    What is our primary use case?

    Managing identities at a financial services institution.

    We're implementing it currently, so I have no real measure of how it's going to perform, but so far so good.

    How has it helped my organization?

    • Streamlines user access
    • Consolidates applications
    • Access in one place

    What is most valuable?

    User access control.

    What needs improvement?

    Customer reporting. One of the big things we had asked for is for the Identity tool to actually do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point.

    For how long have I used the solution?

    Still implementing.

    What do I think about the stability of the solution?

    Can't comment yet. Not up.

    What do I think about the scalability of the solution?

    I've used Identity Manager before for a different client. The scalability is good.

    How are customer service and technical support?

    Tech support is very good. We actually have a CA team onsite.

    Which solution did I use previously and why did I switch?

    The client is using different solutions for different things. So they have instances of a number of different tools that have the same functionalities as CA, but for different items. So yes, they did have other solutions as well.

    How was the initial setup?

    Most of the complexities are because of the business itself and the complexities that they have within their current infrastructure. The complexities are not really coming from CA's product.

    Which other solutions did I evaluate?

    I was not there when they made this selection. I'm sure they evaluated the normal ones, SailPoint, CA, Oracle.

    What other advice do I have?

    It's early but so far I give it a seven out of 10. Most of the issues we've had with it are coming from business complexity rather than the product itself. The support's been good from CA.

    In terms of advice to a colleague who is looking for a similar solution, that's difficult because I've done SalePoint and CA. It's up to them. It's based on the organization itself, so they have to do more evaluation than what I can provide for them. I'd recommend they do their research and pick what's best for them, but I'd say we have no problems with CA's software.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
    it_user778596
    Developer at a tech vendor with 1,001-5,000 employees
    Real User
    Has created good, internal performance improvement and user experience

    Pros and Cons

    • "It has good endpoint support and endpoint connectivity to different versioning endpoints."
    • "Identity Manager has a lack of entitlement support, unlike other products that I have worked with."

    What is our primary use case?

    Provisioning. It has performed well.

    How has it helped my organization?

    It has been good to keep zero day. We have almost zero day provisioning, where the user shows up on the first day of work and he has the necessary access, birthright roles, and such. Therefore, there has been good, internal performance improvement and user experience.

    What is most valuable?

    It has good endpoint support and endpoint connectivity to different versioning endpoints.

    What needs improvement?

    Identity Manager has a lack of entitlement support, unlike other products that I have worked with. Other products have a focus on the entitlement that a user has, where you can pick and choose access as an entitlement, and add it to the user or remove from the user. With CA it is all role-based, that is kind of a sticking point with me, so we have to work around that.

    What do I think about the stability of the solution?

    It is pretty good. Relatively stable. We have definitely had some downtime, but overall it is good.

    What do I think about the scalability of the solution?

    We just have a two node cluster, so we have not really scaled. However, I imagine it is easy enough to scale those nodes, so it is scalable since it is a clustered app.

    How is customer service and technical support?

    Technical support is great.

    How was the initial setup?

    The initial setup was very complex. The product is just basically a conglomerate of a bunch of other products that were bought and pieced together. So it is still my one main gripe of Identity Manager. It is too many moving pieces; too many parts that were kind of stuck together. It makes it very complex. 10 servers and 10 different apps running to make it happen, and it is only getting worse now that Identity Plural is on top, which is supposed to be making it better, but we will cross that bridge sometime next year.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user778986
    Product Manager at Suramericana
    Vendor
    It has helped us to have better rules for the application and grow the business process

    What is our primary use case?

    This product is the main application for governance to identity and coordinate the application for a business process, improve the compliance certification, and have better risk management.

    What is most valuable?

    Governance Identity

    How has it helped my organization?

    This product has helped us to have better rules for the application and grow the business process. We can then implement these rules in the product to have automated contracts. 

    What needs improvement?

    We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules.

    For how long have I used the solution?

    Still implementing.

    How is customer service and technical support?

    It is too soon to rate them as we are…

    What is our primary use case?

    This product is the main application for governance to identity and coordinate the application for a business process, improve the compliance certification, and have better risk management.

    What is most valuable?

    • Governance
    • Identity

    How has it helped my organization?

    This product has helped us to have better rules for the application and grow the business process. We can then implement these rules in the product to have automated contracts. 

    What needs improvement?

    We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules.

    For how long have I used the solution?

    Still implementing.

    How is customer service and technical support?

    It is too soon to rate them as we are currently working with them for our implementation.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user723975
    Senior Information Security Analyst at a insurance company with 10,001+ employees
    Real User
    Enabled us to identify and certify over 6000 role-based profiles

    What is most valuable?

    Manage access certifications for whole company in one place.

    How has it helped my organization?

    We used this product to identify and certify basic access profiles in our company. Created more than 6000 role-based profiles for more than 26,000 colleagues. Profiles can be granted to a user when he starts to work in the company or changes departments and/or functions.

    What needs improvement?

    Yes, we found that if you create a certification with a high number of objects, the portal runs slowly. We are working with CA to manage this situation.

    For how long have I used the solution?

    Two years.

    What do I think about the stability of the solution?

    As noted above, we found that if you create a certification with a high number of objects, the portal runs slowly. We are working with CA to manage this situation.

    What do I think about the scalability of the solution?

    No.

    How are customer service and technical support?

    Always available.

    Which solution did I use previously and why did I switch?

    No, this is the first product of its kind for us.

    How was the initial setup?

    It was not complex. CA and a partner worked with us on the setup.

    What's my experience with pricing, setup cost, and licensing?

    Our company has a long list of CA products, so the pricing is good for us, given the size of our company. The product was licensed by installation.

    Which other solutions did I evaluate?

    Yes, Oracle IAM.

    What other advice do I have?

    Choose a CA partner who is experienced in implementing this product and establish all Access Manager rules before you start operating the product. The product gives you a a nice overview but it's a good idea to define basic rules to create access profiles and certification.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user124563
    Head of Identity and Access Management at a financial services firm with 1,001-5,000 employees
    Vendor
    Through the centralization and automation of access management functions, we've improved our security. However, its complexity and usability are areas that could use improvement.

    Pros and Cons

    • "Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture)."
    • "The reporting functions."

    What is most valuable?

    The most valuable features to us are:

    • Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture);
    • Access-request system (to manage on- and off-boarding of users); and
    • Mobile interface (ability to manage workflows and user requests from smartphone).

    How has it helped my organization?

    Through the centralization and automation of access management functions, and providing a baseline for identity and security analytics, we've improved our security.

    What needs improvement?

    I think CA Identity Manager could improve in the following areas:

    • Usability
    • Stability
    • It's complex
    • The reporting functions

    For how long have I used the solution?

    I've been using it since 2011 as Identity Manager (before: CA eTrust Admin).

    What was my experience with deployment of the solution?

    We had multiple failures with Linux-based installers hindering deployment process on Linux platform.

    No major issues with deployment on Windows.

    What do I think about the stability of the solution?

    Multiple issues with stability of the provisioning servers.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    7/10

    Technical Support:

    5/10

    Which solution did I use previously and why did I switch?

    CA eTrust Admin 8.x had been upgraded to CA Identity Manager 12.5 SP9.

    How was the initial setup?

    Initial setup was complex due to multiple inter-dependencies and high diversity of infrastructure components.

    What about the implementation team?

    Initially implemented through the vendor team, following upgrades with an in-house team.

    The level of expertise delivered by the consultancy firm was high, however it has decreased significantly in the past two years.

    What's my experience with pricing, setup cost, and licensing?

    Pricing and licensing models are adequate and reasonable.

    Which other solutions did I evaluate?

    Identity Manager solutions from Oracle, SailPoint, IBM and RSA/EMC. The products from the mentioned vendors generally seem more competitive than today’s offering from CA.

    What other advice do I have?

    Run PoC with as close to production deployment as possible; pay attention to TCO and ROI after including provisioning costs on support services for implementation and maintenance as well as required design of reports and business processes and UIs.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user345663
    Senior Manager - Identity and Access Management at a financial services firm with 1,001-5,000 employees
    Vendor
    Automation has improved the way we function because we don't have to perform manual work over identity-related controls. We'd like better information display for the approvals within the workflow.

    Pros and Cons

    • "Automated provisioning removes manual labor and manual provisioning."
    • "A better information display for the approvals within the workflow would give them more information and the ability to comment back on a request as to why they're rejecting it. We've been telling them we'd like this improvement, and we hope to see it."

    What is most valuable?

    Automated provisioning removes manual labor and manual provisioning.

    How has it helped my organization?

    Automation is the best way it's improved the way we function because we don't have to perform manual work over identity-related controls.

    What needs improvement?

    A better information display for the approvals within the workflow would give them more information and the ability to comment back on a request as to why they're rejecting it. We've been telling them we'd like this improvement, and we hope to see it.

    What was my experience with deployment of the solution?

    We have challenges because of the customization – it's difficult to do upgrades. We're just not doing the upgrade because we are a few versions behind, so now it's tough.

    What do I think about the stability of the solution?

    Performance is a challenge just in terms of the number of roles and endpoints that we're managing. We have 10 platforms that we manage and over 8000 endpoints – that’s our challenge.

    What do I think about the scalability of the solution?

    We have challenges because of the customization. It's difficult to do upgrades. We are a few versions behind so doing the upgrade is tough.

    How is customer service and technical support?

    When we've used them, they've been good.

    How was the initial setup?

    It was set up in 2005 prior to when I joined the company.

    What other advice do I have?

    We always look at the stability and the amount of endpoints and attributes that can be included, plus the ease of use. Make sure that it can accurately serve your needs, especially from an endpoint point-of-view. You need all your users to be able to use it seamlessly without scalability issues.

    It loses points on the upgrade process. We require CA's help each time, and the upgrades, especially with our number of users, has been a challenge.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user349428
    Software Engineer at a healthcare company with 1,001-5,000 employees
    Real User
    It’s provided us a single point to create users and then provision them to different sources. Yet, the footprint is so large we have 10 servers just to run basic services.

    Pros and Cons

    • "The most valuable features are role-based access and identity provisioning, which allow a single point of user access to multiple places."
    • "It has a large footprint which you'd expect to be much, much smaller. Just to run basic services, we have 10 different servers. Also, if it were easier to manage, that'd be useful."

    What is most valuable?

    The most valuable features are role-based access and identity provisioning, which allow a single point of user access to multiple places.

    How has it helped my organization?

    It’s provided us a single point to create users and then provision them to different sources so that they have access to them without having to login in multiple locations.

    What needs improvement?

    It has a large footprint which you'd expect to be much, much smaller. Just to run basic services, we have 10 different servers. Also, if it were easier to manage, that'd be useful.

    What was my experience with deployment of the solution?

    We had no issues deploying it.

    What do I think about the stability of the solution?

    We’ve uncovered some bugs while working in it. CA has -- and still is -- working with us to resolve those issues.

    What do I think about the scalability of the solution?

    We haven't really had any issues with scalability, but we have an older version of it where we’ve had to customize it to an extent.

    How is customer service and technical support?

