Try our new research platform with insights from 80,000+ expert users
Vice President Sales at RNS
Real User
Scalable access governance system that removes manual approvals and makes teams more productive
Pros and Cons
  • "This solution has made our team more effective. We need less manual approvals when someone new joins our company. There is less paperwork and fewer support tickets raised for access."
  • "The cost of this solution is high. The technical assistance center could be improved. They're very good, but considering the intricacies of the solution, they can further improve."

What is our primary use case?

We use this solution for identity governance and to understand who has access to what and whether that access should be granted or not. We also use it for access to recertification automation which provides a complete report of who has what access in the organization at the press of a button. We are able to automate the entire process of joiners, movers, levers and the provisioning and deprovisioning of identities. 

When someone joins any organization, all their roles and access is provided at the click of a button. When they move from one department to the other, the accesses which are not required are revoked, and the ones which are necessary are provisioned. Sailpoint offers complete automation of the lifecycle of any user.

We are able to offer on-prem on cloud based deployments, depending on our customer's requirements. 

How has it helped my organization?

This solution has made our team more effective. We need less manual approvals when someone new joins our company. There is less paperwork and fewer support tickets raised for access. 

What is most valuable?

The number of integrations that they have is amazing. The flexibility of the tool is great and you can really customize a lot. The dashboards that can be created are very useful. The proactive revoking of accesses in the case of an attack is amazing.

What needs improvement?

The cost of this solution is high. The technical assistance center could be improved. They're very good, but considering the intricacies of the solution, they can further improve.

Buyer's Guide
SailPoint Identity Security Cloud
October 2024
Learn what your peers think about SailPoint Identity Security Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.

For how long have I used the solution?

We have been using this solution for six and a half years.

What do I think about the stability of the solution?

This is a stable solution. 

What do I think about the scalability of the solution?

This is a very scalable solution. A couple of million users can be scaled overnight.

How are customer service and support?

I would rate this solution's technical support a three and a half out of five. 

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup is complex due to the handling of identity and access management. If you have the expertise and if you are trained well, then it is not difficult. Deployment takes between three and twelve months.

What's my experience with pricing, setup cost, and licensing?

This is an expensive solution. I would rate it a two and a half out of five for pricing. 

What other advice do I have?

I would recommend Sailpoint to others. 

I would rate this solution a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: implementer
PeerSpot user
Implementation Engineer at a tech services company with 5,001-10,000 employees
Consultant
Useful reports, customizable workflows, and feature rich
Pros and Cons
  • "The most valuable features of SailPoint IdentityIQ are the reporting because it is better than other solutions. The workflows can be customized to our requirements and the overall features are good."
  • "If you compare Saviynt and Okta Workforce Identity versus SailPoint IdentityIQ, SailPoint IdentityIQ needs to improve its UI."

What is our primary use case?

SailPoint IdentityIQ is used for reporting and identity, account, and access management.

What is most valuable?

The most valuable features of SailPoint IdentityIQ are the reporting because it is better than other solutions. The workflows can be customized to our requirements and the overall features are good.

What needs improvement?

If you compare Saviynt and Okta Workforce Identity versus SailPoint IdentityIQ, SailPoint IdentityIQ needs to improve its UI.

For how long have I used the solution?

I have been using SailPoint IdentityIQ for approximately four years.

What do I think about the scalability of the solution?

When using SailPoint IdentityIQ you need to tell them the capacity you want, and they will provide the solution with the appropriate license. For example, you have to tell them initially that you will have 50,000 users using the solution then they will tell you how much service you will need to deploy.

How are customer service and support?

The technical support is not very good but it is good. They can improve.

Which solution did I use previously and why did I switch?

I have previously used Saviynt and Okta Workforce Identity.

How was the initial setup?

The initial setup of SailPoint IdentityIQ is easy. The time of deployment can take approximately two days.

What about the implementation team?

We did the implementation of SailPoint IdentityIQ in-house.

What other advice do I have?

My advice to others is if you are new to the identity access management world, and you are starting with SailPoint IdentityIQ, you have the best tool in your hand to start with. You can receive complete exposure to all the types of operations or workflows.

