No more typing reviews! Try our Samantha, our new voice AI agent.
it_user181527 - PeerSpot reviewer
Consultant at a consultancy with 51-200 employees
Consultant
Jan 14, 2015
It’s a very flexible and customizable product but installation and configuration need improving
Pros and Cons
  • "It provided a secure and robust end to end security solution."
  • "Installation and configuration. If you don’t know the requirements of the supporting components, it could be complicated to install and this has been improved in the later versions that are renamed to IBM Tivoli Security Access Manager."

What is most valuable?

It’s a very flexible and customizable product.

How has it helped my organization?

  • It provided a secure and robust end to end security solution.
  • You can fine tune authentication and authorization
  • It’s also easily scalable.

What needs improvement?

  • Installation and configuration.
  • If you don’t know the requirements of the supporting components, it could be complicated to install and this has been improved in the later versions that are renamed to IBM Tivoli Security Access Manager.
  • Also the knowledge base articles on the internet are limited.

For how long have I used the solution?

Several years.

Buyer's Guide
IBM Tivoli Access Manager [EOL]
June 2026
Learn what your peers think about IBM Tivoli Access Manager [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,118 professionals have used our research since 2012.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

This is a very stable product that can run forever.

What do I think about the scalability of the solution?

There are no issues with scalability with this product. Easily to do with no downtime.

How are customer service and support?

Customer Service:

Good. Nothing to complain about.

Technical Support:

The technical support are very skilled and has helped solve all issues that I needed help with in a timely fashion.

Which solution did I use previously and why did I switch?

No previous solution used.

How was the initial setup?

Not as straight forward as Microsoft products where the dependencies are bundled in the installation.

What about the implementation team?

I was part of the in-house team and we managed to handle it without the help from the vendor.

What's my experience with pricing, setup cost, and licensing?

The setup cost is like any other product, and once setup, this product requires very low maintenance.

Which other solutions did I evaluate?

No other options were evaluated.

What other advice do I have?

Most often IBM Tivoli Access Manager is not involved when backend applications are developed an this can sometimes cause the applications to not function properly and you need to spend time troubleshooting and do changes in the application.

An IBM Tivoli Access Manager technician should be involved from the start when developing a new application.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user181038 - PeerSpot reviewer
Enterprise Security Architect at a tech services company with 51-200 employees
Consultant
Jan 13, 2015
SSO capabilities over various technologies is a strength of this product but the federation capabilites are very limited
Pros and Cons
  • "Centralized policy management and reverse proxy-based architecture make it very flexible in terms of deployment, adoption, and implementation."
  • "The product has not been updated with emerging technologies over the years specifically around AJAX, REST and Mobile app integration."

What is most valuable?

Centralized policy management and reverse proxy-based architecture make it very flexible in terms of deployment, adoption, and implementation. SSO capabilities over various technologies is another strength of this product.

How has it helped my organization?

This product enhanced the overall security at perimeter and improved user experience via SSO. A central place for policy and credentials simplifies the authentication over application landscape.

What needs improvement?

The product has not been updated with emerging technologies over the years specifically around AJAX, REST and Mobile app integration. Also the federation capabilites are very limited.

For how long have I used the solution?

I have deployed this product at various clients over the last 10 years.

What was my experience with deployment of the solution?

Initial deployment of the product is always critical and issues do come up but not due to limitation in the product. Most of the issues were around bad planning or incorrect deployment.

What do I think about the stability of the solution?

No, there were bugs identified many times but mostly they were fixed via patch release or a workaround was offered.

What do I think about the scalability of the solution?

No, if deployed correctly it is highly scalable product.

How are customer service and technical support?

Customer Service:

Fantastic customer service from IBM.

Technical Support:

Technical support is good as you can raise issue any time and based on criticality of the issue IBM can provide support immediately. In some cases even on-premise support is also available.

Which solution did I use previously and why did I switch?

A home grown solution was replaced by ISAM to change and configure SSO quickly for applications and at the same time using a scalable product was other major consideration.

How was the initial setup?

