Symantec VIP Access Manager Reviews

Some of the features that are the most valuable are both the VPN and the interface.

The VPN we are using is good and working quite well. We are in the process of using all of the server access with cloud access.

The reporting on the VIP Manager is not correct. The error is showing that we have a certain amount of users, but when we export the report to Excel or CSV, the number of users is different. The challenge we are facing at the moment is not knowing which one is correct.

If they had dashboards or a report for managers or executives, then it would allow them to see the status and have it make sense to them. They can also see the value of this solution.

This solution is stable. Everything is very stable.

This solution is scalable. We have approximately 7,000 licenses at the moment.

The technical support is good, but we have Business Critical as well. If it takes longer than two or three days to resolve an issue, we contact Business Critical.

Overall, we are satisfied with the technical support.

The initial setup was straightforward. It was not complex.

The deployment model that we are using is on-premises.

I am a consultant for Symantec on-site.

Before getting started with this solution, have a successful business process in place, or get something in place as soon as possible.

I like the whole solution, and I would recommend it.

I would rate it a ten out of ten.

The primary use case is to generate digital code to login to my email and network.

This solution is part of our requirement for multifactor authentication when logging into the network from outside the office.

We are currently using the latest version of the product.

It offers more platform support, like Apple, Android, and Microsoft.

It is easy to use. I use it when traveling.

In the next release, I would like the ability to work offline with remote access. Sometimes, there is no connectivity.

Every time that I have a new phone or computer, it takes a little longer to deploy it.

The stability is okay.

The scalability is very good.

We used a consultant for the deployment, who was good.

The solution has helped to increase staff productivity by approximately a minute.

There are additional costs for maintenance.

Find a way to work offline. 

• Intelligent authentication - Risk-based authentication
• Cloud-based service and management

It provides an easy management for credentials of the remote users when accessing the corporate resources.

There is a consolidation of a couple of Identity Providers into Symantec VIP for centralized management of credentials.

Integration with Citrix Access Gateway, Microsoft Office 365 and Single Sign-On (through Symantec Validation and ID Protection Access Manager) has increased the productivity of the employees for accessing resources.

The factors that need improvement are:

• Geofencing
• Privileged account management
• Behavioral authentication

I have used this solution for more than four years.

There were no stability issues experienced.

There were no scalability issues experienced.

Technical support is very good.

The setup was straightforward since this is a software-as-a-service (SaaS) solution, no hardware procurement or provisioning is required. Everything is already set up and provisioned on the Symantec data center.

There is a one-time setup fee plus the licenses are provided as per the number of users. For SMS and voice calls, the costs are separate.

Understand your pain points and requirements, then fully understand the feature set provided by the vendor and licensing requirements.

You know your environment best and the consultants who work with the vendors know the solution best, so bring everything down to an overlap.

The two-factor authentication is most definitely valuable and moves us closer to being able to check off those important boxes for compliance.

Currently, it is only for select users, but the infrastructure is in place to expand to a larger group. The increased security for those users is beneficial, as well as getting them used to the app. Just getting used to 2FA is a benefit, as we move closer to a more security-centric environment and mindset.

The gateway server is a RADIUS server, but it lacks the functionality of returning RADIUS attributes other than those that are required for the gateway to authenticate the users.

This could be improved a lot by providing additional values, and greatly improving the value and functionality of the Enterprise Gateway. This would remove the need for additional servers/firewall configurations.

The solution does what it is asked, but it has some configuration issues and the support is lackluster.

We have used this solution for about a year.

Stability issues with failover have been experienced. When the services lock up on one server, failover to the other server is not automatic. This may be on the front-end devices that point to the gateways, but the services seem to become unresponsive instead of failing and allowing the failover to function properly. This has not happened too often, however.

There were no issues with scalability, as we are still a small group.

Technical support is one of the worst problems. Every time I have submitted a ticket or called tech support, the tech didn’t seem to know anything about my issues. Granted, I was asking about out-of-band support.

However, they failed to do anything about it, and it didn’t seem like it was important to them. The only movement I got was when my director emailed one of his corporate contacts who provided us with a solution directly.

This was the first solution of its kind.

