Coming October 25: PeerSpot Awards will be announced! Learn more

IBM Security Access Manager OverviewUNIXBusinessApplication

IBM Security Access Manager is #12 ranked solution in top Access Management tools. PeerSpot users give IBM Security Access Manager an average rating of 7.8 out of 10. IBM Security Access Manager is most commonly compared to Azure Active Directory (Azure AD): IBM Security Access Manager vs Azure Active Directory (Azure AD). IBM Security Access Manager is popular among the large enterprise segment, accounting for 80% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 20% of all views.
Buyer's Guide

Download the Access Management Buyer's Guide including reviews and more. Updated: September 2022

What is IBM Security Access Manager?

IBM Security Access Manager helps you simplify your users' access while more securely adopting web, mobile, IoT and cloud technologies. It can be deployed on-premises, in a virtual or hardware appliance or containerized with Docker. ISAM helps you strike a balance between usability and security through the use of risk-based access, single sign-on, integrated access management control, identity federation and mobile multi-factor authentication. Take back control of your access management with IBM Security Access Manager.

IBM Security Access Manager was previously known as ISAM.

IBM Security Access Manager Customers

POST Luxembourg

IBM Security Access Manager Video

IBM Security Access Manager Pricing Advice

What users are saying about IBM Security Access Manager pricing:
  • "It costs about 300K AED for a year. Its pricing is a bit on the higher end, but in comparison to other products in the market, its price is still better. There are lots of other products that are very costly."
  • "The license and costs depend on the amount range of users you have. For just approximately 2,000 users, the price is practical and fair. However, when you have 20,000 users, it starts to become really expensive, and the discount per user is not attractive enough to go ahead and purchase."
  • IBM Security Access Manager Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Gaurav Gaurav - PeerSpot reviewer
    Architect at a tech services company with 10,001+ employees
    Real User
    Top 5Leaderboard
    Supports on-prem and cloud environments, has good integration capabilities, and is easy to adopt
    Pros and Cons
    • "From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable."
    • "They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product."

    What is our primary use case?

    It is used for access management. I have its latest version. I don't know the exact version number, but 10.0.0 was the latest version, which is now named IBM Security Verify Access.

    How has it helped my organization?

    It provides good support for legacy applications. Legacy applications are the ones that don't support the latest mechanisms or protocols for access management. An example would be an in-house application built in the banking environment or insurance environment with a login page where inside the application, there are multiple modules to create a contract or submit some documents. Such legacy or in-house applications do not support protocols like SAML or OIDC. IBM Security Access Manager provides a very good integration mechanism in such cases. It has an IV user-header-based single sign-on mechanism for bypassing the login page and providing single sign-on access to users. It is very easy to configure. We just need a few details from the application side, which are provided by the application owner, and then we can configure the solution and go live. It is a very quick mechanism. We can integrate more than a hundred applications within three months.

    It also supports SAML, which is a great protocol but requires coding. You need to know Java scripting to be able to code the token configuration for SAML Single Sign-on. IBM Security Access Manager supports the coding mechanism for SAML Single Sign-on to SaaS-based solutions or on-prem solutions.

    What is most valuable?

    It is easy to use. It can be adopted very quickly.

    It is a virtual appliance, and it supports on-cloud and on-prem deployments. It can be very quickly installed on the cloud as well as on-prem, which is the beauty of this solution.

    From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable.

    What needs improvement?

    They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product.

    Buyer's Guide
    Access Management
    September 2022
    Find out what your peers are saying about IBM, Microsoft, Okta and others in Access Management. Updated: September 2022.
    634,325 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been using this solution for six years. 

    What do I think about the stability of the solution?

    It is a stable product.

    What do I think about the scalability of the solution?

    It is 100% scalable.

    How was the initial setup?

    It is a virtual appliance. So, the coding and configuration parameters are limited, and it can be very quickly installed on the cloud as well as on-prem.

    Most of the things are available out of the box, and we require only one person to support the entire BU. For implementation, we need two people to integrate and build the environment and make the production go live.

    What's my experience with pricing, setup cost, and licensing?

    It costs about 300K AED for a year. Its pricing is a bit on the higher end, but in comparison to other products in the market, its price is still better. There are lots of other products that are very costly.

    What other advice do I have?

    It is quite a good solution. It is easy to use. If you have a lot of legacy applications, you can go for this solution.

    I would rate it an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    AsifIqbal - PeerSpot reviewer
    Chief Information Security Officer at MIB
    Real User
    Top 5Leaderboard
    Has good scalability and is stable with no glitches; has a multi-factor authentication feature
    Pros and Cons
    • "The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it."
    • "What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding. We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium. As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain."

    What is our primary use case?

    Currently, we're using IBM Security Access Manager for multi-factor authentication.

    What is most valuable?

    The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it.

    What needs improvement?

    What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding.

    We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium.

    As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain.

    For how long have I used the solution?

    I've been working with IBM Security Access Manager for about a year, and I'm still using it.

    What do I think about the stability of the solution?

    IBM Security Access Manager is a stable solution. We have not seen any technical issues in our usage of it for one and a half years.

    What do I think about the scalability of the solution?

    IBM Security Access Manager is a good and scalable solution.

    How are customer service and support?

    The technical support for IBM Security Access Manager could be better. I'm rating support three out of five.

