Oracle Identity Governance Reviews

We are using Oracle Identity Manager for the management of the identity cycle. We have a human resources system as a source, and we have some custom-made applications as a destination of the changes in the identities.

Our organization has almost 60,000 users. We have a team of five people developing and maintaining the product.

The support service of Oracle is good. We use it a lot and their response is quick. 

Oracle Identity Manager is an out-of-the-box solution that is not beneficial for us. We only have custom-made applications. We could have started at ground zero and made all of our own tailor-made integrations with a bigger economic advantage, saving us from having to purchase Oracle licenses.

The solution needs to improve its web interface in the next release. It is timing reliant, making it extremely difficult to customize. It is not a user-friendly product. We receive little benefit by purchasing the licenses.

I have been working with Oracle Identity Governance for two years.

Once you are in a production environment, Oracle Identity is stable however, every update is a risk and can be very time-consuming to apply the patches. 

The product is not user-friendly, I don't think Oracle support knows it as well as they know other products that they have. They respond quickly and always fix the concern, but it takes time. It is difficult to maintain.

Neutral

The initial set up of Oracle Identity Manager was difficult because of how delicate the product is to install.

We have purchased a perpetual license with Oracle and only pay yearly maintenance fees, support and updates. 

The solution is very expensive for the benefits received from the product, however, the pricing we received from other vendors does not make it worthwhile to switch to another solution.

I would rate it a two out of five for pricing.

I would rate Oracle Identity Governance a 6 out of 10.

The most valuable features are the attestation of identities and the robust set of identity analytics.

The way we have designed and implemented the solution has set us up to become a shared service model. This platform allows for us to customize any solution to meet the business capabilities.

With Oracle, it's always about the learning curve and the nature of how the product is integrated. It takes tons of training and getting the right experienced people involved in order to launch the initial framework. Some of the adapters also do not work very well or have limited functionality.

We have used Oracle IdM Products for 3 years now but just started using the new R2 framework 6 months ago.

Yes, we encountered issues with determining if we wanted to use the LCM installation over manual. Once we determined that LCM was a good choice then it was a pain getting the SAN setup correctly to allow for these silent installations.

In our sandbox environment we had stability issues but only because all the components are on the same server. Once we worked out the kinks of first time R2 users, the platform seemed fairly stable.

We did not encounter issues with scalability since we architected the solution to scale out enough to handle data.

Oracle is pretty good about helping as long as you have the solution built according to their specifications. The trick with support is making sure the hand-offs are done in a timely manner since you may start with someone from a 6 time zone difference. I always get the duty manager involved with critical issues so that these gaps are addressed.

Depending on who you get, some of these folks are really sharp and there are some still learning the product.

We used Microsoft ILM and FIM to manage our identity management provisioning and used Symphony for our Access Management side. We made the switch because Oracle offered a more robust solution for us to become a shared service for Identity Management.

As with any Oracle product, it's never straightforward. We knew what goals we needed to achieve but the challenge was having numerous design sessions to cover the possibilities, risks, and impacts in order to achieve those ambitious goals.

We had a combination of both in-house and outside professional services to help. I would rate our outside expertise very well.

Too early to determine at this point in time but we have some ROI on the deployment side by shaving 6 hours per environment setup by using automated installations.

Not including licence, we had a generous project budget to set-up and replace our legacy platform. The day-to-day cost is based on 3 people we have to support it. Of course our team & infrastructure is growing so the cost will rise by nature of supporting the service.

We evaluated products such as at Microsoft, Okta, CA, and IBM. The Oracle platform was more aligned with our business road maps and meets the desired capabilities the business needs.

Get people who have performed R2 installations and designs. This is important because if it's not done right the first time then you will be spending a lot of time either fixing issues or having to re-build everything. When you have such a robust system such as this, it gives you many ways to architect solutions.

We are using the on-premise deployment model of this solution. We chose this solution because we have a lot of Oracle products and other Oracle products aren't compatible with Active Directory. 

It has a very good response time but on the other hand, we have experienced a number of bugs. It responds fast but because of the bugs, we have already had some major incidents and complete unavailability. That's why we are not happy with the current version and we decided to upgrade it. We also tried to change the architecture setup to have less of an impact when the bugs occur and to have more availability. Oracle helped us to design the new architecture. 

We didn't make concrete plans yet about when to switch because we are still working on the high availability setup path. It will be a high availability setup, each data center with an active process failover in case something blocks it.

The reason we are upgrading to the next version is because today we have stretched clusters across data centers. We experienced major problems with the cluster software and the product, which is coherence. In the next version, that part will be handled by the database. We hope that we will get rid of those stability problems because of the bugs that are in there.

I have been using this solution for the past seven years but it has been deployed at my company for longer.

It's not so stable in our environment. It might have something to do with our old network. We're replacing the network now but it's very latency-sensitive.

There are quite some setbacks and I think Oracle is very well aware of them. There is no real service level management on the contract side. When you log something, you do get priority, but in general, you need to escalate something for them to look into it. The quality of their answers are often not so splendid either. We already had some commercial discussions with them on how we could improve it, but it's so expensive that while it's not affordable for a company like ours, you can hire a technical account manager for products, which isn't something we can do. 

It is a complex product. There are not a lot of engineers with knowledge about it. That's the first problem. I think it's a general problem. We do have one consultant and one internal person just for the line support and installations. We know from experience from a consultant that worked with different customers that they all have the same problem.

We have one consultant working on this product and it's a full-time job here.

The hardware and the operating system obviously cost money. With Oracle, you have the product itself and the management product which might be expensive sometimes as well.

As a customer, it's not okay that the salespeople sell you a product that they don't tell you all the ins and outs about and you are expected to manage it. You discover all of these things afterward if you don't ask the right questions.

