We performed a comparison between IBM Security Identity Governance and Intelligence, One Identity Active Roles, and SailPoint IdentityIQ based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."Lifecycle management, governance and documentation."
"I would rate the price eight out of 10, with 10 as the best value for money."
More IBM Security Identity Governance and Intelligence Pros →
"Secure access is the most valuable feature."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"We are happy with the SailPoint IdentityIQ’s stability."
"It is simple and easy to implement."
"This solution has made our team more effective. We need less manual approvals when someone new joins our company. There is less paperwork and fewer support tickets raised for access."
"The big one now is that they're adding AI and machine learning to figure out automated approvals and make recommendations to their reviewers. So, if I bring up Doug McPherson and it says he has access to this application, the system will make a review based on peer group analysis. That's one of the biggest new things. The problem used to be that people would get everything loaded on, and they created too much work for themselves. Now, they can use these policies and start to let the machine pick the less risky things."
"The community is very active and when I had questions about an issue, I was able to find the resources."
"Has a great certification module with intuitive options."
"The solution is stable and reliable."
"Provisioning in multiple environments."
"Self service center is not always easy to understand."
"The solution is a bit pricey for some regions."
More IBM Security Identity Governance and Intelligence Cons →
"The way you can search groups could be better."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"Most of the time it just works."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The ability to send logs to a SIEM would be very beneficial."
"They should lower the price and technical support should be better."
"SailPoint IdentityIQ has a primitive AI engine."
"Finding integration experts for SailPoint in the North American market can be challenging, and transitioning to a no-code or low-code setup could reduce dependence on specialized skills."
"There's a lot of customization required to improve the user experience."
"The cost of this solution is high. The technical assistance center could be improved. They're very good, but considering the intricacies of the solution, they can further improve."
"We faced some issues while integrating the solution with a third-party tool."
"The UI is complex."
"It is not readily available and cannot be downloaded from the net."
More IBM Security Identity Governance and Intelligence Pricing and Cost Advice →