Oracle Identity Governance Reviews

It provides us with an integrated platform for all governance products. We now have the ability to have a complete end to end solution with a UI framework that makes customization an easy task.

The audit became a breeze as the entire provisioning approval process has been brought under the the gamut of OIM. All SOX audits became very easy as the entire audit information required is available from OIM system with respect to user access control.

The product suite is abundantly heavy & complex and requires a lot of simplification. I feel that this simplification is highly important. Also, the lifecycle management of the application is very very substandard and also has to be improved significantly.

I have been using this product for three years.

There were no issues with the deployment.

We had no issues with the performance.

Scalability is costly as the system resources are consumed very quickly.

It's average.

I had not used a similar product to this previously.

It is complex as the entire implementation takes a lot of efforts from the business, in partucular technology and the main implementation teams.

Although vendors are less equipped with quality implementation teams. However it is, for an initial period, advised to have an experienced implementation partner.

There were no other options looked at.

Please choose your solution carefully and plan the infrastructure with entire applications in place.

Oracle Identity Management - Pros: •Automates user identity provisioning and deprovisioning and enables organizations to manage the entire life cycle of user identities across all resources in the organization. •Oracle Delegated Administration Services: Provides trusted proxy-based administration of directory information to users and application administrators. •You can create access polices to manage users, e.g. modify, disable, delete, and unlock user accounts, passwords can also be changed for user accounts. •It can also be a means to conduct a comprehensive audit of user activities and their access privileges. •The Resource Management features, of the Administrative and User Console, enable you to manage resource objects for an organization or individual user. Managing resources includes the following activities: •Searching for and viewing the details of a resource •Disabling, enabling, and revoking a resource from users or organizations •Managing resource administrator and authorizer groups •Viewing, creating, and modifying workflows •Creating and managing IT resources •Creating and managing scheduled tasks Oracle Access Manager - Pros: •Oracle Access Manager provides Web-based identity administration and access control to web applications and resources running in heterogeneous environments. •Oracle Application Server Single Sign-On provides single sign-on access to Oracle and third-party web applications. •Oracle Enterprise Single Sign-On Suite, provides single sign-on for all applications and resources in an enterprise, without modification to the applications.

In my opinion it has no cons.Oracle Access Manager (OAM) mainly consists of two main systems 1.Oracle Identity Management 2.Oracle Access Manager Oracle Identity management enables enterprises to manage the entire life cycle of user identities across all enterprise resources, both within and beyond a firewall. An enterprise identity management solution can provide a mechanism for implementing the user management aspects of a corporate policy. Oracle Access Manager:

Access Management Oracle Access Manager stores information about configuration settings and security policies, that control access to resources in a directory server that uses Oracle Access Manager-specific object classes. You can use the same directory to store the Access System configuration settings, access policy data, and user data, or you can store this data on separate directory servers. Administrators can use the Access System to protect web resources and enterprise resources such as J2EE applications, servlets, Enterprise Java Beans (EJBs), and legacy systems. The Access System also supports both Web (HTTP) and similar types of data in non-Web (non-HTTP) resources. Using the Access System for security administration enforces your company's access security policies for Web applications and content; provides common security measures across multiple Web servers and applications; combines a centralized policy creation with decentralized management and enforcement; and enables granular control over security, across heterogeneous applications, as well as out-of-the-box integration with Oracle products, such as Oracle Portal, Oracle Collaboration Suite, and Oracle E-Business Suite.

It has more for our in-house systems like ERP, Active Directory, and Exchange and the integration of IDM with all those systems. It was very customizable. We do all our customizations in Java.

We have used this product to automate our manual business processes, like onboarding and other processes.

Everybody's been moving onto the cloud, and it's not a cloud-based solution. That is one of the things that is missing. There are competitors that are moving ahead in the market. They have some powerful connectors for cloud applications like Workday. We don’t have any feature for connecting to Workday. It should be a cloud-based solution with connections to cloud applications.

It was pretty stable. With the volume of data that we have at this point, it was stable.

We don't have large volumes of data. From a scaling point of view, we didn’t face any issues.

For a couple of issues, we reached Oracle technical support and we raised issues with them and they were very supportive.

Initial setup was not too complicated: easy to medium.

I feel the Provisioning and Reconciliation Engine as well as the Adapter Factory are most the valuable, apart from the standard features which most identity management solutions provide.

It has helped in central user management and the automation of account handling and creation for multiple systems. It has also helped in data interaction between customer and third party data, which is an integral part of any business these days.

Unfortunately while working with v9i, we had to do a lot of customizations because the product did not support much. With v11i, some of the customization has been reduced. However, the GUI is some what a bit more complicated, and it could be improved with a single GUI.

It's very poor, just 3/10.

Oracle is still very expensive, and is not generally used by SMEs.

With the new version of the products, its best left to the choice of the implementer to analyse the pros and cons of the different vendors before deciding on which product to choose.