I rate SailPoint IdentityIQ a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
SailPoint Identity Security Cloud
October 2024
Learn what your peers think about SailPoint Identity Security Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
it_user715134 - PeerSpot reviewer
Information Security Architect and Senior Analyst
Real User
Customized Data Imports and Role Modeling
Pros and Cons
  • "The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure."
  • "Some setups should be done in the interface and in the code, and could be made simpler."

What is most valuable?

The level of customization for data imports and role modeling, because it helps to integrate faster, support easier and let it reuse the organization role structure.

How has it helped my organization?

It allowed us to execute account review campaigns from very different systems.

What needs improvement?

Some setups should be done in the interface and in the code, and could be made simpler.

For how long have I used the solution?

So far, from 2008 to 2017: 10 years.

What do I think about the stability of the solution?

No, the product is stable.

What do I think about the scalability of the solution?

As long as the database is very close to the application server, the system can manage many identities and connectors to various directory.

How are customer service and technical support?

Their technical support was very knowledgeable of their product, and we get answers within a day or so most of the time.

Which solution did I use previously and why did I switch?

Most of the clients kept the solution after using SailPoint IIQ. The only one that considered not using it anymore wanted to keep his historical supplier and to have the same solution for Identity Governance and Administration and for Authentication (which is not something SailPoint provides).

How was the initial setup?

Initial installation is straightforward and takes less than one day, once you have a VM, a database, and a directory available. What takes the most time is the connectivity to each authoritative source and target directory.

What's my experience with pricing, setup cost, and licensing?

SailPoint IIQ is the best of best. That is reflected in the pricing of the solution. The pricing is based on the number of identities.

Which other solutions did I evaluate?

Many clients considered the other main IGA solutions, like Oracle Identity Manager, CA Identity Manager, Microsoft Identity Manager, or NetIQ Identity Manager.

What other advice do I have?

Make sure the distance between the database and application server is very short. There is natural integration with other solutions that should be considered in your selection, like with CyberArk or ServiceNow.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user871230 - PeerSpot reviewer
it_user871230Senior Technical Recruiter at a tech vendor with 11-50 employees
Real User

Hello There,

Awesome article. Thanks for making that available. I've been using your help to build my own POC and will publish the steps in another blog soon.
Did you able to resolve this issue? I am also facing same issue.
I have followed the below steps -
1. Created 3 rules for AfterCreate/Modify/Delete
2. Mapped them in App config for NativeRules attribute
3. executed IQService-Handshake Task - This has created a .dat file in IQService directory.
4. IQ Service and AD both are in same system - windows 2008
5. IIQ Version 6.3
Now, I am trying to request access for AD, Sailpoint tutorial account getting created on AD, but the native rules are not being triggered.

Regards,
Preethi.

See all 2 comments
SushantAggarwal - PeerSpot reviewer
Architect(IAM) at a tech services company with 201-500 employees
Real User
Great user and account management and reduces our user lifecycle time
Pros and Cons
  • "SailPoint IdentityIQ has more enriched out-of-box connectors than the others."
  • "There's a lot of customization required to improve the user experience."

What is our primary use case?

We have different use cases depending on the project. For example, we use it for user management, account management, user lifecycle, certifications, reporting, SODs, and governance. We use everything that SailPoint IdentityIQ provides.

How has it helped my organization?

Our user lifecycle takes less time with SailPoint IdentityIQ. Previously, it would take around one day to get all the users access, and now it is an automatic process with a good authentication authorization mechanism.

What is most valuable?

When deployed on-premises, it gives us a lot of areas to customize and provides many out-of-box features. For example, it offers different out-of-box connectors where we can connect with multiple forest configurations. There are also out-of-box connectors for CyberArk, Okta, and other applications, but SailPoint IdentityIQ has more enriched out-of-box connectors than the others.

What needs improvement?

There's a lot of customization required to improve the user experience. It would also be helpful if there were some out-of-box options for filtering.

For how long have I used the solution?

We have been using this solution for seven years. We are currently using version 8.2 or 8.3. We have also used versions 6.0, 6.1, 6.2 and 6. 3. It is deployed on-premises and on cloud.

What do I think about the stability of the solution?

The stability and performance are very good.

What do I think about the scalability of the solution?

