We provision accounts and access through NetIQ. Lifecycle events are triggered by our HCM system which feeds Identity Manager. Identity Manager then feeds other downstream systems such as Active Directory and ServiceNow. We also have NAM (Novell Access Manager) for single sign-on but I did not include that in this review as it is a separate product.
Identity Management Engineer at a pharma/biotech company with 1,001-5,000 employees
Be more honest about how poorly it runs on Windows servers.
What is our primary use case?
How has it helped my organization?
We learned a lot about what not to do when we implement our next solution. We were implementing an HCM solution at nearly the same time as NetIQ so that was definitely something I would not recommend doing if at all possible.
What is most valuable?
The identity vault, password syncing and self service Password Reset. As seen in another review, I will concur that NetIQ does a good job with password syncing among directories.
What needs improvement?
Be more honest about how poorly it runs on Windows servers. It is optimized for Linux. Just because you can install and run it on Windows doesn’t mean you should, at all. It is a recipe for disaster.
Buyer's Guide
NetIQ Identity Manager
December 2024
Learn what your peers think about NetIQ Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
Yes, it does not run well on Windows servers. It is meant to run on a Linux platform.
What do I think about the scalability of the solution?
Yes, it does not scale well and licensing is very expensive. Again, does not run well on Windows so upgrades were a nightmare.
How are customer service and support?
Very poor. We ended up having to contract for support from two other service providers since NetIQ’s support was so poor.
Which solution did I use previously and why did I switch?
This was our first IAM solution.
How was the initial setup?
Very complex. Again, it does not run very well on Windows and we required a lot of customization to meet our business objectives.
What about the implementation team?
A vendor team helped us through our implementation from Deloitte & Touche Consulting. I wasn't quite as involved with the implementation but have been supporting the solution for about 4 years now so I can't speak to their level of expertise.
What's my experience with pricing, setup cost, and licensing?
Very expensive licensing. Definitely review support and licensing contracts with an attorney to get language less ambiguous and redline accordingly.
Which other solutions did I evaluate?
We did. We evaluated CA, IBM, Novell (now NetIQ) & Oracle.
What other advice do I have?
Get executive buy-in and know that a tool isn’t going to fix bad processes.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Manager at Hong Kong Baptist University
Reliable, useful synchronization, and straightforward implementation
Pros and Cons
- "The most valuable features of NetIQ Identity Manager are the synchronization of different directories, such as Active Directory. We have many Active Directory systems, not only one."
- "We have another system that is using the SAML system, and we also integrate with Active Directory only. If NetIQ Identity Manager can integrate directly, we would not need to use the Active Directory directory."
What is most valuable?
The most valuable features of NetIQ Identity Manager are the synchronization of different directories, such as Active Directory. We have many Active Directory systems, not only one.
What needs improvement?
We have another system that is using the SAML system, and we also integrate with Active Directory only. If NetIQ Identity Manager can integrate directly, we would not need to use the Active Directory directory.
For how long have I used the solution?
I have been using NetIQ Identity Manager for approximately 10 years.
What do I think about the stability of the solution?
The stability of the NetIQ Identity Manager is good.
What do I think about the scalability of the solution?
NetIQ Identity Manager can improve the bulk account uploads, it's very slow. You need to do it one by one. We work in the education sector, and every year we have approximately 20,000 accounts to create in a very short period, the NetIQ Identity Manager has a problem with this, we need to use a batch job. For example, we cut it into 10 batches and execute them one by one, so that it will not interrupt our production environment.
Even though we have upgraded the hardware, the software used for NetIQ Identity Manager could improve. The scalability can be better.
How are customer service and support?
I have not used the support from NetIQ Identity Manager.
Which solution did I use previously and why did I switch?
I have not used other solutions.
How was the initial setup?
The initial setup of NetIQ Identity Manager is straightforward.
What other advice do I have?
I rate NetIQ Identity Manager an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
NetIQ Identity Manager
December 2024
Learn what your peers think about NetIQ Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Consultant at a energy/utilities company with 1,001-5,000 employees
A flexible tool that connects to multiple and various data sources
Pros and Cons
- "It's a very flexible tool, so you can synchronize multiple sources of data and you have multiple connections to various kinds of systems."
- "If it could be operated in such a way that anybody could use it, with just the user interface, and there's no need for programming, then that would be a great improvement."
How has it helped my organization?
