I am a consultant and we consult for identity and network management. We work with Symantec, which is owned by Broadcom, and also with Microsoft and Oracle. Additionally, we work with open-source solutions like Glue.
Managing Director at a tech services company with 1-10 employees
Automated provisioning and enhanced identity management but cloud compatibility needs improvement
Pros and Cons
- "The automated provisioning feature has been very key from an identity management point of view."
- "Symantec should develop a SaaS solution for cloud environments to make the solution available in various marketplaces for easy deployment."
What is our primary use case?
How has it helped my organization?
From an identity management point of view, the automated provisioning feature is a very key feature. The quick access reviews have been very beneficial to our customers, providing a consolidated view of the environment.
What is most valuable?
The automated provisioning feature has been very key from an identity management point of view. The access reviews have also been beneficial to our customers.
What needs improvement?
Symantec should develop a SaaS solution for cloud environments to make the solution available in various marketplaces for easy deployment. It should also offer bundle installation instead of one by one installation to minimize complexity. Some interfaces were not good initially but creating a portal helped improve the user experience.
Buyer's Guide
Symantec Identity Governance and Administration
November 2024
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
I have been familiar with Symantec Identity Governance and Administration since 2009. Before that, it was CA Identity Suite and prior to that, it was CMI.
What do I think about the stability of the solution?
The reporting features are robust, producing good reports and offering automation, which supports our audit processes well.
How are customer service and support?
Technical support by Broadcom is very good. I am currently dealing with them for one of our clients and they are excellent.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously worked with Oracle and Sun Microsystems back in the day. The previous identity management solutions we used were different, and we switched to Symantec because of its features.
How was the initial setup?
In the current setup, installations happen one by one, which makes it complex due to the many moving parts. A bundled solution would simplify the process.
What about the implementation team?
The solution should ensure that one knows what they are doing and understands the components they are using.
What's my experience with pricing, setup cost, and licensing?
The pricing has been very reasonable, but licensing costs vary based on the customer. It follows a user-based licensing model.
What other advice do I have?
For banking environments or companies with less complex environments, Symantec works best. It's recommended for straightforward access management systems.
I'd rate the solution seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Last updated: Oct 31, 2024
Flag as inappropriateCIO at Bank Hapoalim
Video Review
We previously had an old security system and we saw that we needed a more robust system.
What is most valuable?
We are using the IDM solution for customer identification and authorization. We just started the project about a year ago. We have already implemented IDM on our website and our mobile applications. So far it's looking good. It's an interesting question because what we are getting back from our customers, they're quite afraid of what's happening because we have actually gone down from three identifiers on our website to two. In our mobile applications, we are now enabling one identifier and we have just implemented fingerprint recognition. Our customers were calling us and asking "look we are seeing cyber attacks happening, identification being stolen all over the world. How are you actually going down and using only this parameters for identification?"
I think that the CA product enables us to do that. Get more security with lesser need of user identification.
What needs improvement?
There are actually quite a few nice things on the CA roadmap in the future. I think to have ability to enable our customers to have different roles, because we have customers that they can be a private customer, they can be part of an organization or a corporation and they need to have different roles. I think that's still something we will see in the future. We have some basic product to do that and we are starting to implement it but it will take us some time to get there.
What do I think about the stability of the solution?
It was a journey because when we started the project, we had trouble. We couldn't get the system easily installed, up and running but over the time we installed a different project from CA. Which is called Wiley [CA APM] which really enabled us to get things smooth, up and running and for the past 6 months we haven't had any defaults in the system.
What do I think about the scalability of the solution?
We started off with 10,000 customers on system, it looked good. Now we have about 1.6 million customers on the system, no problems at all.
How are customer service and technical support?
We had a technical support locally in Israel from CA but we were referred to CA Laboratories Worldwide. We had good support from them.
Which solution did I use previously and why did I switch?
Cyber security in these days is a very important issue as we all know. We had an old system, we saw that we cannot move ourselves into the digital age, the banking digital age, without a robust system that will enable us the capabilities we needed. We started looking around for a new platform quickly. We sorted out that CA's the best product for us and that is really the product we are based on to do our digital transformation in our bank.
How was the initial setup?
