Oracle Identity Governance Reviews

• The automatic user management lifecycle with role-based features is great.
• It is also an application that makes it easy for on-boarding, automatic access privilege, and single sign-on with internal as well as external applications.
• It also has enough flexibility to unify the access management needs of any organization into one place.

It has allowed us to integrate multiple applications in one place. From there, we can manage all application access controls with many available features.

There were issues when we deployed it, though Oracle helped us resolve them. Also, there can be stability issues if the requirements are not all integrated appropriately.

We have been using this for the last five years.

We had issues that Oracle helped us to resolve.

No, we did not have any issues with stability, but it depends on how your system is integrated. If all requirements are integrated correctly, there should not be any issues with stability.

We have had no issues scaling it for our needs.

In our experience, I would rate customer service as a seven out of 10.

In our experience, I would rate technical support as an eight out of 10.

It brings centralized management of all the identities for the E-Business Suite; that's the central feature.

It streamlines the management of users, and it also provides compliance, in terms of the policies around maintaining identities, expiration, and so on.

It is cumbersome to deploy; there are multiple layers in terms of trying to get it to work; and they're also limited in terms of the number of products it can integrate with.

As far as deployment being cumbersome, I think it's just the nature of the product. For the version that we have, you need to have your own directory services or ID on top of that. Then you have to integrate it to Active Directory; that's another layer. Even the number of different products, packaged in terms of, "Do you want to do provisioning, or are you just looking to do authentication and authorization?"; all that mix is really difficult to configure.

It's very stable. Now, we do have it deployed with some high availability options on the back end, and we have multiple app servers, and that combination is very stable.

It scales well, because you can add more nodes. You can scale it vertically as well as horizontally.

I would give technical support an average score; it could be improved, it could be much better. I think it takes a long time to get to the issue resolution. You end up supplying the same information multiple times.

It's best to bring in a consultant who understands all the nuances, because of the difficulties with initial implementation. Once successfully deployed, is a fairly stable and easy to maintain, but that initial implementation is a high wall to scale for it to be successful.

We didn't look at other options because the Oracle product, at the time, was the only product that can fully integrate with Oracle E-Business Suite and manage those identities.

I used Identity Governance to provide clients access to different solutions. For example, one client had an Active Directory, and we offered the client access to create accounts there. There are Active Directory and Exchange accounts, and there is a database specific to this client that requires a special connector.  

In addition to the database, the client has a website where they can create accounts using their SOP protocol. Unfortunately, it's not so easy to use the standard Oracle Identity Manager Connector with SOP protocol, so we had to develop a new connector to communicate with this website and create accounts in these web services. 

The one thing that stands out was is the automatic sign-out when an employee goes on vacation. Identity Governance can monitor when an employee goes on vacation and returns. We use this feature to automatically disable all the employee's accounts when they go on vacation, and they're automatically enabled when they come back. We can also automatically delete the employee's accounts when they're dismissed. Oracle has a model that gives you precise reports. It's called Crystal, and it's similar to JasperReports, so we can derive reports from this database.

Identity Governance is a difficult tool to work with. You have to input many models to understand what is happening with the logins. The user interface is not so good. And a lot of the features we use aren't available out of the box. You have to develop a lot of the basic things yourself. It would be nice if Oracle provided these common features.   

I've been using Identity Governance for five years. 

Aside from a few bugs, Identity Governance is mostly stable.

Identity Governance can scale up. 

Oracle support is excellent. However, it varies depending on the level of support the client pays for. If you pay for a premium service license, they respond quickly.

I owned a company that implemented these solutions for various clients. Each client has a different identity manager, so we worked with three identity solutions: Oracle, NetIQ, and Computer Association.

It was challenging to implement Identity Governance. The time needed for deployment depends on the size of the client. While it's possible to get it done in three days, deployment can take up to a week. 

I rate Oracle Identity Governance six out of 10. If you're planning to use Identity Governance, you need to learn Java to fully meet your business requirements.

Our use cases are based on CIM to connect different applications. It's centralization identity for the use of the servers to give the passwords.

In the case of enterprise identity for the employee, the most important thing is the consolidation of access to the application no matter what the channel is that uses the application. It unifies the way we do authorization. 

For big companies, that is a nightmare to administrate because we have a lot of security problems. With CIM, we connect the customers to a channel to using different portals and with that approach, we can understand the behavior of the customer.

The centralization of IDs and passwords is the most valuable feature. They provide different applications to use the authorization.  

CIM is the most used feature. Customer Identity Management is a challenge that we are working on in our company and I think it's the star of the Identity Management space. With CIM we are using the same process in order to implement it to the customer.

Understanding what a customer is using, what they are looking for, and allowing permissions is a challenge. We use the information we get in order to understand the behavior of the customer beyond the security and to understand what they have been doing in the last month. It's a nice way to understand what is attracting the customer and what they are clicking. That could be implemented by using this kind of application.

Our issues with the solution have to do with the integration with different applications. It's not easy to connect ICAO to this kind of product. It would be better to work on the extensions of the adapters for this kind of identity management solution in order to not put in the code in the product.

I have the same problem every time I implement it. It's challenging to connect different applications that are not perfect or modern. It's important to connect everything. This is an area for improvement.

Synchronizing passwords between Active Directory and Oracle is very complex because the process is not so easy. I have a lot of problems.

I have been using Oracle Identity Governance for ten years. 

The stability is not a challenge. It depends on the size of the company. If we have one million users, it could be a challenge. But if you have up to 10,000 users, it's not a problem at all. 

