Share your experience using Ubisecure Identity Platform

I use Teleport to replace the normal authentication mechanism as part of a zero-trust architecture. It is particularly useful because, in a remote environment, I cannot trust any devices. I can share access remotely with anyone via a browser for more secure tracking of data.

Teleport has replaced earlier methods like a bastion server or a jump server, which required connecting to physical servers. It integrates well with single sign-on (SSO) and Ansible Playbooks, allowing me to manage inventories easily. 

Teleport provides a straightforward setup process with a single command line, making it easier to manage the onboarding and offboarding of team members.

I cannot download or share session recordings directly with others, which would be useful for documentation or reviews. 

Additionally, while the backend worker can be upgraded, there is a limitation with scaling, as it supports only a single node even in Kubernetes.

I have been using Teleport for two years.

Initially, there were stability issues when integrating with single sign-on and storing sessions. After resolving them, Teleport has been stable.

Teleport supports only a single node in the Kubernetes environment, which limits its scalability. It is straightforward for single standalone components, however, the UI component cannot be upgraded directly.

Previously, I used a jump server and accessed systems with an SSH key and a normal VM login. 

I switched to Teleport since colleagues and friends recommended it, highlighting its enterprise-level capabilities.

The initial setup was straightforward due to my expertise in Linux, particularly Red Hat and Ubuntu operating systems. I found the setup to be very easy.

With Teleport, my time spent on onboarding and offboarding has reduced significantly. I no longer need to manually manage access, which saves time and effort.

Another option I considered was HashiCorp's Boundary, however, it had a complex setup that was difficult for beginners. Teleport's straightforward setup was more appealing.

I rate Teleport nine out of ten. 

Security-wise, it is very secure and easy to use for remote access. I recommend it for its straightforward setup and strong security features.

My main use cases with the Okta Workforce Identity include preparing my certification and doing integrations such as org-to-org integration or Active Directory, and it is mostly about integration.

As an individual user, I appreciate that I can create my own lab with Okta Workforce Identity. They provide instances for me to create almost ten instances to test.

Some of the best features with Okta Workforce Identity are configuring the SSO through Okta to Okta. For me, it was the certification and the integration I worked on because it was my pathway to prepare my certifications, along with the directory and network security, the IP zone and related components.

We use the Single Sign-On feature with the Okta Workforce Identity, and I configure it through the platform, especially for Okta-to-Okta. From one instance, I could switch to another using the SSO, as Okta to Okta allows the SSO feature.

The impact of SSO on my IT overhead and user experience has been significant because it reduced authentication fatigue, password sharing, and password reusing. For administration, it is integrated, and it is great for IT support. For the end user, it is beneficial as they do not have to remember a password or keep the password on a post-it for different applications; they just authenticate once to access several services and service providers.

Areas for improvement with Okta Workforce Identity would be in the governance place; for me, it is light. Okta is mostly focused on execution and runtime, which means maintaining authentication and ensuring people connect with the appropriate session. However, it could improve in the governance part, particularly regarding better role management and workflow, as I feel it is tedious on Okta. I think Okta could enhance the governance area of identity.

I have not personally experimented with technical support from Okta Workforce Identity, but I see there is a good community and many resources available. I have not tested Saviynt's support either, but I know there is direct contact with Saviynt support.

I cannot rate the support for Okta Workforce Identity directly because I have not experimented with it; however, I notice good communication within the community, but it would not be fair to rate them without personal experience.

Positive

I have tested different solutions before Okta Workforce Identity, including Saviynt and SailPoint, and decided to go deeper into Okta because it allows me to create my own lab. I worked on a homemade solution for about three to four years back, spending five years on that project.

My experience with the initial setup of Okta Workforce Identity is that it is straightforward and not huge. The initial setup is simple and, considering it is a SaaS solution, it is easier. I have tested the connector, which is available for on-site solutions for Active Directory, and there is still a lot of infrastructure relying on Active Directory.

Regarding experience with pricing for Okta Workforce Identity, I do not have the pricing on IGA solutions or IAM solutions, but from my study two years back for a project, I found it is not that huge.

The main differences I notice between SailPoint and Okta Workforce Identity for the IAM solution suggest that they are in different categories. SailPoint is mostly for the admin part, while Okta is excellent on the runtime section, focusing on secure authentication and SSO. SailPoint is used for configuring identity with the right entitlement while Okta is about ensuring secure connections and efficient user authentication.

I would rate Okta Workforce Identity seven out of ten.