SailPoint Identity Security Cloud Reviews

IdentityIQ is connected to all our target systems to manage access to various applications.

IdentityIQ's best features are the hassle-free user experience and security.

There are various functions that don't work in IdentityIQ, including the access request reminder, which doesn't go to the approvals in the proper format, so it's hard for users to read. In the next release, IdentityIQ should enable emails and reports through the UI instead of the code.

I've been using IdentityIQ for two years.

IdentityIQ is very stable.

IdentityIQ is scalable manually and automatedly.

The initial setup was easy, and the implementation was completed within four months.

I would rate IdentityIQ nine out of ten because the UI is really easy for end users to understand and use.

We used it to manage our complete lifecycle completely. We migrated from CA Integrated Manager to SailPoint in my previous firm. Typical use cases include onboarding contractors, lifecycle management, and employee lifecycle management for user certification. Other use cases include password reset and any application group-level provisioning.

I like IdentityIQ's granular attachment management and certification customization features. 

I've used IdentityIQ for the last year and a half.

IdentityIQ is pretty stable compared to our previous solution, and we're satisfied with the performance.

We haven't had any issues with scalability. What we built earlier matched our requirements, so Identity IQ was scalable as per our need when we added more users or applications. We have about 100,000 users. 

We've used their engagement and peer services team since the beginning. 

It was a standard installation. It wasn't too complicated or easy. It is a typical out-of-the-box installation. We could do it all ourselves with our in-house engineering capability. We need at least one engineer for deployment and maintenance and 10 people for support. It's a multi-year project for us split into three phases. I was there for phase one and part of the second phase. The third phase is ongoing.

The price of IdentityIQ could be lower. There are additional costs when you buy the licenses, and they force the customers to pay for them. Overall, enterprise pricing should be more transparent. It's a yearly license. 

I rate IdentityIQ 7.5 out of 10. 

Enterprise application provisioning and certifications. Provisioning automatically grants access to users based on pre-qualified variables like job function, region, etc; Certification feature of IIQ allows teams to go back and validate that access is still valid, limiting access to those who need

Improved visibility into who has access to what improved ability to validate and certify enterprise access to sensitive applications, useful for measurement and forecasting.

Automated provisioning platform, certification because it helps with automatically provisioning users based on discreet roles, access profiles, across many different applications.

What used to be very complex can be simplified if implemented correctly.

Some of the configuration options could be more automated, but this is a complex problem and I do not expect a simple solution.

One to three years.

No.

No.

Excellent, they have a well supported active community of experts and support personnel.

No.

It can be a bit complex and requires training and a strong background in IT systems and some software development, but other than that it can be learned over time.

N/A.

I implement enterprise software solutions for my clients and SailPoint happens to be one of them.

Work with experience solutions experts who have worked with this tool before. Complement them with experience, and the tools needed to succeed including strong testing and development, project management and team support.

It is used on provisioning accounts, all the crude operations and enterprise resources. So an enterprise may have a different resource like SuccessFactor, Oracle or Microsoft. SailPoint IdentityIQ does the provisioning operation for all the users, which onboards it into the company enterprise. It also does the de-provisioning operations for all the users who leave the organization.

In between, it manages and maintains the accounts. Depending on the requirements, SailPoint IIQ provides a lot of functionality that can suit any enterprise's requirements.

It is simple and easy to implement.

Several resources and applications are entering the cybersecurity market, so if SailPoint IdentityIQ can provide a connector or a way to integrate all those resources, it would be good. For example, there is a connector in CyberArk, but it is not a direct connector. They go via Skim Server, and latency is experienced.

We have been using this solution for more than ten years. We are using version 8.3, and it is deployed on-premises.

It is a stable product. 

It is a scalable solution. We have more than 50 people using this solution.

The technical support is good.

The initial setup is straightforward. The deployment time depends on the customer's requirements. If we are using our maximum resources, it takes about ten days.

It is a licensed product, but I am unsure of the exact cost.

I rate this solution an eight out of ten because it is simple and easy to implement and develop. Regarding advice, it is not readily available and cannot be downloaded from the net. If they get a corporate account, they can create the account via corporate email ID only. Therefore, I would recommend focusing on implementation. In addition, choosing the latest release minus one is good because it is always a stable product because clients have already tested and implemented it in their environment. So instead of taking additional risks, it can be tested by other clients first.

SailPoint IdentityIQ is used for reporting and identity, account, and access management.

The most valuable features of SailPoint IdentityIQ are the reporting because it is better than other solutions. The workflows can be customized to our requirements and the overall features are good.

If you compare Saviynt and Okta Workforce Identity versus SailPoint IdentityIQ, SailPoint IdentityIQ needs to improve its UI.

I have been using SailPoint IdentityIQ for approximately four years.

When using SailPoint IdentityIQ you need to tell them the capacity you want, and they will provide the solution with the appropriate license. For example, you have to tell them initially that you will have 50,000 users using the solution then they will tell you how much service you will need to deploy.

The technical support is not very good but it is good. They can improve.

I have previously used Saviynt and Okta Workforce Identity.

The initial setup of SailPoint IdentityIQ is easy. The time of deployment can take approximately two days.

We did the implementation of SailPoint IdentityIQ in-house.