Scalability is good, but if the number of users significantly increases, it requires different web servers and becomes difficult to manage. In addition, SailPoint IdentityIQ doesn't provide any SIM tool, so we have to implement it if required. Without it, we have to work locally, going into the logs for eServers by ourselves, and there isn't a central log factory where we can see all the logs for the SailPoint IdentityIQ.

The number of users depends on the project. There are projects with millions of users and others with 100,000 or 300,000 users. Also, the number of people required for deployment depends on the number of servers and users. However, if I were to estimate, it requires an average of three people, but if the server and the UI server increase, it becomes challenging to look at the logs.

Compared to SailPoint IdentityIQ, Saviynt provides a way to select servers. From the UI, you can choose different servers and see the logs.

SailPoint IdentityIQ is being used at full capacity, and I am currently working as an architect for both Saviynt and SailPoint IdentityIQ. If I were to compare solutions, there is no comparison with SailPoint in the market right now, and SailPoint is way ahead. Solutions like Saviynt and Omada have features such as logs, clarity of the risk and SODs that are not as good in SailPoint IdentityIQ.

How are customer service and support?

We have not used technical support directly, but our clients use them, and we have not heard of any problems.

Which solution did I use previously and why did I switch?

We previously worked with IBM IM products like ISIM and Oracle IM, and we switched to SailPoint IdentityIQ because it is an enhancing product. SailPoint IdentityIQ is the best in feature enhancement.

How was the initial setup?

It was straightforward to implement, which is an advantage with products deployed on-premises. However, there is minimal documentation around the firewall on SailPoint community sites. For example, sometimes, we want to configure SailPoint IdentityIQ for our developers in a development version, and we don't want it to connect inside a company's firewall. But that is not addressed in the architectural documents. The documentation covers areas like check configuration or DR configuration but does not mention options for different networking structures between a web server and a product and how it works. Deployment is dependent on the project. Sometimes we complete it ourselves, and other times it's done by a third party.

What was our ROI?

There is an ROI. I have worked in this domain for 12 years on different continents and have not heard of people replacing SailPoint IdentityIQ on-premise with other solutions.

What's my experience with pricing, setup cost, and licensing?

I rate the price a six out of ten, with one being least expensive and ten being most expensive.

What other advice do I have?

I rate this solution an eight out of ten. If deployment is done on-premises, SailPoint IdentityIQ is best, but Saviynt or Omada is better if it is cloud.

Regarding advice, SailPoint IdentityIQ is the most customizable product. However, it is good to minimize customization and use more out-of-box functionality because it becomes a hassle in the long term to manage customization in the IM product. In addition, it will be good if there is better log management in future releases.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Digital Technology Leader, Risk Operations at Baker Hughes, a GE company
Real User
It is a stable tool, which we run in our complex environment
Pros and Cons
  • "It is a stable tool, which we run in our complex environment."
  • "The product has poor reporting and analytic capabilities. Reports are not easy to use and its analytic capabilities are limited."

What is our primary use case?

We use it for Identity Lifecycle Management: 

  • Access requests
  • Provisioning
  • Deprovisioning
  • JCT process and reconciliation (aggregation).

How has it helped my organization?

It provides one solution for the entire process in a complex environment with different types of applications and connectors.

What is most valuable?

All Identity Access Management processes in the tool are valuable. 

What needs improvement?

The product has poor reporting and analytic capabilities. Reports are not easy to use and its analytic capabilities are limited.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is a stable tool, which we run in our complex environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IAM Architect at a comms service provider with 11-50 employees
Reseller
Top 10
An overall good solution that can add value to medium and enterprise-sized businesses
Pros and Cons
  • "The first valuable feature of the solution is its interface. The second feature of the solution is the level of flexibility it provides."
  • "Regarding the scope for improvement in the solution, reporting is an area that can be a bit more UI-oriented."

What is our primary use case?

The solution includes all aspects of user lifecycle management, like joiners, movers and leavers, regulatory compliance, reporting and auditing. And the compliance part of the solution includes certification from time to time basis. All these are usual IEM cases. The aforementioned instances are all IAM cases.

What is most valuable?

The first valuable feature of the solution is its interface. The second feature of the solution is the level of flexibility it provides. So, it can be easily configured by a person using just a few rules and coding standards, after which that person can make anything out of the solution. SailPoint is quite an old solution in the market. So they know what new things are coming into the market along with artificial intelligence, and they have ensured that they have integrated into their solution the developments over time. Basically, SailPoint is up to date with the market standards.