The initial setup for the gateway was fine. LDAP binding and synching was easy, even for a beginner. However, it became complicated when we attempted to configure the access control enforcement of DACLs we wanted to inject for remote users.

Natively, it does not support such features, so we had to get creative with a Microsoft NPS server as a forwarder to the Enterprise Gateway. This was fine, but the injection of DACLs was the issue. This was solved with Cisco AV-Pairs.

Licensing and pricing seems very fair.

We did not evaluate other options.

This product works fine when it is setup. Once we have it setup, we haven’t had to do much. The Gateway configuration is easy, and it is easy to backup, allowing you to spin up VM's and replace them if need be, (as no AD info is stored on them). The various capabilities for authentication are nice and allow for multiple methods.

In this version 9.1, lots of changes are done for the dashboard, User Store etc.

Mostly from a product expert's point of view, it provides solutions for my clients.

Intelligent Authentication and the cloud-based service with BYOD are valuable features.

The User Store synchronization part needs to improve. Also, the logs, reports, and dashboard can be improved.

I have been using this solution for around two years.

There were no stability issues.

There was the User Store issue that we experienced in terms of the scalability. It was difficult to fix after lots of troubleshooting.

Frankly, still in India, the technical support team is not that capable so as to resolve issues. This is because, in the APAC regions, this technology is new both for the Symantec support as well as for the partner engineer.

Read all of the initial configuration guide and attend training from OEM.

It is a fast and easy solution for end users. You are always online.

We were using two-factor authentication via SMS previous to this solution. Sometimes SMSs were not received and users could not make a VPN connection. With this tool, it is now enough to just press the approve button.

There are some shortcomings on the reporting side, such as how many connections you can get per month.

We started to use it in IT first. We tested it for one month. Later on, we moved all domain VPN users and consultant companies. We have used it for ten months since then.

There have not been any stability issues yet. Especially with the consultant firms' VPN connections, in which connection approval is done by us and we record their screen.

There have not been any scalability issues.

You don’t need any technical support. After the first time installation, the gateway solution is enough. After that, you just install the client app on your mobile device.

We used the SMS solution, but it always had problems. Every SMS sent costs money.

The gateway server is easy to install and communicate with. You just install it and download the software to your mobile device. The number received from the mobile device is also secured.

Symantec has always been an open-minded company. If you tell them what your budget is, it will be that number.

We have used the FortiGate SMS solution.

If you use a different product like this, your users will definitely see the difference. If this is the first time using such an application, the end user may have some resistance. The necessity of the product is indispensable and it is a really a simple application.

Resiliency: At one company I was at, we had development all over the world and often we would have a connection go down to the headquarters where we had the VPNs. This caused the remote site, sometimes with 100s of developers, to come to a halt isolating the office. In order to keep development going, I dropped a VPN and a small VIP relay server in the office. Because VIP is cloud based, as long as the site had an Internet connection, developers could still get in and work.

When tracking down an issue, you often have to go to each relay server and read through the logs.

We have been using VIP Access Manager for eight years.

Overall, VIP is very stable compared to RSA SecureID. The back end is handled by Symantec, while the enterprise handles a simple relay server. At times, the relay server could not contact Symantec; it would fail open and allow access without a passcode. If Symantec came back up, it would stay in fail open and not revert back to normal operations. So, I could create a DOS against the relay server, and then have full access to the site with only user ID and password

We did not encounter any scalability issues.

Technical support is better than average.

We previously used RSA SecureID.

Setup was very easy. I wrote a two-page procedure to deploy a server.

Pricing was about 25% of the old solution. That saved us about $500,000 over three years for 10,000 users.

We evaluated Entrust and SafeWord.

Include a load balancer in front of the relay servers.

Strong user authentication with easy integration to many applications using a free app, Mobile Credential, that lowers hardware costs.

Most of our customers reported fraud reduction and PCI compliance support.

They are adding QR code to its functionalities making the solution more complete.

A good feature that would be interesting to have is a credential profile with access time control. Some of our customers would be happy with that.

But a great improvement would be if they change the token number for a kind of technology by facial recognition.

