"Multi-factor authentication (MFA) has improved our customers' security posture. Multi-factor authentication has two layers of authentication, which helps in case you input your credentials into a phishing website and then it has access to your credentials. So if they use your credentials, then you have proof on your phone that was sent to the end user."
"Technical support has been great."
"In terms of identity management, it helps to improve security posture. It generally helps in terms cloud security, simplicity, and single sign-on for multiple apps."
"Multi-factor authentication really secures our environments and gives us the flexibility to use location-based policies. Azure AD also gives us a lot of flexibility in our scope of integration."
"The scalability capabilities are quite high."
"Single sign-on provides flexibility and helps because users don't want to remember so many passwords when logging in. It's a major feature. Once you log in, you have access to all the applications. It also enables us to provide backend access controls to our users, especially when it comes to groups, as we are trying to normalize things."
"The single sign-on of the solution is the most valuable aspect."
"It is one of those costs where you can't really quantify a return on investment. In the grand scheme of things, if we didn't have it, we would probably have a lot more breaches. It would be a lot harder to detect issues because we would have people using static usernames and passwords for various sites, making us open to a lot more attacks. The amount of security and benefit that we get out of it is not quantifiable but the return of investment from a qualitative point of view is much higher than not having it."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"I like the intelligent authentication feature."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."
"We create and define the permissions and configurations for the users."
"Zero Trust implementation is a great feature."
"The most valuable feature is the User Experience Designer, which has been very helpful for our project."
"Its value is when you use it with a Workspace ONE UEM solution as it is part of the ecosystem for VMware Workspace ONE."
"One of the features that I enjoyed most was the integration with Azure AD because I could use VMware Identity Manager to standardize the User Principal Name coming from Active Directory. You have Azure AD Connect to do that. In between, if you have vIDM handling it, you can easily get the synchronization of users into your VM and standardize the User Principal Name. If you require quality assurance for handling it, you can actually count on the vIDM to do so. That was one of the main things I enjoyed about the product."
"The most valuable feature is single sign-on."
"Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be. The integration was not very seamless."
"Transitioning to the cloud is very difficult. They need the training to make it easier."
"The only issue with Azure AD is that it doesn't have control over the wifi network. You have to do something more to have a secure wifi network. To have it working, you need an active directory server on-premises to take care of the networks."
"If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click."
"The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water... We get some type of hiccup once a quarter."
"Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"In an upcoming release, the solution could improve by limiting the need to do customizations."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."
"Automatic Deployment needs improvement. it could be made easier."
"The mobile SSO doesn't work as well on Android."
"We have a lot of problems when it comes to integrating with Active Directory."
"The license could be better."
"I would like to have better support for multi-cloud sessions."
"vIDM could be improved with the multi-tenant capabilities that VMware tends to offer—features like customization branding and the integration of the app catalog based on the branding. Since the integration has been at top-level OGs, you were not able to then do rebranding if you were required to use specific user groups to highlight specific applications. At the time, I was personally opening feature requests for these things. I haven't worked with the latest release, so I don't know if these features were already deployed or not."
ForgeRock is ranked 4th in Access Management with 7 reviews while VMware Identity Manager is ranked 5th in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 5 reviews. ForgeRock is rated 7.4, while VMware Identity Manager is rated 8.6. The top reviewer of ForgeRock writes "Good for multi-client setups and easy to implement but the scalability seems uncertain". On the other hand, the top reviewer of VMware Identity Manager writes "Great integration and end user experience ". ForgeRock is most compared with SailPoint IdentityIQ, Okta Workforce Identity, CyberArk Privileged Access Manager, PingID and Saviynt, whereas VMware Identity Manager is most compared with CyberArk Privileged Access Manager, Cisco ISE (Identity Services Engine), Okta Workforce Identity, SailPoint IdentityIQ and Symantec Privileged Access Manager.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