    Their engineers know our environment very well. We're able to get personal support with specific engineers when we make such a request.

    How was the initial setup?

    The initial setup is very complex. In fact, it took a while to get through the entire setup and we’re even adding to it now. CA has even been on site to help us.

    What other advice do I have?

    CA is great to work with, but to use it, just learn the product suites and how the individual products interact. Make sure you have a good layout and you have everything you need.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user401733
    Managing Director at a tech services company with 1-10 employees
    Real User
    ​I like the new interface. It has the same look and feel across devices such as browser and mobile.​

    What is most valuable?

    Connector Xpress and Policy Xpress and the new interface.

    How has it helped my organization?

    I like the new interface. It has the same look and feel across devices, such as browser and mobile.

    What needs improvement?

    Reporting could be improved.

    For how long have I used the solution?

    5 years.

    What do I think about the stability of the solution?

    No.

    What do I think about the scalability of the solution?

    No.

    How are customer service and technical support?

    Eight out of 10.

    Which solution did I use previously and why did I switch?

    No.

    How was the initial setup?

    The latest version is very simple to set up and install with a lot of wizards. It also comes with a new Virtual Appliance which can select the features and be ready to use. …

    What is most valuable?

    Connector Xpress and Policy Xpress and the new interface.

    How has it helped my organization?

    I like the new interface. It has the same look and feel across devices, such as browser and mobile.

    What needs improvement?

    Reporting could be improved.

    For how long have I used the solution?

    5 years.

    What do I think about the stability of the solution?

    No.

    What do I think about the scalability of the solution?

    No.

    How are customer service and technical support?

    Eight out of 10.

    Which solution did I use previously and why did I switch?

    No.

    How was the initial setup?

    The latest version is very simple to set up and install with a lot of wizards. It also comes with a new Virtual Appliance which can select the features and be ready to use.

    What's my experience with pricing, setup cost, and licensing?

    The price is based on the number of users.

    Which other solutions did I evaluate?

    No.

    What other advice do I have?

    The interface of the latest version is very simple to use on both browser and mobile devices.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Amlan Sahoo
    Systems-Engineer at a tech services company with 10,001+ employees
    Real User
    Leaderboard
    The IM is the most valuable feature to me. I also find the solution's documentation and community valuable.

    Pros and Cons

    • "Using the implementation guide, I was able to implement the solution with ease."
    • "I find the API boring. I also faced issues while integrating with CA SSO."

    What is most valuable?

    This is the only IM solution I have come across. Using the implementation guide, I was able to implement the solution with ease. The IM is the most valuable feature to me. I also find the solution's documentation and community valuable.

    What needs improvement?

    I find the API boring. I also faced issues while integrating with CA SSO.

    For how long have I used the solution?

    I have used this solution for three months.

    How is customer service and technical support?

    There is a good level of technical support because the community is a good set of geeks.

    How was the initial setup?

    The setup was easy because of the friendly product documentation and the community support.

    What's my experience with pricing, setup cost, and licensing?

    Compared to other options, CA products are not that expensive.

    Which other solutions did I evaluate?

    I did not evaluate other options, since this product was just meant for a PoC.

    What other advice do I have?

    I would not recommend this product to others. There are better products on the market, as I later came to know about Sailpoint, DELL IDM, and NetIQ.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Efrén Yanez
    Security Manager & CM Specialist & Mainframe Specialist at a tech services company with 11-50 employees
    Real User
    It has increased our automation and maintenance of SLA security functions, although I would like to see the human resource onboarding/offboarding processes improved.

    What is most valuable?

    • The xPress technologies (connector xPress/Policy xPress/Config xPress)
    • Integration with API Management and other CA solutions
    • Facility to publish the web services of any task of Identity Manager
    • Ease of integration to leverage authentication processes managed by Identity Manager and called by external applications
    • You do not depend on the supplier to change screens and validate field, create notifications, etc.
    • True integration between CA Identity Manager and CA Identity Governance for better use of compliance approved roles, data exchange and improved customer experience
    • Availability to implement in the cloud
    • Take advantage of important features of Identity Manager and Identity Governance on the Portar offered by Identity Suite (best user experience) and less technicall knowlegde need

    What about Identity Governance and integration with Identity Manager?
    This solution makes a seamless integration, leveraging the power of Identity Manager connectors it import the data obtained to Identity Governance; in the opposite direction, the results campaigns from Governance have the ability to update in automatic way the information in Identity Manager, enabling materialization of privileges changes and fulfilling a RBAC model (It is the business strategy to the lowest level of privileges in applications)


    Through the implementation of "Identity Suite Virtual Appliance" have created a supremely quick and convenient way to install (Identity Manager / Governance / Portal) with even high availability. Multiple scenarios available on a single console.

    How has it helped my organization?

    It has increased our automation and maintenance of SLA security functions. Additional compliance of all activity relate to provisioning, self-service, and all critical transaction of security management.

    What needs improvement?

    • Security information
    • Human resource onboarding/offboarding processes
    • All areas in organization that required account functionality in applications of the company

    For how long have I used the solution?

    We've been implementing it since 2007, so around seven years.

    What was my experience with deployment of the solution?

    No issues encountered.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    8/10.

    Technical Support:

    When you open a ticket with priority one, the technical support is excellent - 10/10. However, when the ticket is priority two, three, or four, then it's 7/10.

    Did not user previous. But I helped move from a different solution to CA
    Identity Manager. Why the change? Because the previous solutions was nor
    flexible and was high cost value to adapt.

    Which solution did I use previously and why did I switch?

    I did not use the previous solution, however I did assist in the move from it. We changed because the previous solution was not flexible and it had a high cost value to adapt.

    How was the initial setup?

    The initial setup is not complex. You only need define the right architecture and work on it.

    What about the implementation team?

    I implement it.

    What other advice do I have?

    If you analyze the evolution of these type of solutions, there are still uncovered needs and the customers are still identifying needs. The important thing here is the adaptability to integrate and deal with new technologies. The solution integrates with solutions like CA API Management/SSO and others.

    Find someone with experience implementing this type of solutions to ensure the success of its implementation.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: We're partners.
    it_user558657
    Snr Application Analyst at Rogers Communication
    Vendor
    Fast, stable solution with which we can provision all of our employees.

    What is most valuable?

    The valuable features are the speed and the ability to provision all of our employees. I like the usability as well.

    What needs improvement?

    I'm happy with the features that are in the current release.

    We have IDM integrated with Provisioning, SiteMinder, and CA Directory as our IAM solution. When we embark on an upgrade initiative for one of these components we quickly find that newer versions of IDM are not supported with the other exisiting components. This results in a much larger project to upgrade SiteMinder, IDM, Provisioning, Directory, and the OS which results in Senior management abandoning our upgrade project. I would like to see IDM supported with a larger version footprint in relation to the other required components in our IAM application framework.

    What do I think about the stability of the solution?

    The provisioning perspective is very stable. In terms of identity management, the logic is good, but performance could be better.

    What do I think about the scalability of the solution?

    The tool is not scalable. That is not a limitation from a CA software perspective. The lack of scalability is more a result of how we originally set up the product.

    How is customer service and technical support?

    We have used technical support. Overall, we find it very good. For Identity Manager, it is hard to get the right support agent.

    How was the initial setup?

    I was involved in the installation and it was complex. We were coming from a very old version and we had to upgrade. There was a lot of data migration.

    What other advice do I have?

    I have many colleagues from different companies and we all tend to lean towards CA products. We are accustomed to using CA.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    VM
    Principal Security Architect II at a engineering company with 1,001-5,000 employees
    Real User
    A single pane of glass to see what users have access to. Recurring Java memory leaks.

    What is most valuable?

    We only need one pane of glass to see what users have access to, especially privileged accounts.

    How has it helped my organization?

    Once it's in place, it's easy to use. You definitely need insight into how your company provides access to users. Especially if it's going to be role based, which most of it is. It reduces the amount of time needed for analysts to provision users; new accounts, changes, and terms.

    What needs improvement?

    I'd like to see the user interface be a little bit better as far as deploying the infrastructure, the back end, but I hear that it's coming.

    Most of the troubleshooting workflow is based on logs, so if the logs were consolidated we would need to just look at one particular log for all the servers to figure out what going on.

    For example, if you get a fail when provisioning a user, you determine where it fails, and go to the logs to see where specifically the process stopped and what tasks were not completed.

    For how long have I used the solution?

    We've had CA Identity Manager for three years now.

    What do I think about the stability of the solution?

    Stability needs some work. There are some issues with the back-end infrastructure. We've noticed that in our implementation, a lot of Java memory leaks are recurring. We've gone back and forth trying to discover the cause, and have to restart the systems and clear out the memories every couple weeks or so.

    What do I think about the scalability of the solution?

    It scales fine. It's one of the better products out there. There is a limit to the amount of provisions you can keep in users accounts and you need to archive some things, but I haven't reached that limit; at least with our users.

    How are customer service and technical support?

    We've opened up a few tickets with technical support and we've used our CA third-party consultants as well. They've been very helpful.

    Which solution did I use previously and why did I switch?

    We had an in-house solution that was for a subset of our users. It wasn't robust enough to go scale to the entire corporation, so we went through a selection process to find out who's the best out there at the time. We've had CA Identity Manager for three years now, so it was pretty recent.

    How was the initial setup?

    I was involved in the initial setup and it wasn't complex. The implementation after setup was difficult. The documentation in that area was lacking, but the implementation was as good as it's going to get.

    What other advice do I have?

    Definitely understand your access base for your user from the business perspective. If you're made up of different companies, get a clear understanding of how those different companies get access to users, so you can make it easier when the roll out comes out and do role-based implementations.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user558450
    Sr Prin IT Technologist at Medtronic
    Real User
    Automation of the provisioning engine reduced our manual interactions. I'd like More components to support the active-active model of high availability.

    What is most valuable?

    The automation that it brings to the enterprise is one of the main things that we looked at.

    How has it helped my organization?

    We had a 20 year old provisioning system which was built primarily for manual activities. Identify Manager helped us move to a more automated model with fewer manual interactions. This definitely had a lot of added value for us.

    What needs improvement?

    Keeping up with the market and support for functionality and other core endpoints like Active Directory and Exchange that right now seems to be missing. So it needs a little more work around keeping up with what the industry is going.

    What do I think about the stability of the solution?

    We definitely had quite a few challenges getting up and running. Since the initial setup, it's been pretty good. We have some small issues, but overall it's not too bad. It was definitely a challenge getting to that state, though.

    What do I think about the scalability of the solution?

    It is pretty scalable. We use it in the enterprise as a provisioning engine. We also use it in our external environment on the consumer side. For both these uses, it works pretty well.

    One open challenge that I see with the provisioning engine is that there is something lacking in terms of pure high availability. The active-active model is pretty critical for that. Many of the components do support that model. There are subsets that don't. It would be valuable to get that into the product sometime.

    How are customer service and technical support?

    There are some really good resources and support. Overall, I've had pretty decent luck with support. Sometimes we do have challenges, but that's getting better.

    Which solution did I use previously and why did I switch?