You need to tune a lot because it's not a simple task. The product is not for everybody.I

When you get people from San Francisco, the support is okay. The problem is with the partners. In Latam, the support isn't so good. 

It could certainly be less expensive. There are a lot of components. Normal licensing is a real nightmare. Oracle should make things easier for the customer to understand.

With Oracle, you could do something for a million people but you need to make sure to do it right which isn't so easy. You need people and partners from Oracle for help. It's a good product but even good products need people to implement and maintain them especially during migration. You need senior people to help. 

I would recommend Oracle for a large implementation. 

My advice would be to solve the integration problem. Solve the way they interact when information is distributed. Properly distribute the customer's information. Understand that it is very difficult to implement. Make sure to understand the application and understand the legalities of the country that you're working in.

Most people start in the last stage. They pay a lot of money and the process could take three to four years. They pay a lot of money but don't use the product as a service. The problem is inexperience. 

I would rate Oracle Identity Governance a six out of ten. There is a lot missing. If it's not missing, it's complex. If you want to implement something, you won't end up doing it because it's too complex or expensive. 

Governance feature

• Security
• Online resources

• Security
• Mobile app

Five years.

Yes we did have issues with deployment.

Yes we did have issues with stability.

Yes we did have issues with scalability.

6/10.

5/10.

Yes, a customer used a different solution. We switched because the new solution can cover/manage most of the in-house systems/suites of apps.

Very complex due to the different sub-components.

Yes, we implemented with the help of vendor team support. Their level of expertise was about 7/10.

Short term, it was great but longer term, it became an issue.

Do a traceability and survey on what you need in the next 5 years, 10 years, etc.

The most valuable feature of Identity Manager is its integration with other Oracle products. Specifically, its in the same stack as WebLogic and Database. This provides us a consistent set of products and tools, which is valuable for the continuity of both our IT and business operations.

We provide it as a service to the government. Identity Manager solves a very real problem that they have which is to control all identities they have in their system as well as access to those identities. So it really is essential to the entire life cycle of tracking identities, a problem that IM solves.

I'm more looking forward to seeing what they do for the new cloud services that they're rolling out, which is actually a different product, but they are offering identity as part of a cloud offering. This would be an improvement over the software offering.

The company overall has been using them for quite some time. Our project has been around for three years.

We've had no issues with deployment.

Stability seems to depend on the day of the week. Overall, it's pretty stable, but it's software so, like anything else, it has problems.

For what we've done, it's scaled. It's difficult to say what scale we're measuring against because we're not the size of a Google, but we do have several hundred thousand identities in our system. For our purposes, it's scalable.

We work with Oracle, open a service request, and they resolve it. Dealing with Oracle support is separate from the product team, and dealing with support can be very challenging a lot of times. It's very difficult to convince them and to get them to understand the problem, and then to involve the right people to solve it. Once they get the right people there to solve it, then the support is fine.

The client was using a Sun Microsystems solutions, so Oracle acquired Sun Microsystems and the client re-evaluated what solution they should use going forward, and they made the switch to Oracle.

I came in a little after they had already started, but I was there for the initial go-live. These are large, complex products, so I wouldn't say they're easy, but we have people who know what they're doing, so it wasn't a problem.

Oracle Identity Manager is not the easiest to configure nor is it the lightest weight, but again, it's all integrated together and it's a consistent set of tools.

The ability to customize operations, unlike other products like Tivoli and, perhaps, NetIQ. I think Oracle Identity Manager provides a lot of flexibility to customize solutions, especially in the field of organizations, where you have X amount of applications to manage.

It basically manages the identity and lifecycle of every user in the organization. It helps provision the required accesses through policies, approvals, and whatever would be the business requirement. That's the most beneficial feature of this tool.

I would like to see more segregation managed through Oracle Identity Manager.

Yes. Every product has its drawbacks, and this one too has some stability issues. For these, either you could follow regular performance tuning, patch a bridge, or maybe use ESLs with Oracle.

It seems scalable. My client has 30,000 applications and I think a lot of them are already using this tool. I remember putting in an application where 20,000 entities needed to be onboarded and it managed itself.

My contacts with them have been very poor in terms of resolution and complication. I would not give them more than a five out of 10.

No, I did not.

It was straightforward. One or two complications. Some were resolved, some were not resolved, and some were self-resolved. So I would not say I'm entirely happy.

Not really. I did not evaluate other options.

If you have a large scale organization, then this is the right product because it gives you a lot of opportunities to do customization and custom development. These are very much required when you have a big organization with different kinds of applications; some which are outdated, some which may not get the required support in the market.

I think their latest version has actually improved this product a lot in terms of functionality, performance, and features. There are some features the new release has which our old customers were looking forward to.

OIM contributes majorly to simplifying the user management and role management capabilities of corporate users (employees, contractors, partners, and customers) from regulatory compliance requirements by enabling least privileged access.

• Provisioning workflow
• Accessing policies to automate provisioning requirements
• Identifying lifecycle management
• Identifying connector framework for unifying provisioning capabilities from OIM

This applies to the latest version of OIM support in WebLogic and WebSphere application servers only. It would be great if the Oracle Fusion Middleware team worked on making it compatible with other application servers, as it exists in OIM9.x.

No issues were found related to stability.

OIM is the right product and it is a good fit for enterprise deployments. There are no issues related to scalability, as long as it was configured as per Oracle enterprise deployment guidelines.

Customer Service:

I would give customer service a rating of six out of 10.

Technical Support:

I would give technical support a rating of six out of 10.

Depending upon requirements, it takes 10 days to three months to set up an environment.