SailPoint Identity Security Cloud Reviews

We use it to automate onboarding and offboarding processes.

The basic concept is most valuable. I like how they have designed the solution. They create an Identity Cube, and then they do all the processes and configuration around the Identity Cube. 

It is too technical. You need really good technical skills in Java and other technologies, which are hard to find. If they can make it easier so that things can be done with a few clicks, it will be great.

It should also have more standard connectors. Its price should also be reduced.

I have been using this solution for more than 15 years.

It is surely stable.

It is scalable.

I have not interacted with their technical support.

Its initial setup is not straightforward. No identity management solution is straightforward.

It is a costly solution. Its cost, for sure, should be reduced.

If you want to use a non-Microsoft application, then, for sure, go with SailPoint, but if your use cases are only using Microsoft applications, then go with Microsoft.

I would rate SailPoint IdentityIQ a seven out of 10.

We primarily use the solution for regular connectors with LVAT connectors, Workday connectors, and Provision.

You can scale the solution if you need to.

The solution is stable and reliable.

The solution has plenty of places that need improvement and attention.

The connectors are far too manual. This needs to be automated a bit.

The provision is not very intuitive. The interface is not user-friendly at all. They could redesign a lot of its functionality to make it easier to use.

The initial setup could be simplified. It's difficult right now.

Implementations rarely go well.

I can't think of other features that I would like to see in a future release.

I've been using the solution for about ten years now. It's been a long time - a decade at this point.

The solution is reliable. It doesn't have bugs or glitches that affect its performance. It doesn't crash. It's stable.

You can scale the solution quite easily. That wouldn't be a problem for a company.

I have experience with NetIQ, and I prefer it to this solution.

The initial setup isn't really complex, but it is difficult. It could be simplified in many ways. Right now, it's not straightforward. Up to 80% of implementations do not go to plan.

We handled the implementation ourselves. We didn't use an integrator or reseller to assist us during the initial setup. It was all handled in-house.

Our organization does not have any business relationship with the product.

I don't believe I would recommend the solution. I'd advise other organizations to use NetIQ instead. It's a better solution, in my opinion.

I'd rate the solution five out of ten overall.

 80% of my job is handling a software spike. If the project has failed, then I'm the one coming in to help clients and doing it for them. I've noticed that 80% of all SailPoint implementations do not go well.

Access Governance has become and integral part of cyber security. It is essential to keep track of who has what access. Sailpoint IIQ simplifies this by providing an OOTB module for access certification. Administrators can create, schedule and design certification with just a few clicks.

A lot of OOTB connectors for managing various types of applications. Simplified process for application on boarding and provisioning.

Simplified Access Governance and Life Cycle Management. Easy to implement in comparison to other IAM tools.

Should have authentication modules as well

We had no issues with the deployment.

We had no issues with the stability.

There were no issues with scaling it for our needs.

The initial setup is straightforward. Easy installation and configuration.

Implement Sailpoint IIQ for Access Governance and for simplified Identity Management.

We primarily use the solution to manage the identity governance, from creating the IDs and their accesses to managing and revoking them. 

An issue needing improvement is that the solution is heavily focused on one's identity, while there has been a move to providing identity as a security service. While it provides these services, the solution can still not do the identity management for the cloud. As such, the security feature can be improved.

Essentially, it manages and helps to create all the IDs and to manage the identities and accesses. What it doesn't do is provide notice in the event of a vulnerability or offense from the security. That's where tools like CyberArk or Netskope, which are more CASB tools, come into play.

I can think of no additional features needing improvement. 

I do not personally deal with SailPoint IdentityIQ but, as a security consultant, discuss with the customer its purchase. I have been doing so for three years.

The solution is pretty stable and simple to use.

The solution is scalable. 

I have not had experience with technical support.

The installation consists of two parts, the one for coming up with the rules, for which we go to the input, the other for providing some assistance in the creation of the rules and accesses. Once that part is done, the tooling part is pretty simple.

The installation is straightforward. 

I do not recall how long it took. 

The solution can be deployed both on-cloud and on-premises?

It's pretty stable and simple to use.

I have recommended the solution to three customers who have opted for it.

I would recommend this solution to others. 

From the perspective of its performance I would rate SailPoint IdentityIQ as a nine out of ten, in light of its identity governance. 

• Certification
• Full Life Cycle management of IT system accounts

• It has, for the first time, consolidated a single view of a user's access to the company's multiple IT systems
• This has now allowed us to confidently cleanup a large proportion of accounts that could not previously have been easily identified as no longer required
• Furthermore, it has forced ownership of non-user/non-individual accounts and accountability of them

• Reporting and some GUI aspects. Reporting lacks the flexibility of retrieving the vast amount of data that we know is in the database, but not easily accessible
• Scheduling also comes short, specifically when it comes to multiple jobs that are interdependent (e.g. preventing certain groups of jobs from running concurrently)

Five years across different companies.