    We are a big enterprise, which means that we’ve done things the old way for such a long time. We were long overdue for investing in a proper provisioning system.

    In a way, we had been a big CA customer for a long time. It was a natural fit to leverage what we already had, rather than going and trying to find something else.

    How was the initial setup?

    Some of the connectors are pretty flexible. It felt like there was a lack of understanding on the capabilities of the endpoints. This ended up being a point of contention. There was a lot of back and forth in discussions about how things should or should not work. That dragged out the project for longer than it should have taken.

    Which other solutions did I evaluate?

    We did have one vendor. I’d rather not say which one. They were pretty competent too. In comparison, we thought that CA Identity Manager would be a better fit for us. The skills that we have and our experience with this solution is what made it a better fit than the competition. The partnership and flexibility that CA offer were also pretty important factors in our decision.

    What other advice do I have?

    Any solution that you pick will have its fair share of challenges. Understand and document what you really want done. You need to define what you want to accomplish in a provisioning solution scenario before you embark to try to achieve it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user558459
    CTO, Application Development at a tech services company with 501-1,000 employees
    Consultant
    We have streamlined the identity management process.

    What is most valuable?

    We take identity management seriously and CA IDM is helping us to accomplish that goal.

    We have streamlined the identity management process, but we are not completely utilizing all the features of CA IDM. This product is a milestone/cornerstone for us to accomplish our identity management goals.

    How has it helped my organization?

    We have been making strides in that area, but we still have more improvements to do. We are not there yet, but we hope to be there soon.

    What needs improvement?

    An improvement that we would like to see in a later version is taking it to the cloud. We have it on-premise and we foresee a lot of scalability challenges so taking it to the cloud might be a very good option for us.

    What do I think about the stability of the solution?

    This solution is very stable. I have no problems in that aspect.

    What do I think about the scalability of the solution?

    We have not yet tried to scale this product.

    How are customer service and technical support?

    We do use CA technical support. They are extremely professional and very skilled at what they do. I would give them a rating of 7/10.

    Which solution did I use previously and why did I switch?

    We were not using any other solution prior to this one.

    This was our go-to-solution from the outset. CA was a part of our solution always.

    How was the initial setup?

    I was personally not involved in the initial setup. After it had been completely set-up, we took over the operations from another company. From what I have heard, it was quite straightforward.

    What other advice do I have?

    I would advise to do a lot of analysis before you get in because the product itself has a lot of capabilities. However, understanding and making sure that all these capabilities are captured, is very important for implementation.

    The first criteria while selecting a vendor was how much support we could get from the vendor. This was our primary concern because a lot of identity management software vendors provided the same solution but the level of support was very important for us. The second criteria is what niche capability the product brings in and how it stands out from the competition.

    To use this tool to its fullest capability is our problem. The process is not there yet to completely utilize this solution.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user558513
    Information Technology Specialist - Information Security at a government with 1,001-5,000 employees
    Vendor
    It provides legacy interfacing, including with our mainframe. The UI and usability need to be improved.

    What is most valuable?

    The most valuable features of this product are the legacy interfacing - interfaces with our mainframe - as well as provisioning.

    How has it helped my organization?

    It gives the end users power for their other access requests.

    What needs improvement?

    User interface and usability are mainly the features that need improvement.

    I'm not sure if the new release includes 508 compliance for blind and deaf users. That would be a nice feature to include, especially for the government space.

    What do I think about the stability of the solution?

    The stability of this product is okay.

    What do I think about the scalability of the solution?

    Scalability of this product is something that we need to look into.

    How are customer service and technical support?

    The technical support team is good. Actually, we have a CA support team onsite which is good. They have been able to answer all our questions.

    Which solution did I use previously and why did I switch?

    I wasn't involved in the decision-making process for purchasing this product since it was taken a while back.

    How was the initial setup?

    I wasn’t involved in the initial setup process.

    What other advice do I have?

    User interface is an important feature, especially in the sector from where I am coming from. Later releases are just allowing a user to know what to do in the product.

    I would wish others good luck while purchasing this product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user32025
    Managing Director, Application Development
    Video Review
    Vendor
    We implemented CA Identity Manager to allow us to automate the self service reset of passwords.

    What is most valuable?

    One of the primary features we use is the password reset. The challenge we had was that our helpdesk had to manually reset customers in the field and reset their passwords one at a time, so we implemented CA Identity Manager to allow us to automate this self service reset of passwords.

    How has it helped my organization?

    One of the biggest benefits is the reduction of calls to the help desk. We reduced by a third our calls for password resets because users of the system could then reset themselves using the challenge questions and you know, people forget passwords it's an easy function. That was a huge benefit.

    What needs improvement?

    We are actually looking at something to make it easier from a user front end. The helpdesk does a lot of work today, so we're looking at another product from CA. I think it's called the Identity Suite.

    Make the maintenance and the updates easier. As well as a more intuitive interface.

    What do I think about the stability of the solution?

    It's been very solid. We went live a year ago, so almost 18 months and it's been rock solid.

    What do I think about the scalability of the solution?

    It's been very good. We have above 40,000 users on that platform and we never have any issues.

    How are customer service and technical support?

    We haven't had any issues that required us to go to technical support, so it's really been very good.

    Which solution did I use previously and why did I switch?

    We were using a product from Oracle - OID. Primarily it was all home grown, we had to build the backend database, we did some interactions, so it was really a custom solution and it wasn't as scalable, and it didn't have the security features. Rather than invest our development effort into creating security components, partnering with somebody made more sense.

    How was the initial setup?

    Converting from our old system took a little bit of work. We had a lot of old database access accounts that we had to move over, again, 40,000 or 45,000 but once we took care of that it was pretty painless.

    Which other solutions did I evaluate?

    We compared a couple of other vendors. Some of the newer ones are cloud-based, we weren't comfortable with that yet.

    What other advice do I have?

    The most important criteria when selecting a vendor is stability, the quality of their product, price is always a factor; to make sure you can afford it. We looked at what we had, switching to a new product then we compared it with several other vendors. We typically would go through a matrix and say, "Okay, here are all the items that we feel are important," so when we make that decision you can go back and say this is why and how we made it.

    Rating: I'd say probably 8/10. Again, we haven't had any issues from a support perspective, once we've implemented it it's been very solid, people love it and we've saved a lot of money and time from the help desk perspective, so it's been a good investment. I'm really hard on numbers, so 9 or 10 is like impossible.

    With security, you have to have a culture of security, and protecting the accounts and passwords and access has to be number one, given every time you see a breach in the news, it's because somebody is not taking care of security. It's top of mine.

    It's [CA Identity Manager] done exactly what we want it to. We've actually branched out and done some additional federation logs and stuff like that. Because of the success we've also looked at some other products like CA Advanced Authentication from a external consumer standpoint. It's been a good partnership with CA.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user372633
    Senior IT Manager at Best Western Hotels & Resorts
    Video Review
    Vendor
    I would say the most valuable feature is provisioning where we are able to provide user access to all the resources they need in a uniform way that we can audit.

    What is most valuable?

    I would say the most valuable feature is provisioning where we are able to provide user access to all the resources they need in a uniform way that we can audit. We don't need to spend a month going to every individual server, every individual database granting user access. We can do it from one central place.

    For SiteMinder, is the ability to bring applications under its protection very quickly and ability to partner with other companies through Federation and SAML using open standards to do authentication. We are able to partner with other vendors much more quickly no because before we had to do our home grown authentication things and they had to adapt to our non-standard way of doing things. Now, we have open standards. We publish a document to them with our SAML configuration, the documents we are going to be sending them and they code to it. We get on board very, very quickly.

    How has it helped my organization?

    For one, you don't have to remember a thousand passwords. You just remember one. You go to a dashboard and then you'll be given access to the environments you need. Two, there is more security because the passwords that it generates are very, very large. They change very often. It's not something that can easily be guessed and your infrastructure is more protected this way.

    What needs improvement?

    Something to help us migrate our code between environments from QA to UA to production in an easier way. That would probably be the big one.

    What do I think about the stability of the solution?

    They seem very, very stable. Ever since we put them in place we didn't have to do much in terms of bug fixes. They just work out of the gate. Part of the reason we had that is because we couldn't have the point from a single server so there is no fail over, even though the two supports that we have not configured this way yet.

    What do I think about the scalability of the solution?

    We didn't have to face any scalability challenges yet because we only use it for our members, which are about 40,000 accounts, which is nothing for two of that size. We haven't had any issues, but we haven't had much load.

    How are customer service and technical support?

    They have been very good to us. We also partnered with Simeio which is a preferred partner for them. They have been working very, very closely with us. They have been very responsive in communication. They have developed patches for us whenever we needed them.

    Which solution did I use previously and why did I switch?

    We did use previous solutions. We used a very old Oracle SSO, Oracle OID, and Oracle IDAS, all of which were unsupported by the time we went to upgrade.

    How was the initial setup?

    It was straightforward on the SiteMinder side. On the Identity Manager side, it was a little more complex because we had to maintain a certain legacy items. We have some authorization settings stored in databases that we need hook Identity Manager to and have it manage those. We had to create some custom code to do that. It wasn't too difficult.

    Which other solutions did I evaluate?

    We are looking at another tool from CA Advanced Authentication for our guest site, which is then millions of users. So far, we are still in QA, but it seems that it will scale just fine.

    What other advice do I have?

    We rely on word of mouth. We try to see if anybody has experience with working with this vendor. We're looking, not just for a vendor or a partner, we're looking for somebody who could be open, who can truly collaborate with us where we can exchange information freely and have both parties benefit.

    We really do not like having this vendor relationship where you throw something over the fence and you have this contract that tries to encompass everything. We want to have somebody that, even though our contract is limited to something, if it's something that either party is obviously responsible for, we can do it and we don't argue over little things.

    I would say go for it. You won't regret it. I think they're a very good products, very mature products. SiteMinder is synonymous with single sign-on. Identity Manager - it's a great tool.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user197580
    Enterprise Architect at a healthcare company with 1,001-5,000 employees
    Video Review
    Vendor
    We were using a homegrown-built system to manage identities and needed a better way to automate the process.

    What is most valuable?

    Identity Manager allows us to have a programmatic and paradigm shift in the way that we handle identities within our organization. What we had in the past was sort of a homegrown-built system to manage identities. That is individuals coming onto our systems and out of our systems. With the Identity Manager product, we're able to automate that in a way that we couldn't in the past. The single largest improvement has really been the ability to take what was a paper sort of process, e-mail sort of process, manager phone call process, down to an automated process which allowed us to go from one week to provision someone to ask the appropriate access down to about two hours.

    What needs improvement?

    We've met with the product development folks, and as far as improvements, we're really looking at them from a user experience. While all the key components are there to make the product work very well, what we're looking at is enhancing the product to have much more of a more modern approach and look and feel.

    What do I think about the stability of the solution?

    The actual application is very well designed and architected, and is very stable. We're very happy with the solution so far. The product is easily scalable and horizontally in that manner, so what that allows us to do is as we onboard more and more applications as endpoints for the Identity Manager, we're able to scale appropriately. Horizontal scaling is the ability to basically say, "Hey, I have ten more endpoints. I need two more instances of the application to manage those endpoints." It's easy to just instantiate them, as opposed to us having to buy bigger and bigger boxes to manage with more memory, more compute, more storage to manage those entities.

