Try our new research platform with insights from 80,000+ expert users
it_user178272 - PeerSpot reviewer
Senior Security Consultant with 51-200 employees
Vendor
Simplified deployment of web applications. Very stable product.

What is most valuable?

Protection of web applications

How has it helped my organization?

Simplified deployment of web applications. The ISAM products centralises authentication and authorization giving a shorter time-to-market in the development of new web sites/applications

What needs improvement?

Since ISAM 7, and especially version 8 IBM has moved from software-install to appliance based (virtual or hardware) this really improves the speed of new patches and releases. IBM promised to release a new appliance-firmware every quarter, so far they kept their promise.

For how long have I used the solution?

10+ years.

Buyer's Guide
IBM Tivoli Access Manager [EOL]
October 2024
Learn what your peers think about IBM Tivoli Access Manager [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.

What was my experience with deployment of the solution?

You do need to train to add to your skill set, and need to fully understand the possibilities and features which takes a while. Since I've been using it for over 10 years it is no longer difficult for me to deploy. Of course with new version some things change, so reading the documentation is quite useful sometimes.

What do I think about the stability of the solution?

Since its birth it is an unbelievable stable product. I know of a deployment that did not receive any maintenance for several years and it was still working.

What do I think about the scalability of the solution?

Nope, it is designed to be very flexible. It can handle any size website.

How are customer service and support?

Customer Service:

We as a Premium Business Partner have some advantages in being able to contact the developers more easily. Our customers can raise tickets, and depending on their contract, they are suitably assisted by IBM.

Technical Support:

It has been good for long time.

Which solution did I use previously and why did I switch?

Nope, somehow I ended up a IBM Business Partners, always using ISAM. But are also using IBM Security Identity Manager, IBM Security Directory Server, IBM Security Directory Integrator, IBM Federated Identity Manager. Basically all IBM Security Identity and Access Management offerings except IBM Tivoli Access Manager for ESSO (confusing naming, but a really different product that does not really combine with all the others in my humble opinion).

How was the initial setup?

With the firmware appliance it is easy as pie.

What about the implementation team?

I'm part of a IBM Premium Business Partner, we are specialised in IBM IAM deployments. In many occasions IBM Netherlands is requesting our services to get the job done.

What was our ROI?

An ROI, is for most customers not easy to make being a security solution. It gives more hassle than not using it, insurance-wise you could say. Once a customer has chosen it they stick with it, I did not see many customers abandoning it due to ISAM not performing or not being satisfied.

What other advice do I have?

Ensure you got your team trained and get external expertise for your architectural design and first deployments. While learning on the job, your team can take over after a while.

Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Premier Business Partner. I'm personally involved in contributing to the official IBM Security exams, and an official instructor for these products for over ten years
PeerSpot user
it_user181527 - PeerSpot reviewer
Consultant at a consultancy with 51-200 employees
Consultant
It’s a very flexible and customizable product but installation and configuration need improving

What is most valuable?

It’s a very flexible and customizable product.

How has it helped my organization?

  • It provided a secure and robust end to end security solution.
  • You can fine tune authentication and authorization
  • It’s also easily scalable.

What needs improvement?

  • Installation and configuration.
  • If you don’t know the requirements of the supporting components, it could be complicated to install and this has been improved in the later versions that are renamed to IBM Tivoli Security Access Manager.
  • Also the knowledge base articles on the internet are limited.

For how long have I used the solution?

Several years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

This is a very stable product that can run forever.

What do I think about the scalability of the solution?

There are no issues with scalability with this product. Easily to do with no downtime.

How are customer service and technical support?

Customer Service:

Good. Nothing to complain about.

Technical Support:

The technical support are very skilled and has helped solve all issues that I needed help with in a timely fashion.

Which solution did I use previously and why did I switch?

No previous solution used.

How was the initial setup?

Not as straight forward as Microsoft products where the dependencies are bundled in the installation.

What about the implementation team?

I was part of the in-house team and we managed to handle it without the help from the vendor.

What's my experience with pricing, setup cost, and licensing?