    IBM should also look into the feedback received by the support team, and follow up with partners, especially in terms of the processes involved in a solution such as IBM Security Access Manager.

    What's my experience with pricing, setup cost, and licensing?

    I'm unable to give information on the pricing for IBM Security Access Manager because what IBM gave me is just for me personally and it's just the starting price, while a better price offering could have been given to others.

    Which other solutions did I evaluate?

    We evaluated RSA and Auth0, and we chose IBM Security Access Manager over those two solutions because we have a portfolio of IBM products in our environment and it would be much easier to onboard them all as they are all under IBM. For example, we're also using IBM Guardium and IBM QRadar, so we've selected IBM Security Access Manager as well.

    What other advice do I have?

    My company uses multiple solutions, and one of them is IBM Security Access Manager.

    In general, I would rate IBM Security Access Manager eight out of ten because its scalability is good. As a product, it's good, for example, it has good features. It's only the support that has an issue.

    I would recommend IBM Security Access Manager to users running IBM environments, otherwise, the market has many simplified solutions. If your company has IBM tools and an IBM environment, it's a must for me to recommend IBM Security Access Manager because using the solution would be easier for you. Otherwise, there's no limitation as the market is open and you'd find multiple, good solutions in the market.

    My company has a partnership with IBM.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Access Management
    September 2022
    Find out what your peers are saying about IBM, Microsoft, Okta and others in Access Management. Updated: September 2022.
    634,325 professionals have used our research since 2012.
    Assitant Vice President at a financial services firm with 10,001+ employees
    Real User
    It has good UI and reliability, but it is challenging to customize the out-of-the-box functionality
    Pros and Cons
    • "Its stability and UI are most valuable."
    • "There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality."

    What is our primary use case?

    It is mostly used for access management. It handles all aspects of access, such as single sign-on, access control, etc.

    We are using its latest version. It is a VM-based product. So, it is more of a cloud product.

    How has it helped my organization?

    It can do a lot of different functions. Different types of teams can use this product for a variety of use cases, such as RSA, OTP, and single sign-on functionalities. It is completely oriented around access. 

    What is most valuable?

    Its stability and UI are most valuable.

    What needs improvement?

    There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality.

    It should support the Zero Trust methodology.

    For how long have I used the solution?

    We have been using it in our organization for more than 10 years.

    What do I think about the stability of the solution?

    It is good in terms of reliability and stability.

    What do I think about the scalability of the solution?

    I don't see any concerns with that. We have around 20,000 users in our organization. It isn't being used extensively, and we have no plans to increase its usage.

    How are customer service and support?

    I have had no need for that.

    Which solution did I use previously and why did I switch?

    It has been there for a while.

    How was the initial setup?

    It is straightforward. I didn't implement it here, but I've done this with previous clients and at previous companies. Mostly, it is straightforward, and you don't really require external and third-party consultants.

    What other advice do I have?

    I would advise looking for a product with good performance and advanced functionalities, especially on the security side. There should be stability and up-to-date or latest functionalities. Generally, if a product is stable, it doesn't have advanced functions, and if a product is highly advanced, it may not be stable. You should try to find a combination of both. It also depends on your requirements. Some people have small-scale usage, and performance might not be their concern, but security should always be a priority.

    I would rate this solution a seven out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Pakorn Leesakul - PeerSpot reviewer
    CEO, Founder at Finema
    Real User
    Top 5
    Effortless user sign in, highly scalable, and reliable
    Pros and Cons
    • "I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth."
    • "The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector."

    What is our primary use case?

    I am a provider of mobile authentication and my customers want to upgrade the Single Sign-On platform solution. We then provide them our mobile authentication to plugin with the new version of IBM's Single Sign-On.

    What is most valuable?

    I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth. 

    What needs improvement?

    The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector.

    In the future, there could be better instructional documentation published on their website. It was difficult for us to learn.

    For how long have I used the solution?

    I have been using the solution for two years.

    What do I think about the stability of the solution?

    The solution is really reliable and stable.

    What do I think about the scalability of the solution?

    The solution is very scalable. I have provided the solution to my customer that has approximately 10,000 users. I think we can expand it up to 100,000. It is ready to accept a large amount of the customer.

    How are customer service and technical support?

    We do the deployment and maintenance of the solution with a team of three engineers and it took approximately two weeks.

    What about the implementation team?

    The first time we did the installation it took a lot of time because we had to learn how to do it. Now that we understand the solution and have done the installation before, it is easy. 

    What's my experience with pricing, setup cost, and licensing?

    The license and costs depend on the amount range of users you have. For just approximately 2,000 users, the price is practical and fair. However, when you have 20,000 users, it starts to become really expensive, and the discount per user is not attractive enough to go ahead and purchase. We only have a budget for approximately 7,000 users, having more users would be too expensive for us. 

    For small or medium-sized businesses they cannot afford this solution.

    What other advice do I have?

    I rate IBM Security Access Manager an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
    PeerSpot user
    Buyer's Guide
    Download our free Access Management Report and find out what your peers are saying about IBM, Microsoft, Okta, and more!
    Updated: September 2022
    Product Categories
    Access Management
    Buyer's Guide
    Download our free Access Management Report and find out what your peers are saying about IBM, Microsoft, Okta, and more!