    How are customer service and technical support?

    Technical support from CA comes in two forms for us. The first one was regard to their sort of, what we call, staff augmentation model. Well, they helped us to understand the paradigm for a using Identity Manager, while at the same time helping us to understand how to use the actual product. The support that comes afterwards, which is also excellent, comes in the fact that they have forums for us to interact with. They also have sort of escalation procedures that we have a chance to work with, and so that supports us from both ends of the project. The introduction as well as the ongoing maintenance.

    Which solution did I use previously and why did I switch?

    In the past, we did sort of a simple sort of management of identities through, what we called, the manager calls you up and says, "I'm identifying the following person." It was sort of ad hoc, so to speak. With the Identity Manager product, in conjunction with the identity governance product, we were able to define roles, enterprise type roles, and then use the identity minder product to push those role's accesses out into the application world.

    How was the initial setup?

    I think the actual product itself is fairly simple and straightforward. The difficulty comes in trying to understand what is a paradigm for identity management in the context of this particular product.

    Which other solutions did I evaluate?

    Selecting a vendor is important to us. We need to make sure to pick the right vendor. Firstly, we look at are they one of the vendors we currently work with. Consistency in approach, consistency in the technology, consistency in the style, is all important for us. The product in and of itself is good, but what you need is a holistic approach from your organization, because identity management is not just simply a one area focus. It is an organizational issue. Make sure to include all the areas of the organization. We had a sort of homegrown applications that we wrote. Scripts and programs that were wrote to manage in the context of our current applications.

    What other advice do I have?

    It is really important that we find out what the community thinks of these products. They have been through the war, so to speak, and their ability to learn and understand what the shortcomings were, what lessons learned happened for them in their particular context, is really important for us. Simply getting a White Paper is great. It's a starting point, but I like to augment that with blog reviews and understand what the rest of world thinks about our product, especially when it comes to critical products like something like an identity management system.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user372519
    CIO at Bank Hapoalim
    Video Review
    Vendor
    We previously had an old security system and we saw that we needed a more robust system.

    What is most valuable?

    We are using the IDM solution for customer identification and authorization. We just started the project about a year ago. We have already implemented IDM on our website and our mobile applications. So far it's looking good. It's an interesting question because what we are getting back from our customers, they're quite afraid of what's happening because we have actually gone down from three identifiers on our website to two. In our mobile applications, we are now enabling one identifier and we have just implemented fingerprint recognition. Our customers were calling us and asking "look we are seeing cyber attacks happening, identification being stolen all over the world. How are you actually going down and using only this parameters for identification?"

    I think that the CA product enables us to do that. Get more security with lesser need of user identification.

    What needs improvement?

    There are actually quite a few nice things on the CA roadmap in the future. I think to have ability to enable our customers to have different roles, because we have customers that they can be a private customer, they can be part of an organization or a corporation and they need to have different roles. I think that's still something we will see in the future. We have some basic product to do that and we are starting to implement it but it will take us some time to get there.

    What do I think about the stability of the solution?

    It was a journey because when we started the project, we had trouble. We couldn't get the system easily installed, up and running but over the time we installed a different project from CA. Which is called Wiley [CA APM] which really enabled us to get things smooth, up and running and for the past 6 months we haven't had any defaults in the system.

    What do I think about the scalability of the solution?

    We started off with 10,000 customers on system, it looked good. Now we have about 1.6 million customers on the system, no problems at all.

    How are customer service and technical support?

    We had a technical support locally in Israel from CA but we were referred to CA Laboratories Worldwide. We had good support from them.

    Which solution did I use previously and why did I switch?

    Cyber security in these days is a very important issue as we all know. We had an old system, we saw that we cannot move ourselves into the digital age, the banking digital age, without a robust system that will enable us the capabilities we needed. We started looking around for a new platform quickly. We sorted out that CA's the best product for us and that is really the product we are based on to do our digital transformation in our bank.

    How was the initial setup?

    Since we are discussing a very vulnerable system which would actually be the front-end for our customers, at the end of the day. We had to take it really slow and we got the system up and running, co-existing with our old system. We did a lot of tests, we had, as I said before, a few customers on the system before we actually started to deploy. It took us about 8 months to get things up and running smoothly. Then we had the confidence to really migrate our customers to the new system.

    Which other solutions did I evaluate?

    We have long, long list of parameters that we, of course, check. It's about 5 pages of criteria and of course robustness, the ability to go forwards as a system over long years. Transforming to such a system is a very long process. We want to have a system that can be up with us for at least 10 to 15 years. We checked it quite thoroughly, we of course talked to other organizations that had the system. We think we had made a good decision.

    What other advice do I have?

    As it looks for now, it looks as an 8/10. I believe that it can go up to 9 and 10 in the future. I think that stability issues in the beginning of the process are a major thing. Getting the system up and running smoothly took us quite a few months. The main area would be the security area of course. Even our own employees, for example, cannot see customer data on the system. It's all encrypted so we don't see passwords, we have limited viewability of what's happening on the system in the security areas. I think that the system that's built to disable our own employees from data leak prevention aspects, almost unable entirely to take our data out of the system and share it with someone. That's a main factor having a security system in our organization.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user354783
    Sr. IT Security Architect at a healthcare company with 1,001-5,000 employees
    Vendor
    Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.

    Improvements to My Organization:

    We previously manually provisioned staff, but now Identity Manager allows us to do auto-provisioning. Auto-provisioning means that when there's any HR activity associated with an employee, it automatically, for example, de-provisions if the employee is fired or moves positions with different access privileges.

    We used to have a manual for new hired instructing them to send and email or make a phone call. It used to take 7 days for this process, for example, if we hired a $200/hour consultant. It didn't matter from a security admin perspective because they knew the new hire was coming on board, but it took a lot of manual effort and time.
    Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.

    Room for Improvement:

    I'd like to see it better integrated with the other CA security products.

    Deployment Issues:

    We've had no issues with deployment.

    Stability Issues:

    We're still executing Identity Manager, so far we haven't had a very bad experience. It looks like it's good, but we still have to learn a lot about how to use the product, but so far from what we've seen, it's a prominent product.

    Scalability Issues:

    We scaled for fifteen targeted endpoints. We are still at six, so we are still within the scoping half of what we anticipated. So far, so good.

    Initial Setup:

    The initial setup was IDM v8, but we could not really upgrade to v12. I don't remember on top of my head what were the technical reasons because the product has changed quite dramatically. It's a completely different architecture and everything, but the migrations we are doing now, from one version of 12 to another is quite straightforward.

    Other Advice:

    Have something in your mind, like a handful of targeted endpoints. Stick with them, implement it, then extend to the others. Don't just change your scope.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user354783
    Sr. IT Security Architect at a healthcare company with 1,001-5,000 employees
    Vendor
    it allows us to see the full, big picture of all the inter-connectivity of rules certification, provisioning, and endpoints. The tech support needs work.

    Valuable Features

    The most valuable features include governance certification and creation of rules. Ones the rules are created, they're put into IdentityMinder so that IdentityMinder can use those rules to provision all the users from provisioning or de-provisioning based on HR processes to create targeted endpoints. One of the targeted endpoints is used as the authentication alteration source for CS. What Identity Governance does is that it allows us to see the full, big picture of all this inter-connectivity.

    Improvements to My Organization

    The product is great with good fundamentals from its Integrity days some 16 years ago. The product is still living on the same principles, even as federation, cloud, B2B, and add-ons came into the picture. It has the core fundamentals and it's still sophisticated.

    Room for Improvement

    The technical support for this particular product is really poor and needs a lot of work.

    Stability Issues

    The stability of it seems good so far. Right now we are using rule mining, rule certifications, rule accessibility and GovernanceMinder. They're working fantastically.

    Customer Service and Technical Support

    Technical support is a fail.

    Initial Setup

    I wasn't involved in the setup.

    Other Advice

    Be sure to define your scope properly.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user351318
    Senior Information Security Analyst with 10,001+ employees
    Vendor
    We use IBM WebSphere, and Identity Manager works with it, as both sides achieve development and production.

    Valuable Features:

    We had a big problem with accounts synchronization provision as we used a very old identity manager solution, and we needed to change it. Then we acquired the new CA solution and we changed the solution. 

    It was a big challenge to change in only four months to CA Identity Manager, but we did it. Now we have accounts synchronization and self-service password reset. 

    Over the next two years, we will implement a new solution with CA for the accounts to put in Identity Governance. We need to implement 70 new systems inside Identity Manager.

    Improvements to My Organization:

    We use CA products because we have specific programs. For example, we use IBM WebSphere, and Identity Manager works with it. We implement and both sides achieve development and production, and we consider higher capability.

    Room for Improvement:

    My team doesn’t have much experience, so we need to hire a professional to work with us on site every day. This is difficult. I have 2700 servers and we have another project when 90% is obligated to use them but only 10% is a physical server.

    Stability Issues:

    At the moment, stability is so-so. We implemented this solution last month and the CA professional worked with us every day and made some configuration. I think our level of stability is normal for this stage.

    Other Solutions Considered:

    We made a request for a proposal to which IBM, Oracle, ISA, and CA responded. CA and Oracle were proven because the other ones didn’t agree with the time, four months, which is a big challenge. When my architecture team and security team checked the solutions, CA has a better score than Oracle, and they had a better price.

    Other Advice:

    You have to plan what you need. I had a bad experience in the past with an Oracle solution as my last company didn’t know what they needed. It's important to know what you need and where you can go. You need to have your systems and your integration prepared. We have had some surprises.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user351660
    Sr. Systems Analyst/Tech Lead at Loblaw Companies Limited
    Vendor
    ​It reduces a lot of the manual requests for on-boarding a new hire. We'd like to see improvements on the admin-side interface.

    What is most valuable?

    The most valuable feature is probably the role-base access granting, so we actually control everyone's access through roles. There are ad hoc accesses, but for the most part by being on-boarded as an employee or as contractor, you get a different set of baseline accesses. Those are managed through the Identity Management suite. Those will give you things like email, active directory account, access to our remedy ticketing system, and access to CA PPM.

    It also allows us to manage different types of users in different scenarios and different structures in active directory. For example, if you're a union warehouse employee, you don't need an email address. Or, if you're a contractor, it doesn't matter where your location is because you'll never be treated as an employee. All those different attributes are managed through Identity Manager.

    How has it helped my organization?

    Before we had this role-based control, we manually requested the security team to create a profile in the right place and to give individual access for each new hire. Now, Identity Manager reduces the manual requests for on-boarding someone. It helps ensure that when a new hire comes in, they automatically have the same access as everyone else on their team.

    What needs improvement?

    I saw some of the presentations here at CA world about the new interface for users to go in and request access and have their portal look really good. It's just a matter of us upgrading to that. The new user interface on the user side looks good, apparently it's not quite there yet on the admin side. To see something like that on the admin side would be amazing.