What needs improvement?

Regarding the scope for improvement in the solution, reporting is an area that can be a bit more UI-oriented. Apart from that, it's a very good product, and I do not have any complaints about it.

For how long have I used the solution?

Our company works as a distributor in the Middle East region for SailPoint. So, we are not just selling the product but also selling other products. I have been working with SailPoint IdentityIQ for eight years. Presently, I am working with SailPoint IdentityIQ Version 8.3.

What do I think about the stability of the solution?

It's a totally stable and very robust product. I've never seen it going down in the last eight years. I rate the solution's stability a ten out of ten.

What do I think about the scalability of the solution?

Since it is a very scalable product, I rate the solution's scalability a ten out of ten. Our clients include small, medium, and enterprise businesses.

How are customer service and support?

Since SailPoint is a big company, it usually takes time. The company has to schedule an appointment with the people and organizations to address their issues. So, I rate the solution's technical support a seven out of ten.

How would you rate customer service and support?

Neutral

How was the initial setup?

Given a person has a background in implementing solutions, site architecture, and infrastructure, I rate the difficulty level of the current solution as an eight out of ten, with one being very difficult and ten being very easy.

The solution is deployed on the cloud, hybrid cloud and on-premises.

The basic deployment of SailPoint over user lifecycle management can depend on a client's use cases. However, for the basic setup of the system, it may take a week or so to get the solution ready with everything configured. One architecture is enough to carry out the deployment process. Also, the number of people required for maintenance depends upon the total number of use cases we have configured, so we can't categorize or quantify it.

What's my experience with pricing, setup cost, and licensing?

I rate the solution a seven on a scale where one is cheap and ten is too expensive. In short, the solution falls under the higher side of pricing. For the solution, our company has secured a perpetual license.

What other advice do I have?

I would tell those planning to use this solution that it is a very good and robust product in the market which supports almost all use cases. Also, SailPoint plans to expand to consumer identity. If one plans to proceed with this product, it will be a good decision. Additionally, it is not feasible for very small businesses, but it could be an amazing product and a good investment for the medium to large organizations. Overall, I rate the solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
it_user192285 - PeerSpot reviewer
Senior IT Consultant at a consultancy with 10,001+ employees
Real User
Development framework needs to be improved but the self-service access request feature is valuable.

What is most valuable?

  • Access risk alerts
  • Access Certification
  • Self-Service Access Request
  • Password Management

What needs improvement?

  • Development framework
  • Workflows configuration

For how long have I used the solution?

Two years.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No, the platform has been stable.

What do I think about the scalability of the solution?

Yes, I found some scalability issues:

  • Java.lang.OutOfMemoryError: Java heap space
  • Advanced searchs with 0 rows

How are customer service and technical support?

Customer Service:

7/10.

Technical Support:

8/10.

Which solution did I use previously and why did I switch?

Yes. In several customers we have switched to SailPoint IdentityIQ due to the unified architecture and intuitive centralized governance across datacenter.

How was the initial setup?

The initial setup always was straightforward with shorter implementation times and quick benefits.

What was our ROI?

We haven`t calculate the ROI. Mainly, cost savings are associated to:

  • Identifying unused or unauthorized accounts and reports them back to the appropriate business sponsor for removal and potential cost savings
  • Reduce the cost of compliance by automating access review processes

Which other solutions did I evaluate?

In several cases, the IdentityIQ deployment was due to a migration from other IAM solution (Oracle Identity Manager). Usually, before deploying an IAM solution, we do a benchmark test with the customer to get the best solution for their requirements.

What other advice do I have?

  • Phased Deployment
  • Get to know new features
  • Expand gracefully/logically
  • Create a change control & env. management process
  • Automate where possible
  • Become flexible with migrations
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Principal Consultant at UNIFY Solutions
Consultant
End-to-end Identity Management and Access Governance solution that shows why its a Market leader
Pros and Cons
  • "The solution is very good at the management of the identity lifecycle."
  • "Compared to at least one other product some of the administrative tasks could be easier or more intuitive."

What is our primary use case?

