We performed a comparison between Azure Active Directory (Azure AD) and IBM Security Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In terms of identity management, it helps to improve security posture. It generally helps in terms cloud security, simplicity, and single sign-on for multiple apps."
"Azure Active Directory features have helped improve our security posture. The remote working has been a massive help during the pandemic."
"The portal version of the Azure active directory is pretty robust."
"We use BitLocker for policy enforcement. And now, because of the Microsoft 365 Business Premium package, we get Intune as a part of it. That's very useful for us for setting policies and managing the systems. The biggest strength of Azure AD is Intune."
"The most valuable features of this solution are security, the conditional access feature, and multifactor authentication."
"All of the features are amazing, such as identity governance and privileged identity management."
"The scalability is good now, and I find it to be more stable and faster since scaling up to ESX."
"The most valuable feature is the conditional access policies. This gives us the ability to restrict who can access which applications or the portal in specific ways."
"From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable."
"The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it."
"Its stability and UI are most valuable."
"I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth."
"Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be. The integration was not very seamless."
"I would like it if Intune could manage MacOS or iOS directly. Right now, we have to use a third-party solution."
"If somebody is using an IdP or an identity solution other than Active Directory, that's where you have to start jumping through some hoops... I don't think the solution is quite as third-party-centric as Okta or Auth0."
"An area where there is room for improvement is the ease of use of the dashboards."
"Sometimes, what one customer may like, another may not like it. We have had customers asking, "Why is Microsoft forcing us to do this?" For example, when you use Exchange Server on-premise, then you can customize it for your company and these customizations are unlimited. However, if you use Exchange Online or with Microsoft 365, then your ability to make modifications is limited. So, only the cloud versus is limited."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"Reading documentation could be simplified. Technical support could also be faster."
"When we add some user groups, at times they will not be properly configured. Also, sometimes Azure AD is not aware of the group policy, like the control, device functions, and settings, in detail. For example, you cannot configure these settings through mobile devices. It doesn't provide the flexibility to do that. The other challenge is that a third-party application may provide access without authorization."
"What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding. We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium. As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain."
"They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product."
"There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality."
"The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector."
More Azure Active Directory (Azure AD) Pricing and Cost Advice →
Azure Active Directory (Azure AD) is ranked 1st in Access Management with 101 reviews while IBM Security Access Manager is ranked 14th in Access Management with 4 reviews. Azure Active Directory (Azure AD) is rated 8.8, while IBM Security Access Manager is rated 7.8. The top reviewer of Azure Active Directory (Azure AD) writes "With multi-factor authentication, we've seen a marked decrease in the number of threats we've seen come through". On the other hand, the top reviewer of IBM Security Access Manager writes "Supports on-prem and cloud environments, has good integration capabilities, and is easy to adopt". Azure Active Directory (Azure AD) is most compared with Google Cloud Identity, Auth0, CyberArk Privileged Access Manager, PingFederate and JumpCloud, whereas IBM Security Access Manager is most compared with Okta Workforce Identity, F5 BIG-IP Access Policy Manager (APM), ForgeRock, Auth0 and CyberArk Privileged Access Manager. See our Azure Active Directory (Azure AD) vs. IBM Security Access Manager report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.