Since we are discussing a very vulnerable system which would actually be the front-end for our customers, at the end of the day. We had to take it really slow and we got the system up and running, co-existing with our old system. We did a lot of tests, we had, as I said before, a few customers on the system before we actually started to deploy. It took us about 8 months to get things up and running smoothly. Then we had the confidence to really migrate our customers to the new system.
Which other solutions did I evaluate?
We have long, long list of parameters that we, of course, check. It's about 5 pages of criteria and of course robustness, the ability to go forwards as a system over long years. Transforming to such a system is a very long process. We want to have a system that can be up with us for at least 10 to 15 years. We checked it quite thoroughly, we of course talked to other organizations that had the system. We think we had made a good decision.
What other advice do I have?
As it looks for now, it looks as an 8/10. I believe that it can go up to 9 and 10 in the future. I think that stability issues in the beginning of the process are a major thing. Getting the system up and running smoothly took us quite a few months. The main area would be the security area of course. Even our own employees, for example, cannot see customer data on the system. It's all encrypted so we don't see passwords, we have limited viewability of what's happening on the system in the security areas. I think that the system that's built to disable our own employees from data leak prevention aspects, almost unable entirely to take our data out of the system and share it with someone. That's a main factor having a security system in our organization.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Symantec Identity Governance and Administration
November 2024
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
Solutions Architect at MAINT
Good product with stable use cases
Pros and Cons
- "I've used it to manage users, create and update, delete users, change passwords, and assign and change rules."
- "The development process to create this connector is not as easy as I would like."
What is our primary use case?
I've used it to manage users, create and update, delete users, change passwords, and assign and change rules. Those are some of the most important cases.
How has it helped my organization?
The most valuable feature, in my opinion, is the option to deploy this solution as a virtual appliance. It's an easy and fast way to deploy the solution, and it doesn't require a lot of hardware or digital machines. Just one machine is enough.
Another valuable feature is that it is an easy way to deploy a cluster with this solution, as it's included in the options of the virtual appliance. It's not a complicated option.
What needs improvement?
The product could be improved. I think when you work with this kind of solution, you have to work with endpoints, and not always do you have the input you need. Sometimes, it's necessary to develop the connector to some kind of endpoint. The development process to create this connector is not as easy as I would like. It's sometimes a little bit complicated. This process involves code that we need to develop to get that connector.
For how long have I used the solution?
I've used Symantec for maybe four or five years.
What do I think about the stability of the solution?
The group is really stable. We don't have problems with the stability of the product. It's not complicated to upgrade or reset, restart, and deploy. And the services work well.
What do I think about the scalability of the solution?
It's a good product, and if you have to work with a lot of users, it's not complicated to get scalability with this product. It's not complicated.
How are customer service and support?
The customer service and support are good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is not complicated. It's easy, in my opinion. After that, you have to do some configuration and setup for specific use cases, and this could be a little bit complicated if these use cases are customizable. It depends on the use case. The basic use cases are not complicated; it's just the next-next-next configuration. But if you want to do some customization, this could be complicated.
What's my experience with pricing, setup cost, and licensing?
The product has a good price in competition with another product with the same solution. It's not the best, but it's a good price.
What other advice do I have?
My advice is to always have a role strategy to work with this kind of solution, no matter the brand. If you don't have an enrolled solution, it won't work.
Overall, I would rate the solution an eight out of ten because it's a good product with stable use cases, but there are some points to improve.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Consultant at Deloitte
Consolidates applications, streamlines user access, but Identity tool needs better audit reporting
Pros and Cons
- "Streamlines user access, consolidates applications."
- "The Identity tool needs to do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point."
What is our primary use case?
Managing identities at a financial services institution.
We're implementing it currently, so I have no real measure of how it's going to perform, but so far so good.
How has it helped my organization?
- Streamlines user access
- Consolidates applications
- Access in one place
What is most valuable?
User access control.
What needs improvement?
Customer reporting. One of the big things we had asked for is for the Identity tool to actually do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point.
For how long have I used the solution?
Still implementing.
What do I think about the stability of the solution?
Can't comment yet. Not up.
What do I think about the scalability of the solution?
I've used Identity Manager before for a different client. The scalability is good.
How are customer service and technical support?
Tech support is very good. We actually have a CA team onsite.
Which solution did I use previously and why did I switch?
The client is using different solutions for different things. So they have instances of a number of different tools that have the same functionalities as CA, but for different items. So yes, they did have other solutions as well.