    If we were to add a new active directory group for someone to request access to, we have to build account templates and things like that for it. It's a very manual process that needs to be done ahead of time. With the newer version, you can actually go from the requester view. The requester can type in the name of the AD group he wants access to, and it will add that to the system in real time. Then it'll go through whatever approval we've setup saying that if you add a new AD group you would get managed professionally.

    What do I think about the stability of the solution?

    It has been stable. We do have an issue with the task persistence table that's an audit log in the data base. If unchecked it can grow to ridiculous sizes, which will cause the whole system to hang. The database will not be full, it's just that the table is so large that it can't write to old records anymore. It typically updates the status of old tasks. In the previous version that we had, there were issues with the clean-up task for that, which flat-out would not work. Since upgrading to 12.5, that task works. So we run it every week to keep only two, three weeks in that task persistence state-of-base. It's simpler from the actual audit data, so we don't need to keep very much of it, and if we keep too much operating data in there, it does cause issues.

    It's a scheduled task, so even within the product we're able to schedule that task. The problem was that in the previous version it didn't actually work, it wouldn't actually feedback data.

    What do I think about the scalability of the solution?

    We're currently running it for over 100,000 users in the system, but not all of them are active. Our active count is probably somewhere around 60,000. We're looking to take on more because we've acquired another company. We're looking to bring in their whole organization. We're going to be starting by bringing on their IT department, but we're looking to bring on their entire organization which will add another 40-50 thousand. We're currently talking with our account manager on licensing and costs for that.

    How are customer service and technical support?

    Customer Service:

    Technical Support:

    CA technical support is usually pretty good. Just like any kind of support, it takes time for them to get back to you and to actually come up with a solution.

    I don't do it myself directly as we have a team that supports it and they're the ones who'll engage CA.

    Which solution did I use previously and why did I switch?

    We had a consultant firm come in and do the install originally in 2009. They did a very bad job. It was a proof-of-concept version of a connector, and they hacked it together to make it work. It did not work probably, along with a lot of other things in the way that they configured and setup the tool. It just was not installed probably and there were all kinds of issues. We knew we had to basically tear this down and rebuild from scratch.

    How was the initial setup?

    Actually what we're running right now was the result of a complete rebuild in 2011, for which I was a major part. Prior to that, we were running an older version.

    It was complex because we wanted to migrate all of our data. It was a bit of a challenge to get everything moved from the old system to the new one. We did have problems outside of the scope of the software, but it was more of a business process issue. Just a week before we went live, our security manager over on the business side, decided he wanted to do an active directory account clean-up, which took us completely out of sync without data. Just before we went live, it took quite a bit to clean up, but it did make our go-live look bad.

    What other advice do I have?

    Make sure you integrate with other CA solutions from day one. It can be a challenge to get buy-in from other teams if you want to integrate later on.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user351561
    Middleware Engineer at a energy/utilities company with 10,001+ employees
    Vendor
    Allows us to identify a role for each application or for a group of applications.

    Valuable Features

    The features that I find most valuable are the creation of access and admin roles. You can also manage many different applications -- more than one hundred -- in only one box. It also adds a level of security that we didn't have previously.

    Improvements to My Organization

    We can identify a role for each application or for a group of applications. It's great in helping us organize and provide access to different apps.

    Room for Improvement

    Because it's software on our network, there are sometimes load-balancing issues or latency delays.

    Deployment Issues

    We've had no issues with deployment.

    Stability Issues

    It's always stable. We have different boxes installed and have never had a stability issue.

    Scalability Issues

    Nobody's complaining about it and we have 100,000 users, even though they're usually not all being authenticated at the same time.

    Customer Service and Technical Support

    We use technical support for issues and installations and they always help us. The biggest issues took a few weeks.

    Initial Setup

    The upgrades were complex, like from R6 to R12. Sometimes the import/export process was not working properly, but, we just opened a case and they figured it out for us.

    Other Advice

    Learn well how to use it. Train. Get CA training if you can as that would be the best.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user334890
    Manager, Identity and Access Management with 10,001+ employees
    Vendor
    It has enabled us to automate the process for adding and removing employees. The provisioning manager could use improvements.

    What is most valuable?

    It gives us the ability to automate the IAM process.

    How has it helped my organization?

    • Automating the process for new employees, removing employees, and so on
    • Self-service to grant access for applications and software
    • Delegate some functions to the help desk
    • Type group for some people with the same functions in the company

    What needs improvement?

    The provisioning manager could use improvements.

    For how long have I used the solution?

    I've used it since 2008.

    What was my experience with deployment of the solution?

    No issues encountered.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    9/10

    Technical Support:

    9/10

    Which solution did I use previously and why did I switch?

    No previous solution was used.

    How was the initial setup?

    The initial set-up was standard.

    What about the implementation team?

    We used CA Spain.

    What was our ROI?

    It's very high.

    What's my experience with pricing, setup cost, and licensing?

    Good prices and services.

    Which other solutions did I evaluate?

    We did, but I don't know which ones.

    What other advice do I have?

    You should know well your company's HR processes and rules to control the automation process.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user348315
    Information Security Analyst at a financial services firm with 1,001-5,000 employees
    Vendor
    End users now have an easier process requesting security access, although there are times when it looks as if it's available but a submitted request will get stuck.

    Valuable Features

    As far as valuable features go, one of the first ones is self-provisioning. The best thing is that our internal employees can provision their own access using the tool rather than contacting an internal group. Its built-in workflow handles all the needed approvals before it will provision the access.

    Improvements to My Organization

    The big benefit is that the end users have an easier process requesting security access. It’s a faster process for them so people get up and running faster and can do their jobs.

    Room for Improvement

    We’re in the middle of an upgrade with IM to 12.6. Once that’s done, we will get a better feel for what’s available; they’re deprecating some of the functionality in their provisioning manager product.

    It would be nice to have someone at CA that can handle some of the more technical questions we have.

    Stability Issues

    We have some stability issues. We go through waves every few months where it goes up and down lot. The product will look as if it’s available, but a request you submit will get stuck. There will be times where you can’t even log into it and it’s completely unavailable.

    Customer Service and Technical Support

    Our team hasn’t used their support directly, but our IT support team raises tickets and has a good working relationship with CA support. Sometimes getting a resolution is an ongoing problem. They are always helpful and there’s a good level of interaction, but we’re not necessarily always getting a solution. Sometimes CA points to our environment which could be the case, as opposed to their product.

    Initial Setup

    It was so complex. For us, it was a wholesale process change in our organization, not just the solution implementation, so it was lengthy. A lot of that time was spent internally going from one provisioning model to another. We had a lot of customization requests from CA who helped.

    Other Advice

    They’re reactive to our needs but don’t really understand our environment. A more in-depth understanding of our environment would help dig deep enough to help us get to where we need to be.

    They should have a handle on the role methodology that they’re going to pursue and use in their solution. That can get out of hand and become ridiculously unmanageable. That’s where we kind of jumped in and didn’t have anyone to guide us and provide an alternate perspective. We got into a methodology before understanding that’s the road we should have gone down.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user342633
    SiteMinder Engineer at a government with 501-1,000 employees
    Vendor
    User record, self-service features, and user rules and entitlements help us manage our users, although the only issue we have is related to the Microsoft integration.

    What is most valuable?

    I use the user record (a permanently stored data element), self-service features (access requests, application access, remove/change users), and the rules and entitlements for users.

    How has it helped my organization?

    These features really help our organization because they are the best features available for managing users.

    What needs improvement?

    The only issue we have is that sometimes we have an issue related to the Microsoft integration. That impacts Identity Manager's performance, and it's something we need.

    For how long have I used the solution?

    I've been using it for four years.

    What was my experience with deployment of the solution?

    No issues with deployment.

    What do I think about the stability of the solution?

    Most of the time, because we do a lot of testing, it seems to be in good shape, and as far as I can see there's no problem at all with stability.

    What do I think about the scalability of the solution?

    We have issues with scalability, and it has taken time due to the requirement of extra memory and more CPU.

    How are customer service and technical support?

    Very well, as I have been working with these people for a while. I have never had any issues with the technical support. They support us 24/7 and are really good.

    Which solution did I use previously and why did I switch?

    The initial set up was complex because we had a lot of documentation. We had to look at our system first and see the platform with other products. It takes a while to build and for it to work with our sandbox, but eventually it was fine. Although it did take time initially, after that it was a cake walk.

    How was the initial setup?

    It was all done in-house, but again the technical support was there when required.

    Which other solutions did I evaluate?

    We saw other options in the market, but the technical support of CA made the difference. This is why we chose the product. If the system is down, someone could help us and this was an important factor.

    What other advice do I have?

    I don't see any issues with CA, and everyone in the business is happy with CA and their support. Everything is good.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user334941
    Security Consulting Manager at a tech services company with 10,001+ employees
    Real User
    It's allowed us to implement compliance improvements. There's room for improvement on how components interact with each other and external components.

    Valuable Features

    • Identity
    • Lifecycle
    • Provisioning

    Improvements to My Organization

    Compliance improvements.

    Room for Improvement

    • Cloud integration
    • More flexibility and interoperability - how components interact with each other and external components

    Use of Solution

    I have experienced implementing previous versions of the product six years ago.

    Deployment Issues

    No issues encountered.

    Stability Issues

    No issues encountered.

    Scalability Issues

    No issues encountered.

    Customer Service and Technical Support

    Customer Service:

    9/10

    Technical Support:

    9/10

    Initial Setup

    Quite straightforward.

    Implementation Team

    I’m part of a consulting team that does the implementation.

    Other Solutions Considered

    I’m aware on qualities of Novell (Netiq) Identity Manager and IBM Security (Tivoli) identity manager. It depends completely on business needs – for some cases one product will fit, for another cases another.

    Other Advice

    At first, a company should have an IAM strategy and clear vision. Then thorough a vendor comparison matrix to determine what product(s) matches what you need. Only then it will you have an understanding of whether to implement CA or not.

    Disclosure: My company has a business relationship with this vendor other than being a customer: We're business partners.
    it_user328731
    Information Security Manager at a aerospace/defense firm with 1,001-5,000 employees
    Vendor
    We like that it synchronizes with our HR system. We would like to see customer service respond faster.

    What is most valuable?

    The user interface The synchronization with our HR system

    How has it helped my organization?

    I know that CA are always trying to improve and upgrading with improvements.

    For how long have I used the solution?

    I've used it for 11 years, and it has improved greatly over time.

    What was my experience with deployment of the solution?

    After a big update and upgrade, we have no problems with the system.

    What do I think about the stability of the solution?

    The system is very stable, it isn’t freezing and it handles everything very well.

    How are customer service and technical support?

    They don’t give a resolution immediately. They tend to take time coming up with answers. We are not really satisfied with the customer service. They do…

    What is most valuable?

    • The user interface
    • The synchronization with our HR system

    How has it helped my organization?

    I know that CA are always trying to improve and upgrading with improvements.

    For how long have I used the solution?

    I've used it for 11 years, and it has improved greatly over time.

    What was my experience with deployment of the solution?

    After a big update and upgrade, we have no problems with the system.

    What do I think about the stability of the solution?

