Ping Identity Platform Reviews

I've been managing it in my company. I am more on the implementation side.

We implement the MFA feature, multifactor authentication and administrate the application.

When it comes to authentication, the focus is always on security. That means using a separate device to verify the user logging in.

On the security side, PingID adds an extra layer, contributing about 20% of the overall security. Then, authentication brings more advanced features and contributes further.

PingID excels in managing user access and profiles. That's where it integrates most deeply with the existing systems.

The most valuable feature is the two-factor authentication (2FA). 

The mobile biometric authentication option improved user experience. It's always about security because, with two-factor authentication, it's always a separate device verifying the actual user logging in.

The management console needs to be improved. PingID should revise it.

I have been using it for a year. 

I would rate the stability an eight out of ten because there had been some issues.

I would rate the scalability a seven out of ten. PingID is adapting to most challenges. 

We have small and medium businesses as our customers. 

We get support. The support engineers are good. They are quite proactive.

Positive

I would rate my experience with the initial setup a seven out of ten, with ten being easy to set up. 

The initial setup is not too complex. Deployment is really quick and typically the entire process takes two hours. 

The pricing is neither too expensive nor too cheap.

Overall, I would rate the solution an eight out of ten because there is room for improvement in terms of usability. 

In my company, we use PingFederate for federated connections and some ADC connections to arrange for single sign-on across our infrastructure and customers.

The most valuable feature of the solution is that PingFederate is very customizable since it allows its user to write in Java while using Spring, allowing for any plugin for almost any place or entity inside of it. You can modify everything, and it's a very suitable tool, more than Okta or Azure AD when you have a non-standard structure since it allows for customization and runs as a separate solution or a service.

Notifications and monitoring are two areas with shortcomings in the solution that need improvement.

I have been using PingFederate for more than five years. I use the solution's latest version. I am a customer of the solution.

I haven't faced any issues while walking with the solution. It is a stable solution. Stability-wise, I rate the solution a ten out of ten.

It's a very scalable tool because it allows those working on it to work with clusters, especially if we discuss PingFederate's horizontal scalability. One can use any number of nodes needed, but usually, two or three nodes are enough during the production phase.

For how the solution has been set up and programmed, I rate the solution's scalability a nine out of ten.

Owing to an NDA that my company has signed, I can't disclose the exact number of my company's customers who use the solution, but I can say that many use the solution, and it goes more than 50 in number.

My company does contact the solution's technical support from time to time in relation to the custom components that are due for updates. If we have built something very custom and something inside of PingFederate changes, then we contact the support team. The response from the support team is pretty quick. Mostly our company's issues related to the solution get resolved with the help of the technical team.

PingFederate provides pretty good documentation for the initial setup, but it's a large one requiring users to spend time on it.

If one is familiar with other authorization services, like Keycloak, it is possible to adopt PingFederate quickly.

The solution is deployed on the cloud, and we use the cloud services Amazon provides according to their documentation.

The deployment phase of the tool usually takes less than five minutes.

PingFederate allows us to untie our hands within our work environment, which involves many scenarios in terms of customization.

I would ask those planning to use the solution for the first time to research their infrastructure to utilize the other services in PingFederate. If they use the services of some other vendor, like Azure AD or other solutions, then it would be easier to use PingFederate since it may be less pricey.

I rate the overall solution a nine out of ten.

The only feature we were looking for in PingID was SSO integration with our existing web app. However, they have good support towards MFAs, SSO, and other authentication methods that are either already included in the current plan or made available with a minor upgrade.

PingID should put a little more effort into making a pretty self-explanatory deck about their tech features and the services they offer. I suggested this improvement directly to the sales manager, who was friendly enough to take that feedback.

PingID is a reputed solution. I was already aware of PingID because we used PingID as a solution for all our login functionalities in my previous company. When I had an opportunity to add these capabilities to my new organization, PingID was one of my first choices. It's not because I'm biased but because I already knew the solution was scalable.