We did an exercise, but it was a long time ago. I know that we had a lot of manual work that we saved by using the product. So on a monthly basis, we would hire ten or so users per day, ten times, over twenty days, so two hundred in total.
Each user would take between ten and fifteen minutes, so let's say two hundred times twenty minutes, is four thousand minutes, or sixty-six hours. There were more functions that we'd do as well.
I would say you would save like around one-hundred person-hours, per person per month. That's big savings.
What is most valuable?
It's a very flexible tool, so you can synchronize multiple sources of data and you have multiple connections to various kinds of systems.
The most valuable features are that it's a very flexible tool and it's connected to multiple and various data sources.
What needs improvement?
The product, the technology itself, is really good.
The problem is the ecosystem. There's not a lot of people that know the product, so it's hard to find someone to work with the product. Sometimes you need to deploy something that's a little different. It requires development, and it's just hard to find people. It requires training, because, in each event, you need to learn the specific language that the product speaks. So it's a directional language and you need someone with some knowledge with it to deploy it.
They have graphical interfaces and you can get away with the basics, but it gets a little bit more complicated once it's a little bit more customized. If it could be operated in such a way that anybody could use it, with just the user interface, and there's no need for programming, then that would be a great improvement.
They need to go to a cloud service solution because everyone's looking forward to the cloud now. Everything that I worked with was on-prem system deployments.
For how long have I used the solution?
I've been using the solution for more than five years.
What do I think about the stability of the solution?
The stability is solid. You don't touch it. Once you deploy it, it just works.
What do I think about the scalability of the solution?
In terms of scalability, it depends on how much you want to spend to scale because they charge for connectors. You can connect virtually everything to it. They have connectors for most of the systems in the market including databases, cloud solutions, etc.
The company just launched an update so they are upgrading. They need to connect to the new SAP version. They were planning on connecting to the latest version of existing systems.
How are customer service and technical support?
Technical support was good. I had to use them a few times and they were very knowledgeable and they were quick. I always had a quick turn around from support.
How was the initial setup?
The initial setup has medium complexity. It depends. The previous version was more complex. Now they've made it better. They knew that the tool was complex so they tried to enhance and simplify the installation. I would say it's not too hard today to get you going on the basics. The more approvals and workflows and the more components you add to it, the more complicated it gets and you need more specialized people. You just make sure that you train your personnel.
If this product was more widespread and people knew more about the language then you wouldn't have this issue about when you need to add people to the system.
What about the implementation team?
I wasn't there when the implementation took place, but I think services were from the actual vendor, Micro Focus, itself.
What was our ROI?
Some products, typically security products, the moment they're implemented, their ROI is instant because you know security is invaluable and data loss is something that needs to be halted right then and there. Your return is guaranteed because the product saves so many person-hours over the years.
What's my experience with pricing, setup cost, and licensing?
I'm not sure of specific pricing, but I know they have different licensing, depending on your organization. Governments, for example, have special pricing. Education would have different pricing because it's more like a sector.
There might be additional costs too, and it depends on which system you are integrating. So let's say user x needs one AD account or an Oracle or SQL. You would have the base license plus per connector. You just need to be aware that the more systems you connect, the more license fees you have to pay.
What other advice do I have?
The way it was implemented for the company was mostly for HR integration. So we would synchronize data from SAPHR to an Active Directory. So all the new hiring, all the user provisioning was made by HR on the SAP system. This system was responsible for creating the accounts on the network and mailboxes and all that from that system. So no one has ever created a user manually in AD. It's all automatic.
It's a solid product, it's a mature product. You just need to make sure that your IT personnel is properly trained. When you purchase a license, make sure you have support engaged as part of your contract and you'll get your team trained.
I would also recommend a proof of concept for sure. That way you can show clients how flexible the product is.
I would give the solution a rating of nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Thank you for you review of Identity Manager. I will ensure that your comments on the eco-system and ease of use are passed to the product management.
Works
Facilitates synchronization between eDirectory and AD, but the interface needs updating
Pros and Cons
- "The most valuable features are Password Reset Alerts, Password Sync, and SQL connectors."
- "The interface is old and outdated, and the design software seems archaic."
What is our primary use case?
We use this solution for Directory and Password Synchronization, as well as SQL updating for ERP.
How has it helped my organization?
Has facilitated the synchronization from eDirectory to AD and helped with Automating some SQL tasks.
What is most valuable?
The most valuable features are Password Reset Alerts, Password Sync, and SQL connectors.
What needs improvement?
The interface is old and outdated, and the design software seems archaic.
