SailPoint IdentityIQ Reviews

We primarily use the solution to manage the identity governance, from creating the IDs and their accesses to managing and revoking them. 

An issue needing improvement is that the solution is heavily focused on one's identity, while there has been a move to providing identity as a security service. While it provides these services, the solution can still not do the identity management for the cloud. As such, the security feature can be improved.

Essentially, it manages and helps to create all the IDs and to manage the identities and accesses. What it doesn't do is provide notice in the event of a vulnerability or offense from the security. That's where tools like CyberArk or Netskope, which are more CASB tools, come into play.

I can think of no additional features needing improvement. 

I do not personally deal with SailPoint IdentityIQ but, as a security consultant, discuss with the customer its purchase. I have been doing so for three years.

The solution is pretty stable and simple to use.

The solution is scalable. 

I have not had experience with technical support.

The installation consists of two parts, the one for coming up with the rules, for which we go to the input, the other for providing some assistance in the creation of the rules and accesses. Once that part is done, the tooling part is pretty simple.

The installation is straightforward. 

I do not recall how long it took. 

The solution can be deployed both on-cloud and on-premises?

It's pretty stable and simple to use.

I have recommended the solution to three customers who have opted for it.

I would recommend this solution to others. 

From the perspective of its performance I would rate SailPoint IdentityIQ as a nine out of ten, in light of its identity governance. 

The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure.

It allowed us to execute account review campaigns from very different systems.

Some setups should be done in the interface and in the code, and could be made simpler.

So far, from 2008 to 2017: 10 years.

No, the product is stable.

As long as the database is very close to the application server, the system can manage many identities and connectors to various directory.

Their technical support was very knowledgeable of their product, and we get answers within a day or so most of the time.

Most of the clients kept the solution after using SailPoint IIQ. The only one that considered not using it anymore wanted to keep his historical supplier and to have the same solution for Identity Governance and Administration and for Authentication (which is not something SailPoint provides).

Initial installation is straightforward and takes less than one day, once you have a VM, a database, and a directory available. What takes the most time is the connectivity to each authoritative source and target directory.

SailPoint IIQ is the best of best. That is reflected in the pricing of the solution. The pricing is based on the number of identities.

Many clients considered the other main IGA solutions, like Oracle Identity Manager, CA Identity Manager, Microsoft Identity Manager, or NetIQ Identity Manager.

Make sure the distance between the database and application server is very short. There is natural integration with other solutions that should be considered in your selection, like with CyberArk or ServiceNow.

We use it for Identity Lifecycle Management: 

• Access requests
• Provisioning
• Deprovisioning
• JCT process and reconciliation (aggregation).

It provides one solution for the entire process in a complex environment with different types of applications and connectors.

All Identity Access Management processes in the tool are valuable. 

The product has poor reporting and analytic capabilities. Reports are not easy to use and its analytic capabilities are limited.

It is a stable tool, which we run in our complex environment.

The solution includes all aspects of user lifecycle management, like joiners, movers and leavers, regulatory compliance, reporting and auditing. And the compliance part of the solution includes certification from time to time basis. All these are usual IEM cases. The aforementioned instances are all IAM cases.

The first valuable feature of the solution is its interface. The second feature of the solution is the level of flexibility it provides. So, it can be easily configured by a person using just a few rules and coding standards, after which that person can make anything out of the solution. SailPoint is quite an old solution in the market. So they know what new things are coming into the market along with artificial intelligence, and they have ensured that they have integrated into their solution the developments over time. Basically, SailPoint is up to date with the market standards.

Regarding the scope for improvement in the solution, reporting is an area that can be a bit more UI-oriented. Apart from that, it's a very good product, and I do not have any complaints about it.

Our company works as a distributor in the Middle East region for SailPoint. So, we are not just selling the product but also selling other products. I have been working with SailPoint IdentityIQ for eight years. Presently, I am working with SailPoint IdentityIQ Version 8.3.

It's a totally stable and very robust product. I've never seen it going down in the last eight years. I rate the solution's stability a ten out of ten.

Since it is a very scalable product, I rate the solution's scalability a ten out of ten. Our clients include small, medium, and enterprise businesses.