The initial setup is always complex due to number of applications and user base involved. As the product is a front door for all applications this is very critical and complex setup. Also due to internal and external users and multiple authentication mechanisms involved for different type of users it gets complicated.

What about the implementation team?

IBM team was used for the initial deployment and support and the support provided by them was fantastic. They offer quality consultants all across the globe with short notice.

Which other solutions did I evaluate?

Yes, it was compared with Siteminde.

What other advice do I have?

This is a great product with proven history. A little better planning is required before deploying it. Given the change in web technologies and SSO protocols it might be better to check other products in market too.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user177240 - PeerSpot reviewer
it_user177240Tivoli Access Manager SME at a government with 1,001-5,000 employees
Real User

CA site-minder used to be he major competitor. With ISAM 9 IBM products still lead the market.

Products that supports newer technologies mainly OAuth2, SAML2 are likely to be popular in future.

If you do not need reverse proxy it is also possible to configure Apache HTTP server (free) with some LDAP (may be free available) and configure J2EE authorization from application server.

Reverse proxies add lot of features and flexibility and comes will a huge price tag.

See all 4 comments
Buyer's Guide
IBM Tivoli Access Manager [EOL]
June 2026
Learn what your peers think about IBM Tivoli Access Manager [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,118 professionals have used our research since 2012.
it_user178584 - PeerSpot reviewer
Senior Info Security Consultant at a tech services company with 10,001+ employees
Real User
Jan 6, 2015
Complex set-up but the WebSEAL reverse proxy is great for protecting your critical systems
Pros and Cons
  • "The WebSEAL reverse proxy is great for protecting your critical systems."
  • "Yes, because there are so many moving parts it can often be difficult getting it right first time."

What is most valuable?

  • WebSEAL
  • SSO

How has it helped my organization?

The WebSEAL reverse proxy is great for protecting your critical systems.

What needs improvement?

There is always room for improvement in all areas.

For how long have I used the solution?

On and off for five years.

What was my experience with deployment of the solution?

Yes, because there are so many moving parts it can often be difficult getting it right first time. Linux is more difficult than Windows but I feel Linux is more stable.

What do I think about the stability of the solution?

Not once it’s is installed.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Good.

Technical Support:

Very good.

Which solution did I use previously and why did I switch?

No previous solution used.

How was the initial setup?

Complex. Like I mentioned, there are so many moving parts and I had issues with DB2 installation and patching it up to latest versions. This seems typical but others may have had better experiences.

What about the implementation team?

Vendor. Their experience was phenomenal.

Which other solutions did I evaluate?

No other options evaluated.

What other advice do I have?

Try to install a few times on various platforms to familiarise yourself with any issues.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user178272 - PeerSpot reviewer
Senior Security Consultant with 51-200 employees
Vendor
Jan 6, 2015
Simplified deployment of web applications. Very stable product.
Pros and Cons
  • "Since its birth it is an unbelievable stable product."

    What is most valuable?

    Protection of web applications

    How has it helped my organization?

    Simplified deployment of web applications. The ISAM products centralises authentication and authorization giving a shorter time-to-market in the development of new web sites/applications

    What needs improvement?

    Since ISAM 7, and especially version 8 IBM has moved from software-install to appliance based (virtual or hardware) this really improves the speed of new patches and releases. IBM promised to release a new appliance-firmware every quarter, so far they kept their promise.

    For how long have I used the solution?

    10+ years.

    What was my experience with deployment of the solution?

    You do need to train to add to your skill set, and need to fully understand the possibilities and features which takes a while. Since I've been using it for over 10 years it is no longer difficult for me to deploy. Of course with new version some things change, so reading the documentation is quite useful sometimes.

    What do I think about the stability of the solution?

    Since its birth it is an unbelievable stable product. I know of a deployment that did not receive any maintenance for several years and it was still working.

    What do I think about the scalability of the solution?

    Nope, it is designed to be very flexible. It can handle any size website.

    How are customer service and technical support?

    Customer Service:

    We as a Premium Business Partner have some advantages in being able to contact the developers more easily. Our customers can raise tickets, and depending on their contract, they are suitably assisted by IBM.