The setup cost is like any other product, and once setup, this product requires very low maintenance.

Which other solutions did I evaluate?

No other options were evaluated.

What other advice do I have?

Most often IBM Tivoli Access Manager is not involved when backend applications are developed an this can sometimes cause the applications to not function properly and you need to spend time troubleshooting and do changes in the application.

An IBM Tivoli Access Manager technician should be involved from the start when developing a new application.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
IBM Tivoli Access Manager [EOL]
October 2024
Learn what your peers think about IBM Tivoli Access Manager [EOL]. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
PeerSpot user
Tivoli Access Manager SME at a government with 1,001-5,000 employees
Real User
Easy integration with existing web applications however the Redundant Policy servers had to be manually configured.

Valuable Features

Scalability and the easy integration with existing web applications with no or minimal change to applications.

Improvements to My Organization

Tivoli Access Manger lets you separate security from applications and manage at one place. Several applications can be rolled into to the same security model.

Room for Improvement

Redundant Policy servers had to be manually configured using LB.

Use of Solution

12 years.

Deployment Issues

No

Stability Issues

No

Scalability Issues

No

Customer Service and Technical Support

Customer Service:

Excellent.

Technical Support:

Excellent.

Initial Setup

It is straightforward. However it also takes experience to roll out this product.

Implementation Team

We used a vendor team and they were excellent.

Other Solutions Considered

CA Siteminder was considered.

Other Advice

ISAM 8.0 the new version of Tivoli Access Manager may be considered for large web security implementations.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user3222 - PeerSpot reviewer
Manager of System Security with 501-1,000 employees
Vendor
A strong part of an integrated IAM stack

Valuable Features:

Tivoli Access Manager (or IBM Security Access Manager) is a fully featured web authentication, sso and authorization product.The product supports multiple user information repositories and also integrates with a variety of strong authentication solutions.Supports reverse proxy as well as adapters placed directly on web servers and app servers.Later product versions supports fine grained authorization as well as XACML based authorization configuration. The DP integration provides support for authn and authz for web services.

Room for Improvement:

Complex to install and run. Requires the full IBM stack to reach full potential.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user711612 - PeerSpot reviewer
Senior Consultant at a insurance company with 1,001-5,000 employees
Vendor
Reverse proxy provides central control over authentication and authorization.
Pros and Cons
  • "The integration effort with the end application is quite straightforward and easy."
  • "Multi-factor authentication with social integration needs to improve."

How has it helped my organization?

It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features.

What is most valuable?

Reverse proxy is the most valuable feature as it provides central control over authentication and authorization. The integration effort with the end application is quite straightforward and easy.

What needs improvement?

Multi-factor authentication with social integration needs to improve.

What do I think about the stability of the solution?

There were no stability issues.

What do I think about the scalability of the solution?

There were no scalability issues.

How are customer service and technical support?

An acceptable prompt response is received from the technical team depending on the severity of the issue.

Which solution did I use previously and why did I switch?

More features were found in this product compared to the previous solution that we were using.

How was the initial setup?

It needs quite a lot of time to design the architecture and properly layout the deployment for the high availability setup.

Which other solutions did I evaluate?

We looked at a couple of other products namely CA and Oracle.

What other advice do I have?

Properly understand the requirement and deploy the application correctly as the product comes with a vast number of features, that we might not use unless we don't check wisely.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user628068 - PeerSpot reviewer
Application Development Team Lead at a tech services company with 1,001-5,000 employees
Consultant
It is a secure way of accessing clients through various application portals.

What is most valuable?

  • Simplified architecture
  • Security

How has it helped my organization?

It is a totally secure way of accessing clients through various application portals for more than ten EU countries, just by using single sign-on. Moreover, its EAI makes customization easier with the Java/J2EE Applications.

What needs improvement?

  • Multi-source authentication
  • Common configs: These need to be moved into a single config file at the appliance level

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

There were no stability issues. However, trends are changing so fast and so are the clients' requirements. The clients also want their hold on the product. They are showing interest in customization.

