What Is The Biggest Difference Between SailPoint and CA IDM?

I'm a senior manager at a financial services firm with 10,001+ employees.

We are evaluating both SailPoint and CA IDM.

What is the main difference between the two?

Thanks for your help. I appreciate it!

Senior Manager, CIAM & Payments Security at a financial services firm with 10,001+ employees
  • 2
  • 303
PeerSpot user
3 Answers
VP Enterprise Management Division Manager at Ness Technologies | נס טכנולוגיות
Real User
Nov 3, 2019

SailPoint focuses on Governance and CA is more provisioning tool. That is the biggest difference between SailPoint and CA.

Product comparison that may be of interest to you
Principal Architect at a government with 10,001+ employees
Real User
Nov 1, 2019

I checked with a colleague who has more “hands-on” experience, here is his response:
If so CA IDM please no. They have done some work but it’s still not good performance-wise. It has been updated from the original netegrity or whatever code (as of a couple of years the scripts still had that in the header comments, as in untouched in years after purchase). I am not saying SailPoint is the cat's meow, as I don’t know. But given my experiences with CA IDM, and its use internally. It’s complex, does a lot but doesn’t perform very well. At one time there was an issue with data integrity due to the replication cycle (2 repositories, user/id, and a replication repository just for that and data are flushed through both in sequence) as in the last change to data was not necessarily applied in sequence. Results were last change was not the attribute state. Surely that has been fixed by now but with CA you never know. And that’s another issue. My experiences with CA support pretty much got the right support engineer, you get real answers. The wrong one, not so much. If I was starting from scratch I might well consider OpenAM. The commercial product I am pretty sure but a great IAM swiss army knife. It’s descended from Sun One which oracle tossed out when they bought sun over their own IAM product.

AVP - Product Marketing at ILANTUS Technologies
Nov 1, 2019

When you say "differences" are you looking at a feature-by-feature comparison or at an overall level - the various "-abilities" like implement-ability, integrate-ability, support-ability, afford-ability and so on?

Find out what your peers are saying about SailPoint IdentityIQ vs. Symantec Identity Governance and Administration and other solutions. Updated: September 2023.
735,432 professionals have used our research since 2012.
Related Questions
Content Manager at PeerSpot (formerly IT Central Station)
Dec 1, 2021
Which is better and why?
See 2 answers
Nov 17, 2021
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the management of user identities, systems, data, and cloud services. It works great for Identity Access Management, specifically for cleaning up inactive and orphaned accounts. It has the joiner-mover-leaver feature. One of the features we like is the large availability of connectors for different applications and platforms. You can also recertify an account, which is very useful. It is well suited for large companies with lots of users and applications. However, for small companies, it might be a bit of an overkill. Sailpoint has a steep learning curve, so it is not for inexperienced users. Moreover, it doesn’t offer a lot of supporting documentation. It also doesn’t integrate well with other solutions. We chose CyberArk despite the cost because it works great for password management. CyberArk helps manage privileged accounts and service accounts, for example, when users need to connect remotely into systems. It is especially useful for IT staff to access their privileged accounts without having to remember the passwords every time - individually and even as a group. What we like the most about CyberArk is the ease of use and effectiveness in managing privileged accounts. For instance, it automatically changes the passwords for privileged accounts and reconciles and verifies passwords. New users can obtain secure credentials with minimal time and effort. The initial cost is high, which can be a bit of a stretch for small organizations. It also has high requirements for the initial setup and is difficult to customize. The performance could be faster. Conclusions While Sailpoint IdentityIQ is a very good privileged account solution, CyberArk is better suited for us because of its ease of use and efficiency in password management.
Identity Management Consultant at a consultancy with self employed
Dec 1, 2021
The two products are actually complimentary. Both companies have been very good about staying in their lanes and are their respective market leaders. CyberArk's PAM solution is aimed at protecting privileged accounts by providing features like vaulting, credential rotation, session monitoring and recording. They also have solutions for DevOps and Secrets management. SailPoint is an Identity Governance solution and actually manages CyberArk as an application the same way it manages accounts and privileges in SAP, AD, AAD and over 100 more applications. For CyberArk, it can add/change/delete users as well as create safes and assign users to those safes. At a user account certification time, it will show the CyberArk users and their associated privileges and allow the user's manager or other appropriate people to approve or revoke the privileged access.  SailPoint creates an Identity warehouse so that a user's accounts and entitlements are gathered, managed and reported on in a centralized manner. See Youtube for a quick explanation - SailPoint Identity Governance Integrates with CyberAek Privileged Access Security.  SailPoint does not provide the vault and session management functions that CyberArk does.
Julia Miller - PeerSpot reviewer
Community Director at PeerSpot
Apr 11, 2023
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
2 out of 10 answers
Senior Manager at a tech services company with 501-1,000 employees
Sep 24, 2019
We use the private cloud deployment model of this solution.
Enterprise Solutions & Services Head at Duroob Technology
Sep 29, 2019
We have three primary uses for the solution. We use it to centralize accounts and directories. We also use it for new registration of our new employees and for users to self-reset password.
Product Comparisons
Download Free Report
Download our FREE report comparing SailPoint IdentityIQ and Symantec Identity Governance and Administration based on reviews, features, and more! Updated: September 2023.
735,432 professionals have used our research since 2012.