Yes - Some application connectors (namely Lotus Notes) - have some fundamental flaws. But the major issue was cleaning up, what we expected to be, authoritative data - specifically HR data, and users not in HR (eg. contractors, etc) and ensuring global consistency and adherence to standards.

Not of the core product, but some issues with some of the connectors (especially Lotus Notes, and ServiceNow). This has led to some issues with daily batch jobs which either time out, hang, or are terminated and this has in turn, we suspect, created some internal DB link corruptions.

Not yet. Though current nightly batch jobs range from completing within 8 hours to 48 hours, with no obvious reasons as to why

Very good.

Very good.

Yes we did. We switched because the solution no longer offered support as it was sold to Sailpoint.

It was complex. Identity and account management is very heavily dependent on the accuracy, authority, and timing of the source data. As the implementation progressed, we became aware more and more that some of the missing detail (especially around the exceptions of when a central unique Employee number is actually "central" or consistent, or the complexity of some of the attributes - e.g. whether their validity is date dependent, allowing for multiple values, etc) will cause issues in the proposed processes and the timing of providing access when required.

We used a vendor whose level of expertise was excellent.

No ROI as of yet.

It was two years give or take.

Yes - NetIQ, Oracle, and SAP.

Spend double the time/money up front in fully understanding your business requirements, opportunities for process changes. Also ensure you get a detailed understanding of identity and access business processes and understand your HR (and other authoritative) data source.

1. Very user friendly unified UI (for users and administrators)
2. An excellent out-of-the-box features (hierarchical RBAC, flexible provisioning policies, role-mining, certifications, life-cycle events, etc)
3. Modest hardware requirements
4. A large list of out-of-the-box connectors (with no additional charge)
5. Using only standard java technologies (java, beanshell, HTML, jsp, JavaScript, XML, some Apache projects)
6. Possibility to deploy the solution on different DBMS and application servers of your choice
7. Very fast implementation of the solution with custom modifications

1. The price is very high
2. The partnership program is very inflexible
3. Provisioning. This functionality sometimes require too much coding to implement some customers' requirements
4. "Ease of use." IdentityIQ has a function that can be described as duplication (this can depend on the point of view) for example, groups, population, and work-groups
5. Implement the support of organizational structure

About one year.

Yes, of course. Every time, when you implement a project for a customer you will encounter some issues.  The primary question - how quickly the vendor will help you with issues, or how strong are the programmers and engineers in your team to find a solution in-house.

No, I didn't.

No, I didn't.

Of course. In addition to SailPoint IdentityIQ I have experience in implementing MS FIM 2010, OIM 11gR2, and Oracle Waveset (Sun IDM) 8.

In my opinion this is the best product and I agree with Gartner which described it as the best product in the "Identity Governance and Administration Magic Quadrant" in 2013-2014.

I would say it's simple (compared with OIM 11gR2, but more difficult when compared with MS FIM 2010 R2).
IdentityIQ has very good documentation and you shouldn't face problems with the installation.

With an internal team. All team members have very strong experience in the IDM sphere, including working experience with other IDM vendors (Sun, Oracle, IBM).

SailPoint IdentityIQ is a very good product (in my opinion - it is the best product and it took the leading place in Gartner's Magic Quadrant two years in a row) and I can recommend it to all who are looking for a very strong IDM solution (if the price suits you).

Certification of user's access, enabling the organization to have a strict governance of what its employees are for entitled to currently.

By using this product the organization has moved from manual access governance done previously to automated governance which has a full audit trail, and this is very beneficial.

Some of the features like multi-aggregation and self healing feature in case of corrupted certificates would be pretty useful which would enable easy debugging in case of issues.

More than two years.

No, the deployment is pretty straightforward.

No, the product is pretty stable given it has sufficient clustering and HA catered for seamless 24x7 high volume access.

Yes, with a growing number of certificates there was slowness in the overall certificate generation time which I believe is corrected in the upcoming release of the solution.

7/10.

8/10.

Yes, we used Aveksa's access governance which seemed to have a lot of issues with regards to aggregation and certificate generation which prompted the switch to Sailpoint.

It was pretty straightforward, just need to follow installation documentation properly.

It was done by the in-house team.

Aveksa was compared with Sailpoint identityIQ and Sailpoint IdentityIQ fared better in terms of performance and features.

If you are looking for a product that would suit your access governance needs then perhaps Sailpoint identity IQ is a good option, but if you require automatic remediation capabilities as well then you might need to integrate it with an identity management product like OIM.

Security and administration for any new/current access.

Manage process and search information.

It improves the function for CMS - the website is a centralized system to manage accounts and access for CMS applications.

It allowed to implement the automated processes when a new employee is hired. It allows to have a main central process for new hires.

I've used it for three years now.

No, but we encountered some bugs after the implementation and they were fixed.

A few of them - they were connection and performance issues but they both have been fixed.

Yes. We needed to contact Sailpoint directly to address the issue.

It was ok.

It needs to improve SLA.

The client made the decision.

Both vendor team and in-house.

I wasn't involved in the process, but other solutions were evaluated before choosing this one.

Verify the requirements and the growth.