The solution architect and the sales managers gave the initial support. PingID's support portal is confusing, and it took a couple of back-and-forths to get some support from the support folks. However, the account manager did help us with the support questions by putting us in touch directly with some of the engineers. I rate PingID an eight and a half out of ten for customer support.

Positive

PingID’s initial setup was pretty straightforward.

The initial deployment with POC took about a month, and the actual production deployment took about a couple of weeks, maybe around four weeks or so. About four engineers, including a tech architect, were involved in the solution's deployment.

PingID's pricing is pretty competitive.

PingID's team was pretty good. We were trying to build a solution and wanted to deploy it for only a couple of hundreds of customers. We didn't want to sign up for a 1,500 or 5,000 feet plan. PingID was pretty understanding about our needs and provided us with great plans for the smallest fee they could provide. We had good negotiations with them, and they were pretty friendly. PingID provided all the required technical support even before we signed up. The sales manager ensured he supported me throughout the process, and we signed a deal with PingID.

Overall, I rate PingID an eight and a half out of ten.

From a user perspective, if you need to get into our VPN or virtual private network, which is for remote people, there is protected data behind a vault.

And if you need access to the vault, you must use a multi-factor and PingID. Additionally, vicariously, people have to use multi-factor to get into applications. The final aim is to get into laptops and desktops, and you have to use Multi-factor to restart or unlock your PC. You have to use multi-factor. The way that we do multi-factor here is we give the users a choice of using a phone or a Ubiquiti as to something they have.

So after they type in their password and username, they're prompted for a device that they have registered, and they have their choice of a phone or a Ubiquiti, or both.

I wonder if there are multi factors in improving. It's always a deterrent to productivity, naturally. Since I've been on this journey for three years, I've seen the product improve in the sense that it's less impact on productivity. In the beginning days, we had challenges with paying, finding the network, and signing its back-end service in the cloud. However, that's been drastically improved over the years.

The other thing we did was allow users to manage their device profiles. So they can either go in and register on Ubiquiti or a phone directly with the user interface now or web interface, and they can also set their default device which they want to use. So they, like Ubiqui working with PingID, tend to be the default of choice. So they set their Ubiquiti to the default device. And then whenever MFA is prompted, they have the Ubiquiti or default device. So that was a great improvement. And the way we implemented PingID, it's the same user interface regardless if you're getting into VPN, the vault applications, or a laptop or desktop.

So it's the same user interface to manage profiles centrally on a server. Hence if they change it for one use case, they change it for another.

It's the device management portal where users can manage it themselves. So before that, they'd have to call IT support to rearrange their default device in the profile, but now they can do it themselves.

PingID is feature rich. We've prototyped some of their step-up authentications. In certain circumstances, like geofencing, they can waive the MFA requirement because they're in a trusted area that's physically secured. We've prototyped that but have not rolled anything like that out. So, the aforementioned details can be considered for future improvements and changes in the product.

I have been using the solution for over three years.

It is a stable solution.

It is a scalable solution. I've never really had problems where it's going down in one region. Well, even if it does, I don't notice it because the failover is working. 43,000 users are using the solution.

I would say the scalability is an eight or a nine.

The technical support team is good. We have some enhancement requests for them, and I think our people have a weekly call with them where they bring things up. They notify us of security vulnerabilities.

In the beginning, the initial setup was very complex. We had to ensure it was always available so there was a fail over. We had to have a mirror environment. It was complex in the early days three years ago, but it's matured quite a bit over the past three years. The solution is deployed on the cloud.

I see an ROI. It's not a revenue generator. So it's purely from a cost perspective, but on the other hand, because we protect so much of our data now through multi-factor, I don't know the statistics of how many times we've been hacked or passwords were stolen. But because we have done that, we've probably saved ourselves a lot of money in reputational damage in breach recovering from breaches.

On the technology stack we're currently using, we're exploring other technologies based on our platform and it includes many of our products. But we may explore other technologies to make it more seamless. But PingID is going to stay. We want to use something like biometrics to make it easier for shop floor workers. But if anything, I need an expansion of PingID.