How was the initial setup?
Most of the complexities are because of the business itself and the complexities that they have within their current infrastructure. The complexities are not really coming from CA's product.
Which other solutions did I evaluate?
I was not there when they made this selection. I'm sure they evaluated the normal ones, SailPoint, CA, Oracle.
What other advice do I have?
It's early but so far I give it a seven out of 10. Most of the issues we've had with it are coming from business complexity rather than the product itself. The support's been good from CA.
In terms of advice to a colleague who is looking for a similar solution, that's difficult because I've done SalePoint and CA. It's up to them. It's based on the organization itself, so they have to do more evaluation than what I can provide for them. I'd recommend they do their research and pick what's best for them, but I'd say we have no problems with CA's software.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Director of Engineering at a tech services company with 51-200 employees
While IDM has the capability to delegate, the process is not intuitive.
What is most valuable?
The most valuable features of this product are the following:
- Policy Xpress
Allows for the ability to build policies triggered off of events in a codeless manner. - Separation of Duty (SOD) policies
Gives the ability to create roles and/or policies with a criteria for removal or addition of a role, policy, or an entitlement based on the user’s title as an example. - Connectors
IDM has a rich set of connectors that covers traditional on premise, SAAS related, or custom resources. IDM provides the ability to create a custom connector through its Connector Xpress module. The module itself allows one to build a connector to any resource that is either LDAP or database driven. Once again this process involves no coding for the task.
How has it helped my organization?
I'm an integrator, and as a result I deploy solutions in behalf of an organization. IDM improves the organizations ability to govern the life cycle of an end user. The life cycle starts with the on-boarding of an individual to the organization, whether it’s a contractor, consultant, employee (full or part time), or a partner. The life cycle ends with the departure of the individual from the organization. Everything in between is about managing the user's access, permissions, profile, and evolution from an identity stand point. We (Mycroft) advise and implement the necessary user cases that drives the successful central management of identities for an organization. Plain and simple, IDM provides the automation that allows the IT and respective business department(s) to focus in on other pressing needs while IDM standardizes the identity practice.
What needs improvement?
The areas of this product which requires improvement are as follows:
- The User Interface (UI)
The User Interface has been improving over time and there are products such as IDMLogic Sigma that improves upon the user UI experience. - Its delegation model
While IDM has the capability to delegate, the delegation process is not intuitive or forthcoming to the clients. The delegation model is present but it’s not a straight forward model to design against.
These two areas are the ones that stand out, as I probably developed a tolerance over the years for any other if others do exist.
For how long have I used the solution?
Eight years.
What was my experience with deployment of the solution?
Yes, but deployment issues are hardly product installations, but rather retro-fitting the installation to the core principals of the organization. Anyone can install the product within a 20 minute window in an ideal scenario. Each organization has environmental complexities and business policies that at times causes issues with the deployment.
What do I think about the stability of the solution?
No issues with stability.
What do I think about the scalability of the solution?
No issues with scalability. Typically deployments are done with an assumption that an organization will grow by a certain percentage in the foreseeable future. As a result the architecture will adhere to the growth plans accordingly.
How are customer service and technical support?
Technical support has drastically improved over the years, as a result I would rate them at 7.5 and climbing.
Which solution did I use previously and why did I switch?
While I implement solutions for organizations, I witness switches for the following reasons:
- Staff are no longer knowledgeable on the solution as a result of staff turnover over time
- Product configuration has not been maintained to support needs of the business over time
- Vendor Support and direction
- Cost model
- The direction of the organization and its relationship with other vendors
How was the initial setup?
In my experience, the posture of the setup has a direct correlation to the use case mapped to the feature set and functionality. There are numerous ways to implement a solution, but the level of complexity stems from the ability to simplify the requirements and work with the business on compromises. All organizations have security and business policies that they mandate by or govern towards. As a result, the initial setup or configuration is a direct by-product of how the use case is socialized into the product. At times, some business processes should not be subjected to IDM at all. unless there are compromises to how the business flow is managed. Understanding this basic idea and product limitations go hand in hand.
What was our ROI?