In the current setup, within our network, I would not rate it too high. It's maybe a six or a seven out of ten. Although, it might be related to the performance of our network.

It's a good product as such, but you need to be aware that you need some people who are having the knowledge.

Our primary use case for this solution is for internal employee user lifecycle management and the automation of access provision for target systems. This IAM solution is implemented on-premise with complete high-availability and a separate DR site.

This solution has improved the organization in several ways, including saving many help-desk password-reset calls, IT staff productivity, and quicker user on-boarding.

The features that we find most valuable are:

• Trusted reconciliation with target systems helps eliminate orphan accounts and alert administrators if unauthorized account detected.
• Segregation of duties and role mapping helps streamline organization application efficiency and access certification for higher management
• Workflow capabilities with customization help to achieve expected multi-level approvals with email/SMS alerts during access and account creation to responsible parties.

The improvements we feel are currently needed are:

• Immediate IAM product certification to new version 12c with other Oracle products such as CRM/ERP and SAP etc.
• Simplify and add more functionality to Identity Cloud Service (IDCS)

Features that we would like to see in the next release are:

• Introduce a matured Privileged Access Management solution to make the IAM stack fully compliant with any customer environment.
• Provide a solid roadmap to Oracle PAM or similar product under Oracle IAM umbrella.

Good!

Excellent!

Technical Support - Overall Good

Vendor

Rate - Excellent

Efficiency and we save a lot of time and money.

Get the right product which you can customize as per your business needs. IAM is a journey and you cannot switch products after 2-3 years; hence consider strong roadmap of the product.

Yes, CA and IBM products.

The most valuable feature of Identity Manager is its integration with other Oracle products. Specifically, its in the same stack as WebLogic and Database. This provides us a consistent set of products and tools, which is valuable for the continuity of both our IT and business operations.

We provide it as a service to the government. Identity Manager solves a very real problem that they have which is to control all identities they have in their system as well as access to those identities. So it really is essential to the entire life cycle of tracking identities, a problem that IM solves.

I'm more looking forward to seeing what they do for the new cloud services that they're rolling out, which is actually a different product, but they are offering identity as part of a cloud offering. This would be an improvement over the software offering.

The company overall has been using them for quite some time. Our project has been around for three years.

We've had no issues with deployment.

Stability seems to depend on the day of the week. Overall, it's pretty stable, but it's software so, like anything else, it has problems.

For what we've done, it's scaled. It's difficult to say what scale we're measuring against because we're not the size of a Google, but we do have several hundred thousand identities in our system. For our purposes, it's scalable.

We work with Oracle, open a service request, and they resolve it. Dealing with Oracle support is separate from the product team, and dealing with support can be very challenging a lot of times. It's very difficult to convince them and to get them to understand the problem, and then to involve the right people to solve it. Once they get the right people there to solve it, then the support is fine.

The client was using a Sun Microsystems solutions, so Oracle acquired Sun Microsystems and the client re-evaluated what solution they should use going forward, and they made the switch to Oracle.

I came in a little after they had already started, but I was there for the initial go-live. These are large, complex products, so I wouldn't say they're easy, but we have people who know what they're doing, so it wasn't a problem.

Oracle Identity Manager is not the easiest to configure nor is it the lightest weight, but again, it's all integrated together and it's a consistent set of tools.

Oracle Identity manager is the best tool in the market for access managers.

I would like to see automation in the solution. We need also integration with the Identity Manager. The solution needs to improve in the application integrations part. It also needs to focus on application deployment as well.

The tool is stable.

The solution is scalable. We have around four to five customers for the product.

The product’s technical support is not bad. They will respond immediately.

The solution’s setup is straightforward.

I would rate the overall solution an eight out of ten.

We use this solution to create and manage the user lifecycle. We are customers of Oracle. 

Password management is a valuable feature.

When Oracle released the 12c version, they deleted the  Privileged Account Manager from its security solutions. If a customer had implemented that in the previous release and wanted to update it, they could be faced with a huge problem because that product no longer exists. I think the platform could be enhanced and I found bugs in their documentation. Information relating to some connectors is incorrect. I think Oracle could simplify Access Manager.

I've been using this solution for six years. 

This is a stable platform.

The solution is scalable, we have over 500 users. 

Sometimes the support is not able to resolve our issues and they're often changing support engineers. I think there is room for improvement with the support.

Neutral

I consider the initial setup to be easy. If it's a matter of deploying two or three applications, the setup could take one or two months. For five or 10 applications, deployment could take at least six months. It all depends on the number of applications. 

We moved to this solution because of its cost. 

It's important to be aware of the identity and access management process by reading the documentation. Before implementation, it's important to prepare an environment to install the solution for an indication of how it should be installed. 

I rate this product seven out of 10. 

There are a lot of use cases. We use it to manage everything within the user interface, for example, direct access privileges.

It's a stable and scalable solution.

It's difficult to use, and we're planning to switch to another application. The administration tasks for business processes, workflows, and definitions could have been easier. There should be an easier way to do it than having a dedicated ID for all these tasks. 

The product design has some complications for doing some use cases. I would like to see easier onboarding of applications and easier ways to plugin the customization codes.

I have been using Oracle Identity Governance for about two years.

Oracle Identity Governance is a stable solution.

Oracle Identity Governance is a scalable solution. At present, we have around 10,000 users.

The initial setup is moderate. It's not very complex, but it's not very easy to do.

You need a consultant to install and deploy this solution. You also need four to five team members to maintain this solution.

The price is based on the number of users per year.

I would tell potential users that many other products are much easier to implement than this solution.

On a scale from one to ten, I would give Oracle Identity Governance a six.