It's a good, stable product, and they've served our needs very well. They've been very responsive, and the product is scalable. It's pretty robust. The desktop is customized to what we do here at GE, but they work a bit with us on it. So it's an excellent product.

I rate the overall solution a nine out of ten.

We use the product to run different reports. 

We have encountered instances where it is not easy to do authentication. 

I have been using the product for two years. 

I would rate the tool's stability a ten out of ten. 

My company has 1000 users for the product. 

My experience with the support team is good. 

The product's setup is easy if you have all the information and support. 

I would rate the product a nine out of ten. 

I use the solution to protect the application and enable the single sign-on.

Setting up the infrastructure with Ping Identity Platform is very easy compared to other IAM products. You just have to unzip the folder, and your Ping infrastructure is ready. With very limited changes, you can prepare your infrastructure with Ping Identity Platform.

PingAccess can only have one token provider, and you cannot enable two different token providers simultaneously. Nowadays, people are migrating from on-premises to the cloud and may want to run the on-premises and cloud versions simultaneously. In other words, they may want to enable two token providers at the same time. That feature is not available in PingAccess.

PingFederate has limitations with cookie size, and it does not support larger cookie sizes. We also have some concerns about the cookie size.

I have been using Ping Identity Platform for five years.

Ping Identity Platform is a stable solution.

We had a good experience with the solution's technical support team.

It is very easy to set up the infrastructure with Ping Identity Platform compared to other on-premises solutions.

I would recommend the solution to other users. Compared to other IAM products, Ping Identity Platform is a stable and easy-to-maintain product with many features that can be enabled. It is easy for a beginner to learn to use the solution if he has a basic understanding of technical skills and networking.

Overall, I rate the solution an eight out of ten.

My primary use case for PingID was multifactor authentication, then I used PingOne, which showed me the transaction, so the whole person authentication, including the errors. Based on the resulting errors, I checked the PingFederate connection mapped for the particular application and published information about the issue.

Through PingID, there was multifactor authentication. In particular, secondary authentication was enabled to secure the application and is supported in IOS, even for mobile devices.

During the PingID authentication, you need to swipe or give your fingerprint on your mobile and then get the SMS for authentication.

What I like best about PingID is that it's very user-friendly.

PingID is well-built as a developer tool and regularly upgrades and updates via patches. Sometimes, my company faces vulnerability issues, and PingID even helps through vulnerability patches.

The tool has excellent features.

I also like that PingID has clear documents that will help you integrate it with other solutions.

PingID classifies the type of environment into internal and external, with the internal environment for internal users and the external environment for external users. For example, the external users would be cabin crew members who log in using the mail ID through multifactor authentication. This is an area for improvement in PingID because you need to take additional steps so you can trust both internal and external users.

My company had to use the CIDR authentication selector as an additional step, through policy creation in the PingFederate website, with the help of trusted IP, where all people belong to a particular network, then my company needs to do some IP load balancing. My company had to configure the particular IP in the CIDR authentication selector, then only then can it classify users into internal or external.

An internal user doesn't need to do multifactor authentication, but an external user will be redirected to a request from the PingFederate console, and then, based on the user authentication method, through biometrics, the user will be authenticating from Active Directory. If the user is valid, authenticated, and the authorization is approved, the user will then be redirected to the application.

I have more than three years of experience with PingID. The last time I used PingID was six months ago. I'm now working on the PingFederate side.

Stability-wise, PingID is an eight out of ten for me. It's a very stable solution, but sometimes, failures occur that you can't control. For example, my company checked logs in Sumo Logic and had Dynatrace as a monitoring tool. If there's a failure in the software system, where everything is connected, for example, if PingFederate isn't working, Dynatrace will send a report to my company. If PingFederate or an agent isn't working, my company won't receive any logs, so it depends on the policy and infrastructure, but PingID stability is an eight for me.

The scalability of PingID purely depends on the server side and how you're going to configure it. In some cases, it would also depend on how you'll do performance tuning. How scalable PingID  is will differ from infrastructure to infrastructure. For example, I supported the easyjet.com environment which had more than ten thousand user bandwidth.