    Technical Support:

    It has been good for long time.

    Which solution did I use previously and why did I switch?

    Nope, somehow I ended up a IBM Business Partners, always using ISAM. But are also using IBM Security Identity Manager, IBM Security Directory Server, IBM Security Directory Integrator, IBM Federated Identity Manager. Basically all IBM Security Identity and Access Management offerings except IBM Tivoli Access Manager for ESSO (confusing naming, but a really different product that does not really combine with all the others in my humble opinion).

    How was the initial setup?

    With the firmware appliance it is easy as pie.

    What about the implementation team?

    I'm part of a IBM Premium Business Partner, we are specialised in IBM IAM deployments. In many occasions IBM Netherlands is requesting our services to get the job done.

    What was our ROI?

    An ROI, is for most customers not easy to make being a security solution. It gives more hassle than not using it, insurance-wise you could say. Once a customer has chosen it they stick with it, I did not see many customers abandoning it due to ISAM not performing or not being satisfied.

    What other advice do I have?

    Ensure you got your team trained and get external expertise for your architectural design and first deployments. While learning on the job, your team can take over after a while.

    Disclosure: My company has a business relationship with this vendor other than being a customer. IBM Premier Business Partner. I'm personally involved in contributing to the official IBM Security exams, and an official instructor for these products for over ten years
    PeerSpot user
    PeerSpot user
    Systems Admin Analyst 3 at CPS Energy
    Real User
    Dec 31, 2014
    We can track the roles associated to each user. Needs better documentation on usage and admin tasks
    Pros and Cons
    • "I like the primary function of this product allowing the administration of user/network accounts with a fair amount of ease."
    • "We have had stability issues lately with the hardware and SAN that the product runs on."

    Valuable Features:

    I like the primary function of this product allowing the administration of user/network accounts with a fair amount of ease.

    Improvements to My Organization:

    Tracks and assists us with Roles associated to each user.

    Room for Improvement:

    Need better documentation on usage and admin tasks.

    Use of Solution:

    It has been used for at least five years but I have only been working with it since August 2014.

    Stability Issues:

    We have had stability issues lately with the hardware and SAN that the product runs on.

    Implementation Team:

    We implemented this through a vendor.

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    PeerSpot user
    Tivoli Access Manager SME at a government with 1,001-5,000 employees
    Real User
    Dec 30, 2014
    Easy integration with existing web applications however the Redundant Policy servers had to be manually configured.
    Pros and Cons
    • "Tivoli Access Manger lets you separate security from applications and manage at one place."
    • "Redundant Policy servers had to be manually configured using LB."

    Valuable Features

    Scalability and the easy integration with existing web applications with no or minimal change to applications.

    Improvements to My Organization

    Tivoli Access Manger lets you separate security from applications and manage at one place. Several applications can be rolled into to the same security model.

    Room for Improvement

    Redundant Policy servers had to be manually configured using LB.

    Use of Solution

    12 years.

    Deployment Issues

    No

    Stability Issues

    No

    Scalability Issues

    No

    Customer Service and Technical Support

    Customer Service:

    Excellent.

    Technical Support:

    Excellent.

    Initial Setup

    It is straightforward. However it also takes experience to roll out this product.

    Implementation Team

    We used a vendor team and they were excellent.

    Other Solutions Considered

    CA Siteminder was considered.

    Other Advice

    ISAM 8.0 the new version of Tivoli Access Manager may be considered for large web security implementations.

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    PeerSpot user
    Senior Consultant at a tech company with 10,001+ employees
    Real User
    Dec 30, 2014
    We're able to generate user accounts much quicker than before but cross-domain authentication needs improvement.
    Pros and Cons
    • "Before the solution was implemented it took around 2-3 weeks to get all the necessary account information for a new employee in my organization, and since implementation this now only takes a few minutes."
    • "It was complex for us as we have multiple domains."

    What is most valuable?

    • Password management
    • Single sign on
    • Provisioning and de-provisioning of account
    • Unified Directory Server

    How has it helped my organization?