I supported the product, and the customers using it globally. I was the technical support for it.

The most important feature is the connectors. Without the connectors, it can do nothing.

Also, auditing is a very good feature.

One of the areas that need some improvement with Oracle specifically is the ease of implementation. That is what is complicated.

The stability could be better.

I've been working with the Oracle identity management products for a very long time, and I started with Governance many years ago. It was Oracle Identity Manager then, and now it's Oracle Identity Governance. I was also managing the support team for the cloud services for IDCS.

We are using the latest version, I believe it is version 12.2.04.

I have been using them since the very beginning.

Once it is up and running it's okay, but it has many bumps.

They are always putting out fixes, but it's hard to get implemented without patching, so it's not great.

It's a scalable solution and it can easily be scaled.

The size of our customers' companies varies. 

I was the technical support.

I managed the entire team globally, along with other managers.

I was the global lead for Identity Governance.

The initial setup is complex.

It's a multi-tenant system integrated into a customer's environment. The entire process is more difficult than it needs to be. They have made improvements but it is still complex.

The number of people required for the deployment and implementation varies based on the size of the implementation. The implementations go from very small up to both wide enterprise-wide and serving external customers.

We have had customers who required a couple of people up to an entire team supporting them.

It really does depend on the size of the implementation but it does take more than a couple to manage it. It is not just the Governance, it's the setup of the app and the integration with all of the other applications with the directory. 

It requires a few people to keep it up and running.

My advice is to train the teams on identity management concepts and the Oracle solution specifically. Have them take advantage of all the training that's available, and plan the implementation in phases.

It has good features but it's complicated. I would rate Oracle Identity Governance a seven out of ten.

Oracle Identity Manager is not in production yet. We are evaluating the product. There is a very strong motivation to get it out there into production and there is a need for it. Sooner or later, we will be doing it.

We need an application to allow role-based access. That is our next phase of implementation. We need to get there. Once our current engagements are completed, that will become our number-one priority. Right now, as I’ve mentioned, we are evaluating it. Apparently, it seems like it's meeting our requirements.

My pain point was while migrating my current user base. There is a certain point during that phase of the install where, if you get past it and make a mistake, there is no possibility of going back to a point before the mistake was done. If you cross that point, you have to start all over. That was my bad experience. I had to try it over and over to understand the point of failure. I had to do an install eight or nine times to get one right. After that, after I got my first install right, I learned that they have come up with a new mode of install called the LCM, life cycle management. That was pretty impressive. With the lessons I had learned before the LCM and with the new mode of installation, the LCM, I felt the install was, meaning the release, was done really well.

I have been using it for two years now.

Stability is as good as how you manage it. If it is in the hands of a bad administrator, it is only as good as how that administrator is.

As I’ve mentioned, we are still testing the waters. We haven't gone into experimenting how good the scalability is.

A certain team, the A-Team, is fantastic, but it's extremely difficult to reach out to that team. The last time I was in touch with them was a long time ago.

For the first year, I went around and around, and it never went anywhere. We had to escalate it so we could get our access to the right folks. There was also a learning curve, both for us and for the service techs out there who were handling my case. I think they're learning better than I am, because I'm spanned out across to other projects as well. That being their number one priority, I'm hoping that they ramp up at a quicker pace, so that, for the wider user base, it becomes a point of advantage.

• Provisioning
• Single Sign On.

It has streamlined user account lifecycle management and single sign on.

I did not give it 10 out of 10 because of the time it takes for new versions to mature before they are bug free.

The product is excessively resource intensive (i.e., hardware requirements) especially in the later versions.

I have used this solution for the lasts ten years.

Some issues, such as multi data-center deployments had issues, which were resolved after working with the vendor's A team.

Customer Service:

9/10

Technical Support:

9/10

The set up is fairly complex and requires certain degree of training and/or experience.

We did the implementation in-house.

Yes we also looked at solutions from CA and IBM.

Use the previous version.

Provisioning, Reconciliation, Identity Connector Framework, Sandbox Customization, Access Request Processing, SOA Integration for Approval Processes

Licensing

4 years

Oracle documentation provides comprehensive information about everything from development to deployment. If you follow the steps correctly, you won't have any issues. In case you miss some steps, you will get a fair amount of knowledge from the diagnostic logging.

No. The product is very stable.

No. The product provides a scalable enterprise identity management solution.

There is a huge community of Oracle Identity Managers from individual blogs to Oracle forums. You will be able to solve most of the issues with the help of this community. I never needed to interact with the technical team but I am not sure about others.

I have been using Oracle Identity Manager ever since I started working. I have not tried any other products.

I would say the initial setup was not very complex. The installation, design, development and deployment are all documented very well. Initially you will need to follow each and every step and later on you will understand why all those steps were necessary.

Oracle Identity Manager is a highly flexible and scalable enterprise identity management solution that is designed to administer user access privileges across a company's resources throughout the identity management life cycle, from initial on-boarding to final de- provisioning of an identity.