Another thing is, if the Symantec VIP had a hardware appliance with a risk engine exclusive for IB, maybe they could create a new business opportunity.

With these three features my rating would be 5/5. That’s for sure!

I have been installing this solution for about three years.

It’s a cloud-based authentication service and I never get complaints about stability.

No complains about scalability. We can make quick changes in the user base and easily provision new VIP features.

In my opinion, for this solution, the technical support is not so expert when we talk about integration using the API. I rate them 3.5/5.

As a consultant, I am familiar with RSA SecurID. But, due to the need for tokens hardware, the solution turns out to be much more expensive than the VIP.

Quickly and easily deployed in enterprise infrastructure.

Licensing is per-user and has a great price if compared to RSA SecurID.

I evaluated RSA SecurID.

VIP is a strong, cloud-based authentication service that enables organizations to secure access to networks and applications to prevent unauthorized logins to company resources, even when passwords have been compromised or shared.

VIP is a strong authentication service to securely access the network while working remotely.

Strong, smarter user authentication with no set date of expiry on the soft tokens issued to remote users. It is an app that sits on the iPhone and generates a token every 30 seconds and combined with a 4 digit PIN makes remote login very simple either from an iPad or a laptop.

No areas come to mind at the moment.

I've used it for two years.

No issues encountered.

No issues encountered.

No issues encountered.

Excellent.

Excellent.

Previously we used RSA SecureID hard tokens for authenticating remote logins which were more expensive and we always used to get user requests to replace them when the expired.

It was fairly straightforward because all the platforms we were running like Microsoft Server 2008, Citrix, Cisco etc. were all supported by VIP.

We had very good vendor support for our in-house team, so the implementation went very smoothly. Within a month, we were able to migrate our entire fleet from the hard tokens to the VIP access soft tokens for remote login to the network.

It is added value that cannot be quantified with a monetary ROI figure, but what I can confidently say is that it is a one time investment of soft token licenses that do not expire. The main benefit of Symantec VIP is that it provides strong authentication while keeping it as a very user friendly experience.

As we already had a good business relationship with Symantec, and they were giving us a very cost effective cloud based option with VIP, we did not even have the need to pursue other options.

These are the benefits of implementing VIP by Symantec as remote login solution

• Cloud based solution
• Fast migration from hard token solution
• Reduced complexity
• Improved productivity
• Lower costs

• Ease of integration
• End user acceptance

After the initial integration, the overall support calls dropped, and customer satisfaction for VPN increased.

The VIP Manager can be accessed from the outside which is a security vulnerability. The VIP manager doesn't authenticate through AD or LDAP.

I've been using it for one year.

Our deployment was an eight month global, staged deployment. The issues were
related to the documentation and training and not with the products themselves.

Unless you can count an expired certificate as a stability issue, no.

We had a license for 4000 users, which we had to have increased overnight to suit our needs, and the issue was seamless.

Email support usually takes 24 hours to respond to questions, and longer for more complex issues that require additional research.

Great customer support. They usually respond within 24 hours and provide solutions to end users directly.

We previously used RSA VPN, which was outdated and expensive per seat. We also used Smartcard which had too many hand-offs and, again, was expensive.

It was straightforward. We were able to install the server and setup the portals within a day.

It was done all in-house.

It's a very easy product to administer and has a lot of extra features, including two and three factor authorization, mobile solutions, pin-to-text, layered administration, etc.

The ease of integrating into an existing authentication system. A hand held or laptop device is easily enrolled. The product is user friendly, but I have found some users still require coaching.

No functional improvement on accessing the intranet. However this product provides significantly more access security with an additional challenge. We have yet to use it for additional internal controls.

• Installation
• User experience
• Friendliness.

It's been available to the enterprise since the beginning of 2014. Test and development began in April of 2013.

Our only issue was with user training. The additional challenge was not well received.

So far so good!

No problems.

Responsive, but confusing about who owned what piece and where the expertise was for particular issues.

Very good.

We used the virtual solution provided by Solutionary.

Straightforward in that adding VIP provided a new layer of security to an existing virtual access platform.

This was done in-house primarily and with the help of Solutionary.

Produce a simple yet comprehensive guide for new enrollees.