What is our primary use case?
My primary use case for PingID was multifactor authentication, then I used PingOne, which showed me the transaction, so the whole person authentication, including the errors. Based on the resulting errors, I checked the PingFederate connection mapped for the particular application and published information about the issue.
Through PingID, there was multifactor authentication. In particular, secondary authentication was enabled to secure the application and is supported in IOS, even for mobile devices.
During the PingID authentication, you need to swipe or give your fingerprint on your mobile and then get the SMS for authentication.
What is most valuable?
What I like best about PingID is that it's very user-friendly.
PingID is well-built as a developer tool and regularly upgrades and updates via patches. Sometimes, my company faces vulnerability issues, and PingID even helps through vulnerability patches.
The tool has excellent features.
I also like that PingID has clear documents that will help you integrate it with other solutions.
What needs improvement?
PingID classifies the type of environment into internal and external, with the internal environment for internal users and the external environment for external users. For example, the external users would be cabin crew members who log in using the mail ID through multifactor authentication. This is an area for improvement in PingID because you need to take additional steps so you can trust both internal and external users.
My company had to use the CIDR authentication selector as an additional step, through policy creation in the PingFederate website, with the help of trusted IP, where all people belong to a particular network, then my company needs to do some IP load balancing. My company had to configure the particular IP in the CIDR authentication selector, then only then can it classify users into internal or external.
An internal user doesn't need to do multifactor authentication, but an external user will be redirected to a request from the PingFederate console, and then, based on the user authentication method, through biometrics, the user will be authenticating from Active Directory. If the user is valid, authenticated, and the authorization is approved, the user will then be redirected to the application.
For how long have I used the solution?
I have more than three years of experience with PingID. The last time I used PingID was six months ago. I'm now working on the PingFederate side.
What do I think about the stability of the solution?
Stability-wise, PingID is an eight out of ten for me. It's a very stable solution, but sometimes, failures occur that you can't control. For example, my company checked logs in Sumo Logic and had Dynatrace as a monitoring tool. If there's a failure in the software system, where everything is connected, for example, if PingFederate isn't working, Dynatrace will send a report to my company. If PingFederate or an agent isn't working, my company won't receive any logs, so it depends on the policy and infrastructure, but PingID stability is an eight for me.
What do I think about the scalability of the solution?
The scalability of PingID purely depends on the server side and how you're going to configure it. In some cases, it would also depend on how you'll do performance tuning. How scalable PingID is will differ from infrastructure to infrastructure. For example, I supported the easyjet.com environment which had more than ten thousand user bandwidth.
How are customer service and support?
Support-wise, PingID is an eight out of ten because when my company faced a P1 incident or issue that company members couldn't resolve, my company created a P1 request. The PingID SME joined the call within thirty to forty minutes, which was the vendor's service agreement, but only for P1 issues.
For P2 issues, it takes around one hour and forty minutes; for P3 incidents, it could take eight hours; for P4, it usually takes ten hours but could reach up to twenty hours.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I used PingFederate with PingID because PingFederate can assign internal and external users and configure validation. Based on the improv setup, you can also use PingFederate for your internal environment. Still, in my company, I'm using PingFederate for the external environment, where servers run outside the company's environment.
I used CA SiteMinder in the past, which was an older tool, and I wanted to use the latest technology, so I switched to a newer tool, PingDirectory, which I installed. Now I can work on PingDirector in terms of schema rules, mapping, etc.
How was the initial setup?
The initial setup for PingID is seven out of ten for me. I had to install PingFederate, have experience with PingDirectory and Apache Studio, and do everything myself, including the environment setup. I've successfully implemented the project.
PingID for mobile apps is okay, as you don't need to deploy PingID in any of the servers. Still, you need to create the connection, enabling PingFederate in a particular environment. PingFederate is not infallible, and it's the only inject site, so you inject, then run the property file, configure the admin port, cluster port, and the index number for the engine node. You need to denote how many engine nodes you must classify for the admin node on the property file, then run that file. Once the PingFederate console runs, automatic cancellation will occur, and the application will work.
The complete deployment of the PingID project didn't take more than five to six months, including the POC, development, and production.
What about the implementation team?
I've implemented PingID, so it was an in-house implementation.
What was our ROI?
PingID saves you time between thirty to forty percent, so time is the ROI, at least to me.
What's my experience with pricing, setup cost, and licensing?
PingID pricing is a ten out of ten because it's a little bit cheaper than other tools, such as Okta and ForgeRock, and supports multiple tools. It also has the main feature of MFA via finger swiping or SMS versus other MFA tools, where you need to wait for a few seconds to get the new code, even if you've been authenticated. The speed of transactions in PingID is also very fast because it only takes microseconds after swiping your finger. I like the tool very much.
Which other solutions did I evaluate?
I've evaluated other software, such as PingFederate, PingDirectory, PingAccess, and PingOne, apart from PingID.
What other advice do I have?
I'm working in the identity access management domain, so I've used software such as PingFederate, PingDirectory, PingID, PingOne, and PingAccess.
PingID is deployed on the AWS service, so that's on a cloud environment.
I'm part of the engineering team, with three members working on the PingID project and five from the support team working on PingID. Within the environment I supported, twelve thousand people used PingID, particularly crew members who used the MFA feature of the solution.
The maximum number of users I've seen from PingID based on the environment I supported was up to twelve thousand.
My recommendation to anyone looking into implementing PingID is that before working with the tool or any other tool, you first need to understand it and get some basic knowledge about it. With basic knowledge, you can implement PingID. Consider why you'd implement the tool in your environment and for what purpose. How many people will benefit from using the tool? Before implementing, it would be best to compare PingID with other tools to see the features and benefits.
My rating for PingID is eight out of ten because it's a faster tool with multiple features. It also supports one of the adapters of PingFederate, the composite adapter, which allows you to enable MFA on an adapter-based setup.
My company is a PingID partner.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
*Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