Since SailPoint is a big company, it usually takes time. The company has to schedule an appointment with the people and organizations to address their issues. So, I rate the solution's technical support a seven out of ten.

Neutral

Given a person has a background in implementing solutions, site architecture, and infrastructure, I rate the difficulty level of the current solution as an eight out of ten, with one being very difficult and ten being very easy.

The solution is deployed on the cloud, hybrid cloud and on-premises.

The basic deployment of SailPoint over user lifecycle management can depend on a client's use cases. However, for the basic setup of the system, it may take a week or so to get the solution ready with everything configured. One architecture is enough to carry out the deployment process. Also, the number of people required for maintenance depends upon the total number of use cases we have configured, so we can't categorize or quantify it.

I rate the solution a seven on a scale where one is cheap and ten is too expensive. In short, the solution falls under the higher side of pricing. For the solution, our company has secured a perpetual license.

I would tell those planning to use this solution that it is a very good and robust product in the market which supports almost all use cases. Also, SailPoint plans to expand to consumer identity. If one plans to proceed with this product, it will be a good decision. Additionally, it is not feasible for very small businesses, but it could be an amazing product and a good investment for the medium to large organizations. Overall, I rate the solution an eight out of ten.

• Access risk alerts
• Access Certification
• Self-Service Access Request
• Password Management

• Development framework
• Workflows configuration

Two years.

No issues encountered.

No, the platform has been stable.

Yes, I found some scalability issues:

• Java.lang.OutOfMemoryError: Java heap space
• Advanced searchs with 0 rows

7/10.

8/10.

Yes. In several customers we have switched to SailPoint IdentityIQ due to the unified architecture and intuitive centralized governance across datacenter.

The initial setup always was straightforward with shorter implementation times and quick benefits.

We haven`t calculate the ROI. Mainly, cost savings are associated to:

• Identifying unused or unauthorized accounts and reports them back to the appropriate business sponsor for removal and potential cost savings
• Reduce the cost of compliance by automating access review processes

In several cases, the IdentityIQ deployment was due to a migration from other IAM solution (Oracle Identity Manager). Usually, before deploying an IAM solution, we do a benchmark test with the customer to get the best solution for their requirements.

• Phased Deployment
• Get to know new features
• Expand gracefully/logically
• Create a change control & env. management process
• Automate where possible
• Become flexible with migrations

We used the product for identity and access management and access governance. The product manages the whole identity lifecycle for workplace identities.  

IdentityIQ takes care of the joiner (new accounts), the mover (transfer/role changes), and the lever (account termination), as well as looking at things like the certification phase. It covers the whole user lifecycle (Rehire) and provides market leading governance capabilities. It provides a centralised view of accounts and access for staff and helps uplift the security controls for the organisation.

It has improved the controls and reduced the risk of access management issues with the client organisations. While also improving efficiency around the JML processes through automation and reducing the reliance on people for some of the access provisioning requests.

The product's main features for the certification of users is the most prominent as well as the best feature. The out of the box connectors and accelerator pack are also great pieces to help improve the speed of delivery.

There is really not so much that SailPoint needs to improve. It has been in the market for a while and has well embedded as a market leader in the Identity Governance Space. We have just done an upgrade (v7-.8.1) and it was straight foward well tested and there was no major issues, we even managed to deploy to production a week ahead of schedule. We are now working with the client to leverage some of the new features and such, so there is not a lot that I can confirm that would be missing from a product that I was already happy with.  

The only thing about SailPoint that I might suggest to improve is the user interface could be improved from an administration point of view. From a request point of view we are leveraging ServiceNow and Sailpoints SNOW catalogue integration. Having had the opportunity to compare SailPoint and One Identity with past work, I personally prefer the One Identity's user interface, especially for user administration of the system. It could be simplified or somewhat more user-friendly for administrative tasks and functions.

We implemented the foundational release for a customer over over 12 months ago and since then we have worked closely with them to increase its functionality

IdentityIQ is a stable product. We have not experienced any problems with it and have not heard of any from our clients.  