    The system is very stable, it isn’t freezing and it handles everything very well.

    How are customer service and technical support?

    They don’t give a resolution immediately. They tend to take time coming up with answers. We are not really satisfied with the customer service. They do solve problems in the end, it just takes time.

    Which solution did I use previously and why did I switch?

    No, we didn’t use a previous solution. This is the first solution we ever implemented and we have been very satisfied ever since.

    How was the initial setup?

    Initially it was a bit complicated as it was really something new in the market and the idea of identity management that works automatically and synchronizes with a HR system was not common. We were a pioneer. It was complicated to start these projects, the planning, architecture, and data mining that we had to do in the first step.

    What about the implementation team?

    We did it by ourselves, and had to do a lot of thinking by ourselves to get to the step of implementation. It took a bit of time because at that point there was not a lot of knowledge on how to implement such a new solution, so it took time. After we passed this step it moved on. But today when you launch these projects, everyone has a lot of experience from over the years and knows the steps. In 2004 it was really a startup. Now we are specialists.

    What was our ROI?

    Yes, we have had a return on investment. All of the time saved on administration and user lifecycles. Now it’s all automatic. When a new employee is coming to the organization a new user is created, when I put it in the HR system a new user will be automatically created. Also when a user is let go, or has retired everything happens automatically. It helps because we have a lot of temporary employees that we bring in. It’s hard to imagine having to do this all manually.

    What's my experience with pricing, setup cost, and licensing?

    I think the pricing is reasonable.

    Disclosure: My company has a business relationship with this vendor other than being a customer: We are now in a long term relationship, we work very tight and most of the people have worked there for a long time. They help us and advise us, as well as introducing us to their other customers for us to consult. We have a good relationship.
    it_user326493
    Enterprise Architect at a insurance company with 1,001-5,000 employees
    Vendor
    It helps us with propagation of identities, although it'd be great if they could enable social media identities.

    Valuable Features

    I find that the propagation of identities is what is most valuable about the solution.

    Room for Improvement

    It would be great if they could enable social media identities. That’s the one thing we would like to have.

    Use of Solution

    I've used it for five years.

    Deployment Issues

    The installation was OK. We had some problems with operating it, and because we use other products in the suite it made upgrading more complex. We do have a lot of other of their products also.

    Stability Issues

    We’re only using it for employees, so the stability is handled very well.

    Scalability Issues

    We're not putting too many users into the system, so it handles this very well.

    Customer Service and Technical Support

    Customer Service:

    They have been very proactive.

    Technical Support:

    They have been very proactive.

    Implementation Team

    It was done in-house.

    Pricing, Setup Cost and Licensing

    We have a functional need. Therefore it was considered as more of an expense rather than an investment.

    Other Solutions Considered

    We looked at Oracle Identity and Access Management Suite that was the major contender at the time.

    Other Advice

    I would be clear on what is the price for your customer and their identities. If you are going to manage partners, customers and other entities the numbers can get quite large, so it’s important to understand what you are getting.

    We did a number of things in our deployment which made life more difficult on us. All in all it’s a positive relationship. The only concern we have is with the social logins and clouds.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    ITCS user
    Senior Infrastructure Engineer with 10,001+ employees
    Vendor
    The GUI provides user-account centralization and auto-maintenance of accounts on different end points, yet the GUI is more complicated than it needs to be.

    What is most valuable?

    The product is easy to install, setup and configure. For me the ease of installation and configuration was most valuable as my experience with earlier Oracle Identity Manager products was slightly tedious. Things might be different now with Oracle products though. Also, CA provided a long list of standard connectors which did not require too much of customization and it suited well with the customer.

    How has it helped my organization?

    For the customer, the product provided an easy to use GUI for user-account centralization and auto-maintenance of accounts on different end points (target systems). Much of the manual tasks such as sending mails for approval and requests were reduced greatly. The amount of helpdesk calls were greatly reduced due to self-service tasks provided by the product.

    What needs improvement?

    With the new age products such as Dell, Forgerock, and Ping, and the change in demands of the customer, CA needs to do a lot more. For example, Dell IM provides built-in features with governance in mind, although they also provide a separate product called IM with governance edition.

    The GUI in CA is more complicated where a user might have to drill down more into the menu to find the real form. Also, during configuration for a new person it's a tough deal to drill into the menus to find the place to actually setup.

    CA came up with SIGMA to be better on GUI and scalability, but it had a lot of issues and poor scalability in both versions. I lost one bid purely based more on the poorer GUI provided by CA, and due to the fact that SIGMA did not provide things which were asked by the customer and did not provide scope of much customization either, so I did not understand the use of the product. I am not aware if SIGMA is officially launched now or not.

    For how long have I used the solution?

    I've used it for around three years.

    What was my experience with deployment of the solution?

    Migrating and comparing objects using the add-on tool Config Xpress has its own challenges, we had some issues when we connected the two development and production environments and tried comparing. We used it the other way, i.e exporting the environment XML files which was indeed time consuming.

    What do I think about the stability of the solution?

    Overall, it's quite a stable product.

    How are customer service and technical support?

    I would 3.5/5 as it was good, but with some slight delay.

    Which solution did I use previously and why did I switch?

    I have used Oracle's product, and am currently also using Dell. My previous customer moved from Oracle to CA purely due to cost factor. With a simple requirement, I would still use CA, but with newer customer demands. CA has to come up with new features which other vendors provide and tune up the GUI.

    How was the initial setup?

    It's a very straightforward process, very easy to use.

    What about the implementation team?

    I have implemented it both with a vendor team and an in-house one as well. Implementation is straightforward, you just need to read the manuals provided by CA which says it all from installation and configuration to tuning.

    What's my experience with pricing, setup cost, and licensing?

    I haven't actually dealt with the licensing costs etc. but i know it's cheaper than Oracle, but more expensive than Dell/Microsoft/Forgerock.

    What other advice do I have?

    As with all products, this has its pros and cons please do a study of other products based on your requirements before deciding on a product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user310890
    Chief Consultant at a tech services company with 1,001-5,000 employees
    Consultant
    It provides for self-service and role-based provisioning, although the UI could use some improvements.

    What is most valuable?

    Self-service Role-based provisioning Access

    How has it helped my organization?

    It's saved on administration time, and reduced the wait time for access. It's also improved our compliance.

    What needs improvement?

    Installation and upgrading is complex User Interface

    For how long have I used the solution?

    I've used it for six years.

    What was my experience with deployment of the solution?

    We did have some issues, but we were able to resolve them.

    What do I think about the stability of the solution?

    Yes, as Jboss cannot handle too much load.

    What do I think about the scalability of the solution?

    Yes, when feeding many users.

    How are customer service and technical support?

    Customer Service: It's good. Technical Support: It's very good. …

    What is most valuable?

    • Self-service
    • Role-based provisioning
    • Access

    How has it helped my organization?

    It's saved on administration time, and reduced the wait time for access. It's also improved our compliance.

    What needs improvement?

    • Installation and upgrading is complex
    • User Interface

    For how long have I used the solution?

    I've used it for six years.

    What was my experience with deployment of the solution?

    We did have some issues, but we were able to resolve them.

    What do I think about the stability of the solution?

    Yes, as Jboss cannot handle too much load.

    What do I think about the scalability of the solution?

    Yes, when feeding many users.

    How are customer service and technical support?

    Customer Service:

    It's good.

    Technical Support:

    It's very good.

    Which solution did I use previously and why did I switch?

    No previous solution was used.

    How was the initial setup?

    It was complex because many servers are needed to follow best practice. Many manual steps are time consuming. If you add the Governance component for full IAG, it will be even more complex, because it is not properly integrated with IdM but more a separate product.

    What about the implementation team?

    We used a vendor team who had a high level of experience.

    Which other solutions did I evaluate?

    We also looked at options from IBM and Oracle.

    What other advice do I have?

    You should use a vendor team for the design and initial implementation.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user326463
    Domestic Markets - Finance at a financial services firm with 1,001-5,000 employees
    Vendor
    It requires less people to administrate because it helps with profile configuration, although improvements to IHM would make it more user-friendly.

    What is most valuable?

    The range of provisionning possibilities, such as native connectors and tools which facilitate the development of new ones.

    How has it helped my organization?

    • The automatic creation and removal of the accounts
    • Passwords change process organized and controlled by the user
    • Least priviledge rules applied
    • Profiles easy to configure, so less people are needed to administrate the solution
    • All processes around user accounts are simplified
    • Assets and business modeling improved

    What needs improvement?

    CA technologies must improve IHM for a better user-friendly approach.

    For how long have I used the solution?

    I've been using the solution for eight years.

    What was my experience with deployment of the solution?

    Version changes are long and tiresome.

    What do I think about the stability of the solution?

    There are issues with the web services.

    How are customer service and technical support?

    Customer Service:

    7/10.

    Technical Support:

    5/10.

    Which solution did I use previously and why did I switch?

    No solution was previously in place.

    How was the initial setup?

    Setup is still complex when you plug a solution in a huge environment. A number of days were necessary to adjust everything.

    What about the implementation team?

    We used a vendor team who were 8/10.

    What was our ROI?

    We only need two people to administrate, maintain and support the solution.

    What's my experience with pricing, setup cost, and licensing?

    The same price as the other editors with a cost by users, but with additional solutions there is often room for negociation.

    Which other solutions did I evaluate?

    • Sailpoint Identity IQ
    • Ping Identity
    • IBM Tivoli Identity Manager

    What other advice do I have?

    Stay with the native functions, and don't make too many custom developments.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ITCS user
    Middleware specialist at a insurance company with 10,001+ employees
    Real User
    It provides a user-friendly front-end to manage LDAP-based users, and although the customer UI is modern, it could be improved more to made easier to use.

    Valuable Features

    Our customers find it easy to use.

    Improvements to My Organization

    It provides a user-friendly front-end to manage LDAP-based users.

    Room for Improvement

    The interface is modern, but could have been made even easier to use for the customers.

    Use of Solution

    I managed it for approximately three years.

    Deployment Issues

    No issues encountered.

    Stability Issues

    No issues encountered.

    Customer Service and Technical Support

    Customer Service: It's a little bit difficult to support. Technical Support: It's reasonable. The support is not the quickest to respond and does not have a mature process in terms of what logs must be gathered, and what to gather before raising a case.

    Implementation Team

    CA provided assistance with augmentation of the…

    Valuable Features

    Our customers find it easy to use.

    Improvements to My Organization

    It provides a user-friendly front-end to manage LDAP-based users.

    Room for Improvement

    The interface is modern, but could have been made even easier to use for the customers.

    Use of Solution

    I managed it for approximately three years.

    Deployment Issues

    No issues encountered.

    Stability Issues

    No issues encountered.

    Customer Service and Technical Support

    Customer Service:

    It's a little bit difficult to support.

    Technical Support:

    It's reasonable. The support is not the quickest to respond and does not have a mature process in terms of what logs must be gathered, and what to gather before raising a case.

    Implementation Team

    CA provided assistance with augmentation of the existing solution, they provided quite a good level of support during the project.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ITCS user
    Information Security Analyst at a financial services firm with 10,001+ employees
    Real User
    It has provided a centralized platform to manage the lifecycle of all identities across different endpoint systems.