Support-wise, PingID is an eight out of ten because when my company faced a P1 incident or issue that company members couldn't resolve, my company created a P1 request. The PingID SME joined the call within thirty to forty minutes, which was the vendor's service agreement, but only for P1 issues.

For P2 issues, it takes around one hour and forty minutes; for P3 incidents, it could take eight hours; for P4, it usually takes ten hours but could reach up to twenty hours.

Positive

I used PingFederate with PingID because PingFederate can assign internal and external users and configure validation. Based on the improv setup, you can also use PingFederate for your internal environment. Still, in my company, I'm using PingFederate for the external environment, where servers run outside the company's environment.

I used CA SiteMinder in the past, which was an older tool, and I wanted to use the latest technology, so I switched to a newer tool, PingDirectory, which I installed. Now I can work on PingDirector in terms of schema rules, mapping, etc.

The initial setup for PingID is seven out of ten for me. I had to install PingFederate, have experience with PingDirectory and Apache Studio, and do everything myself, including the environment setup. I've successfully implemented the project.

PingID for mobile apps is okay, as you don't need to deploy PingID in any of the servers. Still, you need to create the connection, enabling PingFederate in a particular environment. PingFederate is not infallible, and it's the only inject site, so you inject, then run the property file, configure the admin port, cluster port, and the index number for the engine node. You need to denote how many engine nodes you must classify for the admin node on the property file, then run that file. Once the PingFederate console runs, automatic cancellation will occur, and the application will work.

The complete deployment of the PingID project didn't take more than five to six months, including the POC, development, and production.

I've implemented PingID, so it was an in-house implementation.

PingID saves you time between thirty to forty percent, so time is the ROI, at least to me.

PingID pricing is a ten out of ten because it's a little bit cheaper than other tools, such as Okta and ForgeRock, and supports multiple tools. It also has the main feature of MFA via finger swiping or SMS versus other MFA tools, where you need to wait for a few seconds to get the new code, even if you've been authenticated. The speed of transactions in PingID is also very fast because it only takes microseconds after swiping your finger. I like the tool very much.

I've evaluated other software, such as PingFederate, PingDirectory, PingAccess, and PingOne, apart from PingID.

I'm working in the identity access management domain, so I've used software such as PingFederate, PingDirectory, PingID, PingOne, and PingAccess.

PingID is deployed on the AWS service, so that's on a cloud environment.

I'm part of the engineering team, with three members working on the PingID project and five from the support team working on PingID. Within the environment I supported, twelve thousand people used PingID, particularly crew members who used the MFA feature of the solution.

The maximum number of users I've seen from PingID based on the environment I supported was up to twelve thousand.

My recommendation to anyone looking into implementing PingID is that before working with the tool or any other tool, you first need to understand it and get some basic knowledge about it. With basic knowledge, you can implement PingID. Consider why you'd implement the tool in your environment and for what purpose. How many people will benefit from using the tool? Before implementing, it would be best to compare PingID with other tools to see the features and benefits.

My rating for PingID is eight out of ten because it's a faster tool with multiple features. It also supports one of the adapters of PingFederate, the composite adapter, which allows you to enable MFA on an adapter-based setup.

My company is a PingID partner.

People use the solution to secure their applications and authenticate particular processes.

In access token management, we have to attach a certificate. In that column, I have to enable the search option to edit certificates. We can choose a drop-down to search for which certificate we have to create, which is difficult.

I have been using Ping Identity Platform for more than two and a half years.

Ping Identity Platform is a stable solution.

A lot of users from our company are using the solution globally.

The solution’s initial setup is easy.

Ping Identity Platform is not an expensive solution.

Recommending the solution to other users depends on their application. If fewer people use your application, you can set up the tool in a quality environment. You can also use Ping Identity Platform to secure your application by restricting access to a few people.

It is not easy for someone to learn to use the solution for the first time, but at the same time, it's not very difficult to learn.

Overall, I rate the solution an eight out of ten.