We used the product for identity and access management and access governance. The product manages the whole identity lifecycle for workplace identities.  

IdentityIQ takes care of the joiner (new accounts), the mover (transfer/role changes), and the lever (account termination), as well as looking at things like the certification phase. It covers the whole user lifecycle (Rehire) and provides market leading governance capabilities. It provides a centralised view of accounts and access for staff and helps uplift the security controls for the organisation.

How has it helped my organization?

It has improved the controls and reduced the risk of access management issues with the client organisations. While also improving efficiency around the JML processes through automation and reducing the reliance on people for some of the access provisioning requests.

What is most valuable?

The product's main features for the certification of users is the most prominent as well as the best feature. The out of the box connectors and accelerator pack are also great pieces to help improve the speed of delivery.

What needs improvement?

There is really not so much that SailPoint needs to improve. It has been in the market for a while and has well embedded as a market leader in the Identity Governance Space. We have just done an upgrade (v7-.8.1) and it was straight foward well tested and there was no major issues, we even managed to deploy to production a week ahead of schedule. We are now working with the client to leverage some of the new features and such, so there is not a lot that I can confirm that would be missing from a product that I was already happy with.  

The only thing about SailPoint that I might suggest to improve is the user interface could be improved from an administration point of view. From a request point of view we are leveraging ServiceNow and Sailpoints SNOW catalogue integration. Having had the opportunity to compare SailPoint and One Identity with past work, I personally prefer the One Identity's user interface, especially for user administration of the system. It could be simplified or somewhat more user-friendly for administrative tasks and functions.

For how long have I used the solution?

We implemented the foundational release for a customer over over 12 months ago and since then we have worked closely with them to increase its functionality

What do I think about the stability of the solution?

IdentityIQ is a stable product. We have not experienced any problems with it and have not heard of any from our clients.  

What do I think about the scalability of the solution?

The user group for this product are normally larger companies or enterprise businesses that have got full identity-governance requirements. That is the typical SailPoint customer requires more than just basic identity management automation.

As far as scalability of the product, it has got a lot of horizontal and vertical scaling opportunities that could be taken advantage, so scaling is not an issue.  

How are customer service and technical support?

Overall the technical support is relatively good, especially from a customer point of view. I think that the support is working fine for the customers and that makes it better for us in selling their products. 

There is also a wealth of information online for the product for the Sailpoint community. 

Which solution did I use previously and why did I switch?

This is a new implementation at this client they previously had no Identity governance in place

How was the initial setup?

The initial setup of the product is relatively straightforward. The complexity really depends on the customer requirements, business rules or processes that influence how difficult the implementation gets. On average, it probably takes a couple of days to install the product. But once it is installed, then you have got to have the product usable and working with other solutions and other systems. For that, it needs to be configured to have that connectivity with those other systems. That is where some of the implementation time starts to add up. To install a base active directory kind of set up takes about two weeks. 

We have configured and setup some basic functionality for a client within these tight timeframes. To do that you will need real business buy in to clear hurdles out of the way for the dependencies for the install, the infrastructure, business requirements etc.

What about the implementation team?

We are a service integrator so we help clients to do all their setup. We like to set the client up so that they are capable of doing their own maintenance with the software and system if they want to otherwise we offer a full range of support options. 

What was our ROI?

The client has had a positive reduction in the time taken to get a user on boarded and productive. There has also been a significant improvement in their access and Identity Management controls, reducing risk and closing audit items.

What's my experience with pricing, setup cost, and licensing?

There are additional modules which are licenced separately that you can get added into the licensing if you want certain additional functionality, I find this a great model to ensure you only pay for what you need. 

Which other solutions did I evaluate?

I am currently dealing with SailPoint and One Identity at the same time in making some comparisons. They are both very good products with their pros and cons. 

What other advice do I have?

The advice that I would give to people considering SailPoint is to be sure you get a good experienced service integrator to help you with the product. Somebody who has done it before knows the best ways to implement it and make the system work properly to meet your business application. They have the battle scars and can help you navigate around any potential issues

On a scale from one to ten where one is the worst and ten is the best, I would rate IdentityIQ as a nine-out-of-ten.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free SailPoint Identity Security Cloud Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free SailPoint Identity Security Cloud Report and get advice and tips from experienced pros sharing their opinions.