    What is most valuable?

    User-friendly UI In built connectors for various endpoints

    How has it helped my organization?

    It's provided a centralized platform to manage the lifecycle of all identities across different endpoint systems such as Active Directory, Salesforce, etc.

    What needs improvement?

    It should be better when doing custom connections.

    For how long have I used the solution?

    I've used it for one year and two months.

    What was my experience with deployment of the solution?

    There were very few issues.

    What do I think about the stability of the solution?

    At times we had issues with CA Identity Manager tasks getting hung in an "In Progress" state. We had to restart the instances, but that happens very seldom.

    What do I think about the scalability of the

    What is most valuable?

    • User-friendly UI
    • In built connectors for various endpoints

    How has it helped my organization?

    It's provided a centralized platform to manage the lifecycle of all identities across different endpoint systems such as Active Directory, Salesforce, etc.

    What needs improvement?

    It should be better when doing custom connections.

    For how long have I used the solution?

    I've used it for one year and two months.

    What was my experience with deployment of the solution?

    There were very few issues.

    What do I think about the stability of the solution?

    At times we had issues with CA Identity Manager tasks getting hung in an "In Progress" state. We had to restart the instances, but that happens very seldom.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    8/10.

    Technical Support:

    7/10.

    Which solution did I use previously and why did I switch?

    No previous solution was in place.

    How was the initial setup?

    It was complex due to the vast number of identities in the organization.

    What about the implementation team?

    It was implemented in-house.

    What was our ROI?

    It's more than satisfactory.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user201936
    Security Manager at a tech services company with 10,001+ employees
    Real User
    It has delegated responsibility across to the customers, but bulk load capability needs improving.

    What is most valuable?

    The ability to customise the screen, and create a technical solution suited to the business requirements including delegation, password management and role based access.

    How has it helped my organization?

    Delegated responsibility across to the customers, instead of the organisation maintaining the user. In addition, this also allows user privacy and security to be maintained.

    What needs improvement?

    Multiple areas:

    • Bulk Load capability
    • Services
    • Organisation propagation, etc.

    For how long have I used the solution?

    I've used it for the last seven years.

    What was my experience with deployment of the solution?

    Deployment was stable. Only issue was with the policy express and emails which were very dependent on the exact name instead of a tag.

    What do I think about the stability of the solution?

    If the product has been tuned, appropriated, and appropriate memory has been allocated, there are no issues with stability.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    8/10.

    Technical Support:

    8/10.

    Which solution did I use previously and why did I switch?

    No. We moved from a manual user management system to a delegated user management system.

    How was the initial setup?

    Provided the requirements are set, the initial setup was straightforward. Subsequent functionality within CA IM is not appropriately documented creating issues.

    What about the implementation team?

    We used a vendor whose level of expertise was 8/10.

    Which other solutions did I evaluate?

    Yes, we also considered using Oracle Identity Manager.

    What other advice do I have?

    Use an agile approach of delivery if the business is not aware of what it wants.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ITCS user
    Senior Technical Consultant at a consultancy with 51-200 employees
    Consultant
    Better recovery for the app server with the DB connectivity is needed. Access granularity is helpful.

    What is most valuable?

    Group management Task delegation Access granularity

    How has it helped my organization?

    It allowed local departments to manage the people in their own groups, without any help from the IT department.

    What needs improvement?

    Better recovery for the application server with the DB connectivity.

    For how long have I used the solution?

    Two years.

    What was my experience with deployment of the solution?

    Yes, at some point CA support repaired the bug.

    What do I think about the stability of the solution?

    Yes, sometimes the connection with the DB is lost, and it isn't fully recovered without restarting the server.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer…

    What is most valuable?

    • Group management
    • Task delegation
    • Access granularity

    How has it helped my organization?

    It allowed local departments to manage the people in their own groups, without any help from the IT department.

    What needs improvement?

    Better recovery for the application server with the DB connectivity.

    For how long have I used the solution?

    Two years.

    What was my experience with deployment of the solution?

    Yes, at some point CA support repaired the bug.

    What do I think about the stability of the solution?

    Yes, sometimes the connection with the DB is lost, and it isn't fully recovered without restarting the server.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    7/10.

    Technical Support:

    7/10.

    Which solution did I use previously and why did I switch?

    No previous solution used.

    How was the initial setup?

    I think it depends on your background, but as soon as you understand the terminology it's not so complex.

    What about the implementation team?

    We did an in-house implementation.

    What was our ROI?

    Engineering and operational.

    Which other solutions did I evaluate?

    Do a good gathering of your requirements and make sure you are creating the system architecture it in the right way.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user183003
    Director of Engineering at a tech services company with 51-200 employees
    Consultant
    While IDM has the capability to delegate, the process is not intuitive.

    What is most valuable?

    The most valuable features of this product are the following:

    1. Policy Xpress
      Allows for the ability to build policies triggered off of events in a codeless manner.
    2. Separation of Duty (SOD) policies
      Gives the ability to create roles and/or policies with a criteria for removal or addition of a role, policy, or an entitlement based on the user’s title as an example.
    3. Connectors
      IDM has a rich set of connectors that covers traditional on premise, SAAS related, or custom resources. IDM provides the ability to create a custom connector through its Connector Xpress module. The module itself allows one to build a connector to any resource that is either LDAP or database driven. Once again this process involves no coding for the task.

    How has it helped my organization?

    I'm an integrator, and as a result I deploy solutions in behalf of an organization. IDM improves the organizations ability to govern the life cycle of an end user. The life cycle starts with the on-boarding of an individual to the organization, whether it’s a contractor, consultant, employee (full or part time), or a partner. The life cycle ends with the departure of the individual from the organization. Everything in between is about managing the user's access, permissions, profile, and evolution from an identity stand point. We (Mycroft) advise and implement the necessary user cases that drives the successful central management of identities for an organization. Plain and simple, IDM provides the automation that allows the IT and respective business department(s) to focus in on other pressing needs while IDM standardizes the identity practice.

    What needs improvement?

    The areas of this product which requires improvement are as follows:

    1. The User Interface (UI)
      The User Interface has been improving over time and there are products such as IDMLogic Sigma that improves upon the user UI experience.
    2. Its delegation model
      While IDM has the capability to delegate, the delegation process is not intuitive or forthcoming to the clients. The delegation model is present but it’s not a straight forward model to design against.

    These two areas are the ones that stand out, as I probably developed a tolerance over the years for any other if others do exist.

    For how long have I used the solution?

    Eight years.

    What was my experience with deployment of the solution?

    Yes, but deployment issues are hardly product installations, but rather retro-fitting the installation to the core principals of the organization. Anyone can install the product within a 20 minute window in an ideal scenario. Each organization has environmental complexities and business policies that at times causes issues with the deployment.

    What do I think about the stability of the solution?

    No issues with stability.

    What do I think about the scalability of the solution?

    No issues with scalability. Typically deployments are done with an assumption that an organization will grow by a certain percentage in the foreseeable future. As a result the architecture will adhere to the growth plans accordingly.

    How are customer service and technical support?

    Technical support has drastically improved over the years, as a result I would rate them at 7.5 and climbing.

    Which solution did I use previously and why did I switch?

    While I implement solutions for organizations, I witness switches for the following reasons:

    • Staff are no longer knowledgeable on the solution as a result of staff turnover over time
    • Product configuration has not been maintained to support needs of the business over time
    • Vendor Support and direction
    • Cost model
    • The direction of the organization and its relationship with other vendors

    How was the initial setup?

    In my experience, the posture of the setup has a direct correlation to the use case mapped to the feature set and functionality. There are numerous ways to implement a solution, but the level of complexity stems from the ability to simplify the requirements and work with the business on compromises. All organizations have security and business policies that they mandate by or govern towards. As a result, the initial setup or configuration is a direct by-product of how the use case is socialized into the product. At times, some business processes should not be subjected to IDM at all. unless there are compromises to how the business flow is managed. Understanding this basic idea and product limitations go hand in hand.

    What was our ROI?

    The ROI on CA IDM is a result of the following 3 areas:

    1. Employee productivity
      Faster onboarding process and provisioning. The ability for end user to perform self-service password resets and utilize an access requests system.
    2. IT cost savings
      The ability to focus less on traditional cost areas around password resets, user on-boarding, and essentially the whole user life cycle allows IT to spend on other technical areas wisely. Cost savings to IT is not only how to save but also how to re-purpose the funds to other needed areas.
    3. Cost avoidance.
      Potentially recovering from security breaches or violations and the cost to recover from them. Centralized management introduces efficiency that leads to shared resources not redundant work throughout an organization.
    Disclosure: My company has a business relationship with this vendor other than being a customer: strategic partner
    it_user179250
    Applications Analyst with 10,001+ employees
    Vendor
    Improvement to the control of policy execute is needed but Policy Xpress makes modifying handling of user data so easy

    What is most valuable?

    Policy Xpress makes modifications to how our user data is handled so easy.

    How has it helped my organization?

    This product has allowed me to take the repetitive tasks away from a person so the value of a person is better.

    What needs improvement?

    An out of the box way to control when a policy executes.

    For how long have I used the solution?

    Five years.

    What was my experience with deployment of the solution?

    No, not after someone explained a way to use Screen Logical Attributes to control the execution of policies.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service: I love…

    What is most valuable?

    Policy Xpress makes modifications to how our user data is handled so easy.

    How has it helped my organization?

    This product has allowed me to take the repetitive tasks away from a person so the value of a person is better.

    What needs improvement?

    An out of the box way to control when a policy executes.

    For how long have I used the solution?

    Five years.

    What was my experience with deployment of the solution?

    No, not after someone explained a way to use Screen Logical Attributes to control the execution of policies.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    I love their customer service.

    Technical Support:

    I'd rate them 10/10. I have my go to techs.

    Which solution did I use previously and why did I switch?

    We didn't have a solution previously.

    How was the initial setup?

    Identity managment is a complex animal no matter what product you use.

    What about the implementation team?

    We used a vendor team who I would rate as 10/10.

    Which other solutions did I evaluate?

    Look at training from the vendor not just their perfect scenarios but real world issues. Make sure your users have the skills needed to manage the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user178560
    Assistant Manager at a transportation company with 1,001-5,000 employees
    Vendor
    Extremely good customization possible but there are stability issues if there isn't enough RAM.

    Valuable Features

    Extremely good customization possible with respect to local language support.

    Improvements to My Organization

    In our environment we have build separate environments and roles structures based on language and look and feel for their products.

    Use of Solution

    4 years.

    Deployment Issues

    Only minor issues.

    Stability Issues

    Sometimes, earlier only due to lack of RAM. Now it's stable most often.

    Scalability Issues

    Haven't faced any so far.

    Customer Service and Technical Support

    Customer Service: 8 out of 10. Technical Support: 7 out of 10.

    Initial Setup

    It was a little complex.

    Other Solutions Considered

    No other options evaluated.

    Other Advice

    Perform a pre-implementation analysis as to what level you would like to implement the solution…

    Valuable Features

    Extremely good customization possible with respect to local language support.