For how long have I used the solution?
More than fifteen years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Consultant - IAM / Security at a tech consulting company with 51-200 employees
The UI for requesting and approving rights has been outdated, but in the latest version that has been addressed
What is most valuable?
Event driven provisioning and powerful Development and documentation tool - Designer are the most valuable features on NetIQ Identity manager
How has it helped my organization?
Identity and access management processes have developed to become automatic and fast. While the source of identity information is the HR data, user rights can reflect the user role(s) in an organization.
What needs improvement?
The UI for requesting and approving rights have been a little outdated, however, in the most recent version that has been addressed. Also, the amount of work from box to production has been improved a lot during the years, but for sure - there is always a need for a capable project team to fit the product to the processes of an organization.
For how long have I used the solution?
12 years.
What was my experience with deployment of the solution?
High amount of skill with the product and overall knowledge of IAM are useful to avoid issues on IAM deployment. The issues are normally due to data quality, which can be fixed with the products Analyzer application.
What do I think about the stability of the solution?
Product is stable. At certain points, there have been bugs - but NetIQ Support has been able to help with those kind of situations
What do I think about the scalability of the solution?
Product is very scalable. It is matter of optimizing the rules used during the integration process.
How are customer service and technical support?
Customer Service:
7/10.
Technical Support:9/10.
Which solution did I use previously and why did I switch?
No previous solution used.
How was the initial setup?
IM products are someway framework solutions. Deploying a solution to an organization requires co-operation with many stakeholders and knowledge on the systems to integrate.
With a normal integration, for example with AD, it's a matter of configuration, but integration with the HR system it's a matter of designing processes - for example if the system is not a standard out of the box system.
What about the implementation team?
I have been a consultant on customer implementation projects.
What other advice do I have?
- Sell the idea at the CEO level
- Get sponsors for a project
- Get a capable project team
- Choose a consultant who knows the product and not only the IDM processes.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jefe de Operaciones at a manufacturing company with 1,001-5,000 employees
It is reliabile when it comes to synchronizing directories.
What is most valuable?
Its reliability when it comes to synchronizing directories is the most valuable feature. It is very safe to be based on events.
How has it helped my organization?
For many years we had Novell eDirectory as the main directory, to which was added LDAP, AS400, Active Directory, Google, and SAP.
The greater strength was to keep the identities synchronized without failures in both attributes and passwords. The provisioning of identities at reasonable times greatly reduces the time of a new user's registration.
What needs improvement?
The Operations and Information Security.
For how long have I used the solution?
We have been using this solution for 15 years, i.e., since its inception and the time it was called Novell NDS for NT.
What do I think about the stability of the solution?
There were no stability issues, IDM is one of Novell's most stable products. Errors are human, just be careful in its use.
What do I think about the scalability of the solution?
There were no scalability issues. In fact, we have incorporated many users by acquisitions and it is safe to climb; your performance does not degrade.
How are customer service and technical support?
Technical support is very good, but in my country the ecosystem of consultants is scarce. In Argentina, in addition to Micro Focus (previously Novell), there are only two or three partners whose focus is IDM. But the few that are there, they possess very good technical level, generally ex-Novell.
Which solution did I use previously and why did I switch?
A few years ago, I had the opportunity to analyze its competitors. IBM and Oracle and both were horrible; especially Oracle as it is difficult to implement, has unfriendly interfaces, there is an absence of connectors, and there are almost no specialists in the region. Oracle did not even work.
How was the initial setup?
Given that identity management is itself an IT specialization that requires a lot of knowledge, the implementation is simple. That is to say, if it is clear that the tool is intended, sinceneeds can vary from a simple synchronization of keys to a complete and automated process.
What's my experience with pricing, setup cost, and licensing?
IDM licensing has accessible values even for installations of thousands of users. Once the input values were not so cheap, but the annual maintenance is very accessible. The ROI is seen in the hours saved in provisioning.
Which other solutions did I evaluate?
We first had IDM for several years and then, compared it to IBM and Oracle against aggressive bidding; these were not worthwhile though.
What other advice do I have?
Analyze if you want to unify the keys of different identities of the same user or if you want to propagate an identity in several platforms. The latter option is recommended, although it demands more effort.
Go little by little. Install the core in a new metadirectory, separate from the production one, and implement the one-to-one connectors. This is advisable because the impact on the end user is high (in the positive sense) since it is still a change. Then, take advantage of all of its functionalities, as it is common to see that after installation, several connectors do not use other parts of the tool. For example, the role-based authorization flows, circuits to request a device, or automation of response by the loss of passwords.
