If you were talking to someone whose organization is considering Symantec Identity Governance and Administration, what would you say?
How would you rate it and why? Any other tips or advice?
I would rate it an eight out of ten. To make it a ten, it should have more remote capabilities. There should be better partnerships with remoting tools. They need more remote partners and better dashboards.
The advice I would give to others who are looking to implementing this product would be to define exactly what you need before the implementation of the solution. This is a key factor. If you need to change the deployment after it is deployed — such as the policies or structure — it is not a matter of just changing the configuration. It is more like you are starting from the beginning. If you have questions related to what needs to be addressed they need to be answered first. The way we deploy this is as a black box appliance. So it would be defined once. Even the IP cannot be changed. To make this type of change, it would have to be deployed again. The biggest lesson I have learned from working with Identity Manager is that despite the product you use, the implementation is a process. You have to understand the process to see what activities do not give you value and also what activities serve to complicate the process. If you take the easier route and work with the standard deployment as much as possible, it will be more secure and faster. You need to see everything as an activity. So despite the impact that the product has on working with identity management, it is a process because the result is not to be blamed on the product at the end. On a scale from one to ten where one is the worst and ten is the best, I would rate CA Identity Manager as an eight. To make this product closer to something like a ten they have to pay more attention to integrating with other solutions. Currently, CA is integrating is with CA products only. In some cases, there are categories that CA does not compete in, like Service Manager, so they should pay attention to out-of-the-box integrations with non-competing services. They definitely have a problem integrating with solutions that compete and this is really another problem. Really, this type of integration would allow users of their product to have more flexibility. They could choose their own solutions which may better fit their needs. In one instance, we had to end up using different solutions for managing internal personnel accounts and managing normal users. This is not convenient and can be expensive. So I think they have to be more open to broader integration and simplifying those processes.
For an organization looking for an identity management suite, it’s the kind of tool you can invest in the long term. For those considering implementing the solution, I would recommend finding the right partners who have the right implementation experience to assist. There is no doubt this product has capabilities. The important thing is to find someone who understands the business requirements. It’s really important because statistically, 70% of identity management projects fail. Most of the time the product has the capabilities but the consultant doesn’t have the ability to customize the solution. I’d rate the solution nine out of ten.
My advice to someone implementing this solution is to take a few days to plan with professional services for the setup. I would rate it between a six and seven out of ten. Not a ten because of the complex setup and because we had some issues applying some patches.
The product is considered good, in the top five. Looking at the product features carefully if your organization has complex provisioning requirements and business processes to find gaps. Finally, always search for the best implementation team, who has skills and experience.