    Improvements to My Organization

    In our environment we have build separate environments and roles structures based on language and look and feel for their products.

    Use of Solution

    4 years.

    Deployment Issues

    Only minor issues.

    Stability Issues

    Sometimes, earlier only due to lack of RAM. Now it's stable most often.

    Scalability Issues

    Haven't faced any so far.

    Customer Service and Technical Support

    Customer Service:

    8 out of 10.

    Technical Support:

    7 out of 10.

    Initial Setup

    It was a little complex.

    Other Solutions Considered

    No other options evaluated.

    Other Advice

    Perform a pre-implementation analysis as to what level you would like to implement the solution (only role mapping/provisioning/AD sync etc) and to how it can meet your needs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user178524
    Senior Solutions Architect at a tech services company with 51-200 employees
    Consultant
    The major plus points are simplicity, but do ensure you have the right resources before you implement this product.​

    What is most valuable?

    The simplicity, easy installation and configuration.

    How has it helped my organization?

    I worked on this product as a consultant implementing it at various client locations so I cannot really answer this question from my own organization's point of view. But the tremendous value at client locations has been a centralized and simplified identity provisioning and management solution.

    What needs improvement?

    Been quite a while since I worked on it so I can't really comment on how far the product has come in the past 2-3 years.

    For how long have I used the solution?

    For almost 2 years at various engagements

    What was my experience with deployment of the solution?

    Nothing major encountered.

    What do I think about the stability of the solution?

    None encountered.

    What do I think about the scalability of the solution?

    No. The product gives flexibility with respect to application servers and databases so scalability more depends on the platform you choose.

    How are customer service and technical support?

    Customer Service:

    Very good.

    Technical Support:

    Very good.

    Which solution did I use previously and why did I switch?

    Clients I have worked at either didn't have an existing solution or had older versions of the same product.

    How was the initial setup?

    It is straightforward if you read the product documentation and understand the architecture before your set it up.

    What other advice do I have?

    The major plus points are simplicity, but do ensure you have the right resources before you implement this product.

    Disclosure: My company has a business relationship with this vendor other than being a customer: We are a vendor partner
    it_user178146
    Manager, Domain Services Tech Ops at a hospitality company with 1,001-5,000 employees
    Vendor
    Be prepared for issues with the web interface and avoid heavy customization. Web services is a valuable feature.

    Valuable Features

    User provisioning Web services

    Improvements to My Organization

    Enabled enhanced delegated control to application owners and third party support reducing overhead cost to support desk and directory services teams

    Room for Improvement

    GUI/Web interface

    Use of Solution

    10+ years.

    Deployment Issues

    Numerous. Despite having a Linux/JBOSS version it does not perform at the same level of proficiency as Windows/.NET.

    Stability Issues

    Yes

    Scalability Issues

    No

    Customer Service and Technical Support

    Customer Service: 9 out of 10. Technical Support: 7 out of 10,

    Initial Setup

    Complex, documentation was inadequate as was professional services.

    Implementation Team

    Combination, and experience for professional services was less than adequate. …

    Valuable Features

    • User provisioning
    • Web services

    Improvements to My Organization

    Enabled enhanced delegated control to application owners and third party support reducing overhead cost to support desk and directory services teams

    Room for Improvement

    GUI/Web interface

    Use of Solution

    10+ years.

    Deployment Issues

    Numerous. Despite having a Linux/JBOSS version it does not perform at the same level of proficiency as Windows/.NET.

    Stability Issues

    Yes

    Scalability Issues

    No

    Customer Service and Technical Support

    Customer Service:

    9 out of 10.

    Technical Support:

    7 out of 10,

    Initial Setup

    Complex, documentation was inadequate as was professional services.

    Implementation Team

    Combination, and experience for professional services was less than adequate.

    Other Solutions Considered

    We evaluated Novell and Oracle as well, and for our needs this was still the best solution.

    Other Advice

    Be prepared for issues with the web interface and avoid heavy customization.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    ITCS user
    Manager at Flex Consultancy Services Pte Ltd
    Vendor
    Setup is considered straightforward due to a wizard based installation. However it is complicated due to HA requirements

    What is most valuable?

    Identity Policy and its Ability to support Account Provisioning to RACF and AD/Exchange.

    How has it helped my organization?

    This solution was implemented for a Financial Client to automate account provisioning across various disparate systems (more than 80 systems across 5 countries). From an HR perspective, when an employee leaves the organisation, suspension, transfer and removal of access to systems can be completed within 7 days in comparison to up to 30 days when handling it manually. Access to system(s) can now be approved and granted within 3 working days going through a self-service application and approval process.

    What needs improvement?

    Lack of a comprehensive attestation component/product and easy to use workflow that supports both attestation and provisioning. However, currently CA does have a product for attestation.

    For how long have I used the solution?

    3 years

    What was my experience with deployment of the solution?

    Main issues were with migration of data from a 8.x to 12.5 sp2.

    What do I think about the stability of the solution?

    No stability issues.

    What do I think about the scalability of the solution?

    No scalability issues

    How are customer service and technical support?

    Customer Service:

    7/10

    Technical Support:

    8/10

    Which solution did I use previously and why did I switch?

    No previous solution used.

    How was the initial setup?

    Initial Setup is considered straightforward due to its wizard based installation. However, it is complicated due to HA requirements.

    What other advice do I have?

    Compilation of data for Attestation manually may take 3-6 months or more if the organisation has large number of assets distributed across several countries. The need to maintain up-to-date access list on every asset also poses a challenge.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user176574
    Delivery Manager at a tech services company with 51-200 employees
    Consultant
    Setup is straightforward and can be done quickly, but the UI has lots of room for improvement

    What is most valuable?

    Provisioning server and Policy Xpress.

    How has it helped my organization?

    It provides a robust provisioning facility which enables admin configuration. Complex provisioning rules are quick to change when business requirements do.

    What needs improvement?

    Workflow engine and workflow configuration. Also, the user interface has a lot of room for improvement.

    For how long have I used the solution?

    2 years.

    What was my experience with deployment of the solution?

    Yes, we encountered many product issues during deployment, and some were identified as product limitations.

    What do I think about the stability of the solution?

    So far no, the product works well and it's stable.

    What do I think about the scalability of the solution?

    Not at this moment. …

    What is most valuable?

    Provisioning server and Policy Xpress.

    How has it helped my organization?

    It provides a robust provisioning facility which enables admin configuration. Complex provisioning rules are quick to change when business requirements do.

    What needs improvement?

    Workflow engine and workflow configuration. Also, the user interface has a lot of room for improvement.

    For how long have I used the solution?

    2 years.

    What was my experience with deployment of the solution?

    Yes, we encountered many product issues during deployment, and some were identified as product limitations.

    What do I think about the stability of the solution?

    So far no, the product works well and it's stable.

    What do I think about the scalability of the solution?

    Not at this moment.

    How are customer service and technical support?

    Customer Service:

    The customer representatives of CA are good and they always give quick responses.

    Technical Support:

    The support is helpful, the response time is fast, and their knowledge is good.

    Which solution did I use previously and why did I switch?

    Yes we used Oracle Identity and Oracle Waveset.

    How was the initial setup?

    Yes the setup is straightforward and it can be done quickly.

    What about the implementation team?

    I am working within a vendor team.

    Which other solutions did I evaluate?

    Yes, Oracle Identity Manager

    What other advice do I have?

    The ongoing support of the product is extremely important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user175146
    System Engineer at a tech services company with 10,001+ employees
    Real User
    Features have been improving with each release. The web service configuration should be improved.

    What is most valuable?

    Connector Development (connector Express) and Policy Express enhanced feature which is improving every time with new releases.

    How has it helped my organization?

    Self service portal helps the user to manage approval, delegation, password management and its bulk task capability resolves lot of problem.

    What needs improvement?

    Custom connector, web service configuration and use.

    For how long have I used the solution?

    4 years

    What was my experience with deployment of the solution?

    Easy, I can say it's the best on the market with small amount of manpower.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and

    What is most valuable?

    Connector Development (connector Express) and Policy Express enhanced feature which is improving every time with new releases.

    How has it helped my organization?

    Self service portal helps the user to manage approval, delegation, password management and its bulk task capability resolves lot of problem.

    What needs improvement?

    Custom connector, web service configuration and use.

    For how long have I used the solution?

    4 years

    What was my experience with deployment of the solution?

    Easy, I can say it's the best on the market with small amount of manpower.

    What do I think about the stability of the solution?

    No issues encountered.

    What do I think about the scalability of the solution?

    No issues encountered.

    How are customer service and technical support?

    Customer Service:

    Good but more skilled people required according to geographical location.

    Technical Support:

    Good.

    Which solution did I use previously and why did I switch?

    No previous solution used.

    How was the initial setup?

    Straightforward, as it was simple with few resources needed.

    What about the implementation team?

    Self implemented.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user1125
    Network Engineer at a retailer with 51-200 employees
    Vendor
    “A smart identity management solution that adds to your business advantage”

    Valuable Features:

    • Allows individual users to work in a controlled and secure environment, whereby user authentication, access control, password administration, and smooth workflow are ensured. • Even if a user forgets theirs access information or password, Identity Manager helps users to restore access. This reduces the cost of help-desk support while making the daily operations much smoother. • Large sized organizations require Identity Manager to ensure that their network and systems are secure for use or for access by delegated users. • It ensures that business workflow is in compliance with secure standards of technology infrastructure.

    Room for Improvement:

    • Cost is the only demerit of Identity Manager because it requires updates of software and technology as users keep multiplying. Identity Manager is also prone to hackers and therefore needs to be regularly checked for security threats and intrusions. • Users must be trained to use the system.

    Other Advice:

    Medium to large sized organizations require Identity Manager in order to allocate their technology costs in a much better way. After a one time heavy installation cost, companies do not need to worry about user password/access issues that may occur on a daily basis.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user1062
    Tech Support Staff at a insurance company with 501-1,000 employees
    Vendor
    Identity manager is an identity management tool for administrators that governs and manages the identities of users, their access to the system, roles, and what they are allowed to do with data they have access to.

    Valuable Features:

    • Identity manager enables automated processes of entitlements, management as well as deletion, and creation of user accounts. • Access to all enterprise systems like relational databases can be managed efficiently. • Identity manager decentralizes group membership and role management, by allowing administration of delegated users, and therefore scalability and less maintenance can be achieved. It is flexible, reduces the costs of administration and increases accountability, improves security, and lowers help desk workloads.

    Room for Improvement:

    Identity manager is very complex and you must have the knowledge and skills required to use it. It is also a bit expensive, but its benefits outweigh all these cons.

    Other Advice:

    Identity manager is designed to improve business security and compliance and efficiency by automating identity controls, which increases flexibility and agility of IT and businesses. It can be deployed on-site or as virtual and cloud services. It incorporates very critical features, like a module for structured administration, integrated compliance support and workflows, and self-services for users. I have used it for more than one year now.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free Symantec Identity Governance and Administration Report and get advice and tips from experienced pros sharing their opinions.