My advice to others is if you are new to the identity access management world, and you are starting with SailPoint IdentityIQ, you have the best tool in your hand to start with. You can receive complete exposure to all the types of operations or workflows.

I rate SailPoint IdentityIQ a nine out of ten.

The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure.

It allowed us to execute account review campaigns from very different systems.

Some setups should be done in the interface and in the code, and could be made simpler.

So far, from 2008 to 2017: 10 years.

No, the product is stable.

As long as the database is very close to the application server, the system can manage many identities and connectors to various directory.

Their technical support was very knowledgeable of their product, and we get answers within a day or so most of the time.

Most of the clients kept the solution after using SailPoint IIQ. The only one that considered not using it anymore wanted to keep his historical supplier and to have the same solution for Identity Governance and Administration and for Authentication (which is not something SailPoint provides).

Initial installation is straightforward and takes less than one day, once you have a VM, a database, and a directory available. What takes the most time is the connectivity to each authoritative source and target directory.

SailPoint IIQ is the best of best. That is reflected in the pricing of the solution. The pricing is based on the number of identities.

Many clients considered the other main IGA solutions, like Oracle Identity Manager, CA Identity Manager, Microsoft Identity Manager, or NetIQ Identity Manager.

Make sure the distance between the database and application server is very short. There is natural integration with other solutions that should be considered in your selection, like with CyberArk or ServiceNow.

We have different use cases depending on the project. For example, we use it for user management, account management, user lifecycle, certifications, reporting, SODs, and governance. We use everything that SailPoint IdentityIQ provides.

Our user lifecycle takes less time with SailPoint IdentityIQ. Previously, it would take around one day to get all the users access, and now it is an automatic process with a good authentication authorization mechanism.

When deployed on-premises, it gives us a lot of areas to customize and provides many out-of-box features. For example, it offers different out-of-box connectors where we can connect with multiple forest configurations. There are also out-of-box connectors for CyberArk, Okta, and other applications, but SailPoint IdentityIQ has more enriched out-of-box connectors than the others.

There's a lot of customization required to improve the user experience. It would also be helpful if there were some out-of-box options for filtering.

We have been using this solution for seven years. We are currently using version 8.2 or 8.3. We have also used versions 6.0, 6.1, 6.2 and 6. 3. It is deployed on-premises and on cloud.

The stability and performance are very good.

Scalability is good, but if the number of users significantly increases, it requires different web servers and becomes difficult to manage. In addition, SailPoint IdentityIQ doesn't provide any SIM tool, so we have to implement it if required. Without it, we have to work locally, going into the logs for eServers by ourselves, and there isn't a central log factory where we can see all the logs for the SailPoint IdentityIQ.

The number of users depends on the project. There are projects with millions of users and others with 100,000 or 300,000 users. Also, the number of people required for deployment depends on the number of servers and users. However, if I were to estimate, it requires an average of three people, but if the server and the UI server increase, it becomes challenging to look at the logs.

Compared to SailPoint IdentityIQ, Saviynt provides a way to select servers. From the UI, you can choose different servers and see the logs.

SailPoint IdentityIQ is being used at full capacity, and I am currently working as an architect for both Saviynt and SailPoint IdentityIQ. If I were to compare solutions, there is no comparison with SailPoint in the market right now, and SailPoint is way ahead. Solutions like Saviynt and Omada have features such as logs, clarity of the risk and SODs that are not as good in SailPoint IdentityIQ.

We have not used technical support directly, but our clients use them, and we have not heard of any problems.

We previously worked with IBM IM products like ISIM and Oracle IM, and we switched to SailPoint IdentityIQ because it is an enhancing product. SailPoint IdentityIQ is the best in feature enhancement.

It was straightforward to implement, which is an advantage with products deployed on-premises. However, there is minimal documentation around the firewall on SailPoint community sites. For example, sometimes, we want to configure SailPoint IdentityIQ for our developers in a development version, and we don't want it to connect inside a company's firewall. But that is not addressed in the architectural documents. The documentation covers areas like check configuration or DR configuration but does not mention options for different networking structures between a web server and a product and how it works. Deployment is dependent on the project. Sometimes we complete it ourselves, and other times it's done by a third party.

There is an ROI. I have worked in this domain for 12 years on different continents and have not heard of people replacing SailPoint IdentityIQ on-premise with other solutions.

I rate the price a six out of ten, with one being least expensive and ten being most expensive.

I rate this solution an eight out of ten. If deployment is done on-premises, SailPoint IdentityIQ is best, but Saviynt or Omada is better if it is cloud.

Regarding advice, SailPoint IdentityIQ is the most customizable product. However, it is good to minimize customization and use more out-of-box functionality because it becomes a hassle in the long term to manage customization in the IM product. In addition, it will be good if there is better log management in future releases.

We use it for Identity Lifecycle Management: 

• Access requests
• Provisioning
• Deprovisioning
• JCT process and reconciliation (aggregation).

It provides one solution for the entire process in a complex environment with different types of applications and connectors.

All Identity Access Management processes in the tool are valuable. 

The product has poor reporting and analytic capabilities. Reports are not easy to use and its analytic capabilities are limited.

It is a stable tool, which we run in our complex environment.