The user group for this product are normally larger companies or enterprise businesses that have got full identity-governance requirements. That is the typical SailPoint customer requires more than just basic identity management automation.

As far as scalability of the product, it has got a lot of horizontal and vertical scaling opportunities that could be taken advantage, so scaling is not an issue.  

Overall the technical support is relatively good, especially from a customer point of view. I think that the support is working fine for the customers and that makes it better for us in selling their products. 

There is also a wealth of information online for the product for the Sailpoint community. 

This is a new implementation at this client they previously had no Identity governance in place

The initial setup of the product is relatively straightforward. The complexity really depends on the customer requirements, business rules or processes that influence how difficult the implementation gets. On average, it probably takes a couple of days to install the product. But once it is installed, then you have got to have the product usable and working with other solutions and other systems. For that, it needs to be configured to have that connectivity with those other systems. That is where some of the implementation time starts to add up. To install a base active directory kind of set up takes about two weeks. 

We have configured and setup some basic functionality for a client within these tight timeframes. To do that you will need real business buy in to clear hurdles out of the way for the dependencies for the install, the infrastructure, business requirements etc.

We are a service integrator so we help clients to do all their setup. We like to set the client up so that they are capable of doing their own maintenance with the software and system if they want to otherwise we offer a full range of support options. 

The client has had a positive reduction in the time taken to get a user on boarded and productive. There has also been a significant improvement in their access and Identity Management controls, reducing risk and closing audit items.

There are additional modules which are licenced separately that you can get added into the licensing if you want certain additional functionality, I find this a great model to ensure you only pay for what you need. 

I am currently dealing with SailPoint and One Identity at the same time in making some comparisons. They are both very good products with their pros and cons. 

The advice that I would give to people considering SailPoint is to be sure you get a good experienced service integrator to help you with the product. Somebody who has done it before knows the best ways to implement it and make the system work properly to meet your business application. They have the battle scars and can help you navigate around any potential issues

On a scale from one to ten where one is the worst and ten is the best, I would rate IdentityIQ as a nine-out-of-ten.  

We primarily use the solution for regular connectors with LVAT connectors, Workday connectors, and Provision.

You can scale the solution if you need to.

The solution is stable and reliable.

The solution has plenty of places that need improvement and attention.

The connectors are far too manual. This needs to be automated a bit.

The provision is not very intuitive. The interface is not user-friendly at all. They could redesign a lot of its functionality to make it easier to use.

The initial setup could be simplified. It's difficult right now.

Implementations rarely go well.

I can't think of other features that I would like to see in a future release.

I've been using the solution for about ten years now. It's been a long time - a decade at this point.

The solution is reliable. It doesn't have bugs or glitches that affect its performance. It doesn't crash. It's stable.

You can scale the solution quite easily. That wouldn't be a problem for a company.

I have experience with NetIQ, and I prefer it to this solution.

The initial setup isn't really complex, but it is difficult. It could be simplified in many ways. Right now, it's not straightforward. Up to 80% of implementations do not go to plan.

We handled the implementation ourselves. We didn't use an integrator or reseller to assist us during the initial setup. It was all handled in-house.

Our organization does not have any business relationship with the product.

I don't believe I would recommend the solution. I'd advise other organizations to use NetIQ instead. It's a better solution, in my opinion.

I'd rate the solution five out of ten overall.

 80% of my job is handling a software spike. If the project has failed, then I'm the one coming in to help clients and doing it for them. I've noticed that 80% of all SailPoint implementations do not go well.

Access Governance has become and integral part of cyber security. It is essential to keep track of who has what access. Sailpoint IIQ simplifies this by providing an OOTB module for access certification. Administrators can create, schedule and design certification with just a few clicks.

A lot of OOTB connectors for managing various types of applications. Simplified process for application on boarding and provisioning.

Simplified Access Governance and Life Cycle Management. Easy to implement in comparison to other IAM tools.

Should have authentication modules as well

We had no issues with the deployment.

We had no issues with the stability.

There were no issues with scaling it for our needs.

The initial setup is straightforward. Easy installation and configuration.

Implement Sailpoint IIQ for Access Governance and for simplified Identity Management.