Do not confuse identity management with single sign-on. This is another discipline and there are other products for it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
As a IDM consultant, I manage several NetIQ IDM production site and the synchronization engine works well without any problem.
Identity Management Consultant at a tech services company with 11-50 employees
Very powerful product but customizing takes time and resources. Unpractical for SMBs.
What is most valuable?
The Role Based Provisioning Module feature is by far the best thing about the product; using roles and entitlements for access and provisioning makes old group based obsolete.
How has it helped my organization?
It has reduced time and resource costs due to automation of previously hand-managed tasks like provisioning, granting access, distribution and access to different enterprise connected applications.
What needs improvement?
Definitely documentation is among the most lacking features of the product. Also, the ability to run all components on Windows OS is needed.
For how long have I used the solution?
I've used it for one year in different customer environments and licenses.
What was my experience with deployment of the solution?
Deployment is pretty easygoing, though some trouble might arise if the customer's security policy is overly strict or the infrastructure has a bad design.
What do I think about the stability of the solution?
Stability wise I would rate the product 8 out of 10. Some known quirks and bugs give unwanted resource hogs that can be a headache at the wrong moment.
No major problems as of yet.
What do I think about the scalability of the solution?
Scalability becomes an issue if the vision changes from the initial implementation. Not being flexible and having to rewrite quite a bit of code for even a simple added feature makes it difficult.
How are customer service and technical support?
Customer Service:
9/10.
Technical Support:8/10.
Which solution did I use previously and why did I switch?
We previously used Microsoft Forefront Identity Manager.
How was the initial setup?
Initial setup is straightforward if done by vendor requirements.
What about the implementation team?
We used a vendor team, and their level of expertise is 9/10.
What's my experience with pricing, setup cost, and licensing?
- Four hours for installation
- Development hours vary
- Two hours weekly maintenance and check-ups
Which other solutions did I evaluate?
We also looked at Quest OneIdentity, Oracle Identity Manager and Tivoli Identity Manager.
What other advice do I have?
- It is a money saver in the long run
- As long as you set your requirements from the get-go there won't be overhead further along
Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user186828Senior Consultant - IAM / Security at a tech consulting company with 51-200 employees
Top 20Real User
As long as scope of implementation will be realistic and both planning and implementation resources know the product - NetIQ IDM is choice also to smaller company.
Integration Specialist at a tech services company with 51-200 employees
Allows data changes and passwords to propagate to applications in real time. The UI is hard to configure.
What is most valuable?
To my knowledge it is the only event based IDM system. Its supporting directory (eDirectory) also has event based replication. This makes it a very 'real time' system. In short, it is event based and not batch based.
How has it helped my organization?
Being event based, it allows data changes and passwords to propagate to applications in real time. This makes business workflows efficient and instant from both a process and technology perspective.
What needs improvement?
The user facing interfaces are not too friendly and they are also fairly hard to configure. Better alerting/monitoring of connectors/data would also be nice.
For how long have I used the solution?
Three years
What was my experience with deployment of the solution?
Not particularly. My advice would be to ensure ample time is spent on data quality and also on code testing.
What do I think about the stability of the solution?
Not really. A few issues now and then but patches generally come quick enough.
What do I think about the scalability of the solution?
No, it seems to scale quite well.
How are customer service and technical support?
Customer Service:
Not too bad.
Technical Support:OK. Not up to par with bigger vendors like MS and Cisco.
Which solution did I use previously and why did I switch?
No.
How was the initial setup?
Any IDM will not be simple unless the environment is simple. We have a large complex environment, so setup was complex. Any IDM would have this.
What about the implementation team?
We used and external systems integrator initially but they were not up to par so an internal team is now being built.
What other advice do I have?
Be sure data quality and code quality is good from the start. Going back over a production environment just makes things hard.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free NetIQ Identity Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
SailPoint Identity Security Cloud
Omada Identity
One Identity Manager
One Identity Active Roles
Oracle Identity Governance
SAP Identity Management
Symantec Identity Governance and Administration
Buyer's Guide
Download our free NetIQ Identity Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
Regarding Windows platform & NetIQ IDM, I would say that the directory and the IDM engine install and run smoothly on Windows 2012 & 2016. I have one customer that synchronize more than 10'000 students with NetIQ IDM 4.6 on Windows 2016.