    Before solution implemented it took around 2-3 weeks to get all the necessary account information for a new employee in my organization. Since implementation, this now only takes a few minutes. As soon as HR submit all their data the user account is generated and the user gets their username and password.

    Also, we have many applications and before SSO the users had to remember all the different passwords. We have many legacy applications and they had different password policies that were not always as strong as they should be. Now, however, we have one password for all the applications, and one password policy.

    What needs improvement?

    Cross-domain authentication.

    For how long have I used the solution?

    Approximately 7 years.

    What was my experience with deployment of the solution?

    Yes - we face a few issues, related to our configurations and networking.

    What do I think about the stability of the solution?

    No

    What do I think about the scalability of the solution?

    No

    How are customer service and technical support?

    Customer Service:

    7/10

    Technical Support:

    8/10

    Which solution did I use previously and why did I switch?

    No previous solution used.

    How was the initial setup?

    It was complex for us as we have multiple domains.

    What about the implementation team?

    We used a vendor and I would rate them 7/10.

    What was our ROI?

    The solution has smoothened the process of account provisioning and therefore our employees is productive from day one.

    Which other solutions did I evaluate?

    We looked at Oracle and a Microsoft solution with IDM.

    What other advice do I have?

    Try to get the maximum of using standard functionality of the product, and only do customization if you really need it.

    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    it_user3222 - PeerSpot reviewer
    Manager of System Security with 501-1,000 employees
    Real User
    Apr 12, 2013
    A strong part of an integrated IAM stack
    Pros and Cons
    • "Tivoli Access Manager (or IBM Security Access Manager) is a fully featured web authentication, sso and authorization product."
    • "Complex to install and run."

    Valuable Features:

    Tivoli Access Manager (or IBM Security Access Manager) is a fully featured web authentication, sso and authorization product.The product supports multiple user information repositories and also integrates with a variety of strong authentication solutions.Supports reverse proxy as well as adapters placed directly on web servers and app servers.Later product versions supports fine grained authorization as well as XACML based authorization configuration. The DP integration provides support for authn and authz for web services.

    Room for Improvement:

    Complex to install and run. Requires the full IBM stack to reach full potential.
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    it_user1062 - PeerSpot reviewer
    Tech Support Staff at a tech company with 51-200 employees
    Real User
    Jun 29, 2012
    IBM Tivoli Access manager is an SSO solution for an electronic business that manages (authentication and authorization) access to web services, applications hosted, and operating systems.
    Pros and Cons
    • "Capabilities of advanced security are enhanced to support strong, flexible authentifications and authentications based on risks as well as critical internet vulnerabilities."
    • "You must be skilled to use Tivoli Access Manager."

    Valuable Features:

    Tivoli access manager enables integration with user session management and Web Sphere Data Power in web services and web 2.0 environments.Authentication and authorization management for online business initiatives and portals implementations are centralized.Access controls for .NET, Java, Exchange servers and Microsoft Share point implementations are also centralized.Capabilities of advanced security are enhanced to support strong, flexible authentifications and authentications based on risks as well as critical internet vulnerabilities.Malicious, fraudulent, accidental behavior by staff and internal users are high level security threats that are prevented by Tivoli access manager.It also delivers Web SSO that is consistent with users on heterogeneous systems.

    Room for Improvement:

    You must be skilled to use Tivoli Access manager. I had to undergo training to use Tivoli access manager, which was another expense exclusive of the purchase, but it was worth it.

    Other Advice:

    Tivoli access manager securely manages access to critical data and applications to businesses, as well as convenient and fast access to systems by authorized users. It consists of a user registry and an authorization service, that includes an authorization engine and database, as well as a resource manager. It has a family for e-business, enterprise SSO, and operating systems. I have used it for two years now.
    Disclosure: My company does not have a business relationship with this vendor other than being a customer.
    PeerSpot user
    Buyer's Guide
    Download our free IBM Tivoli Access Manager [EOL] Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2026
    Buyer's Guide
    Download our free IBM Tivoli Access Manager [EOL] Report and get advice and tips from experienced pros sharing their opinions.