What do I think about the scalability of the solution?

There were no scalability issues.

Which solution did I use previously and why did I switch?

This is my first product. However, I am moving, along with my clients, towards ForgeRock OpenIdentity Stack.

How was the initial setup?

It totally depends on the way the client wants to set up and implement the product. The security requires complex implementation. This is where no one wants to compromise.

What's my experience with pricing, setup cost, and licensing?

The pricing is always costly.

Which other solutions did I evaluate?

After working for three years with this solution, I am now looking for other products.

What other advice do I have?

It is the best product for bigger organizations, but trends are changing so fast. You should look at ForgeRock OpenIdentity Stack if you are looking for a slightly lower price range.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are implementation partners.
PeerSpot user
PeerSpot user
Sales Engineer - Identity and Access Management at Sailpoint
Real User
Top 20
The single sign-on configurations support multiple types of configurations, including FSSO, HTTP, SAML.

What is most valuable?

The single sign-on configurations are unique to the product. They support multiple types of SSO configurations, including FSSO, HTTP, SAML. The most robust functionality for SSO is its EAI (External Authentication Interface) option. EAI allows customers to customize their authentication mechanisms as per their needs.

Access management for web resources is simple to configure but highly impenetrable. It can search all the resources in the protected system and allows you to manage user access with a few clicks.

How has it helped my organization?

The robust single sign-on feature allows business users to improve their productivity in their day-to-day tasks. It also provides end-user activity visibility on critical applications.

What needs improvement?

The user interface looks like it was designed for technical personnel only. The interface is part of the WebSphere Admin console. A lot of configuration, including those for SSO, are done through scripts and config files. The GUI could incorporate these configurations.

For how long have I used the solution?

I have used it for four years.

What do I think about the stability of the solution?

If we talk about out-of-the-box functionality, the product is highly stable. For the areas in which the product allows customization, stability is dependent on the quality of customization done.

What do I think about the scalability of the solution?

The product is highly scalable; very simple to increase the scale of deployment.

How are customer service and technical support?

IBM provides prompt support on any issues faced. IBM is willing to go an extra mile to help meet their customers’ requirements.

Which solution did I use previously and why did I switch?

This was the first product I have worked with.

How was the initial setup?

Initial setup in older versions was quite complex, but with the newer versions it is quite simple. The product also comes with a pre-configured appliance.

What's my experience with pricing, setup cost, and licensing?

I am more involved in the technical side, with limited knowledge of licensing and pricing.

Which other solutions did I evaluate?

I am part of an organization which is an IBM business partner and provides services using IBM products only.

What other advice do I have?

This product is highly recommended to meet access management and web single sign-on requirements.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company is an IBM business partner.
PeerSpot user
it_user184626 - PeerSpot reviewer
Manager of Online Web Services Team at a financial services firm with 1,001-5,000 employees
Vendor
Keeps our web applications secure despite the Web Portal Manager not implementing the full set of functions

What is most valuable?

Web security.

How has it helped my organization?

It keeps our web applications secure.

What needs improvement?

Web Portal Manager does not implement the full set of functions found in the command line

For how long have I used the solution?

Nine years.

What was my experience with deployment of the solution?

There are some challenges between major version upgrades. We usually wait for the first fix pack before evaluating the system for an upgrade.

What do I think about the stability of the solution?

Early versions had issues but since version 5.1 it has been very stable.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

Very good.

Technical Support:

It depends on who you get. Some Level One technicians are better than others. When you get to Level Two and Three it's much improved. We've dealt directly with the developers on several occasions and those folks are the best.

Which solution did I use previously and why did I switch?

No previous solution was used.

How was the initial setup?

I was not involved in the initial roll-out but did participate in the upgrades from v4.1 to v5.1 and from v5.1 to v6.1. Junction file format changed from v5.1 to v6.1 which cause some challenges.

What about the implementation team?

In-house implementation.

What other advice do I have?

IBM directory server offers the best roll-out experience. We are just beginning to look at using Active Directory for our repository,

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user