The ROI on CA IDM is a result of the following 3 areas:
- Employee productivity
Faster onboarding process and provisioning. The ability for end user to perform self-service password resets and utilize an access requests system. - IT cost savings
The ability to focus less on traditional cost areas around password resets, user on-boarding, and essentially the whole user life cycle allows IT to spend on other technical areas wisely. Cost savings to IT is not only how to save but also how to re-purpose the funds to other needed areas. - Cost avoidance.
Potentially recovering from security breaches or violations and the cost to recover from them. Centralized management introduces efficiency that leads to shared resources not redundant work throughout an organization.
Disclosure: My company has a business relationship with this vendor other than being a customer: strategic partner
Delivery consultant at a computer software company with 10,001+ employees
Easy to scale, but lacks an up-to-date interface or knowledgeable support staff
Pros and Cons
- "The solution is easy to scale."
- "The solution is not the best or the fastest available."
What is our primary use case?
We use the solution for general life cycle management, account provisioning and six petition processes, the regular IGA stuff.
What is most valuable?
I feel the provisioning to be done well. The model offered is very good and customizable.
What needs improvement?
The interfaces need to be revamped. They are too antiquated. This is the biggest issue I can think of.
I rate the support as a solid C. Of primary concern is that there are not too many people employed nowadays with the requisite support knowledge. Since we are talking about an increasingly antiquated product, it is likely neither easy, nor desirable, to train support staff with the requisite knowledge. The support at the moment is not very efficient.
It would be nice to see a size version of the solution, a cloud version.
The solution is not the best or the fastest available.
The solution is rather stable, but not remarkably so, as there are certain persistent bugs which tend to be present from one version to the next.
The initial setup is rather complex. While they've made efforts to improve this and there's a separate version that comes with a pre-package model, the process remains, nevertheless, complex.
For how long have I used the solution?
We have been using Symantec Identity Governance and Administration for 10 years.
What do I think about the stability of the solution?
The solution is rather, but not remarkably, stable, as it is plagued by a number of bugs which persist from one version to the next.
What do I think about the scalability of the solution?
The solution is easy to scale. It requires a certain amount of configuration which surpasses the norm, but it takes a rather nice load.
How are customer service and technical support?
The support could be greatly improved. As the solution is becoming increasingly antiquated, there does not seem to be a capability or a desire to provide support staff with the adequate knowledge. It is inefficient. This is why I rate it a C.
How was the initial setup?
In spite of the efforts that have been made to improve the initial setup process, and the inclusion of a separate version that comes with a pre-package model, I still find it to be rather complex.
What about the implementation team?
I used to work for the vendor and this is how I acquainted myself with the deployment process.
While the deployment does not entail specific maintenance, it does a certain amount of data maintenance, as is required of any product. One must monitor his processes and ensure that everything is running smoothly. While this will, obviously, depend on the number of integrations one has, it is no different in this respect than that of a regular application, the only difference being the tendency to be more critical to the general infrastructure.
We have four or five people responsible for the maintenance.
What's my experience with pricing, setup cost, and licensing?
I do not recall the approximate prices or licensing models, although I do so that it was priced per user number. As there were certain drastic cutoffs depending on the volumes, the values had much variance.
What other advice do I have?
I am not certain of the number of users who are making use of the solution in our organization, although I believe there to be four or five when it comes to my European colleagues. Globally, there are probably more.
I would recommend this solution to others, since it gets the job done. While it may not be the best or the fastest solution, it is a work machine, so it is good enough.
I rate Symantec Identity Governance and Administration as a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Technologist at a healthcare company with 10,001+ employees
Policy writing and provisioning are easy, but should be improved
Pros and Cons
- "It has improved our user management. It is definitely streamlined."
- "Provisioning has a dependency on Windows."
How has it helped my organization?
It has improved our user management. It is definitely streamlined.
What is most valuable?
Writing policies and provisioning are easy.
What needs improvement?
Policy writing and provisioning are easy, but should be improved. Provisioning has a dependency on Windows.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
No, we have not.
What do I think about the scalability of the solution?
No, we have not.
How are customer service and technical support?
I would say they are good, but there is always room to improve.
Which solution did I use previously and why did I switch?
Yes, custom codes. It was not as reliable as CA Identity Manager.
How was the initial setup?
It was complex with lots of requirements.
What's my experience with pricing, setup cost, and licensing?
It is expensive, same as the other tools in the market.
Which other solutions did I evaluate?
I prefer Oracle Identity Manager, which is more stable.
What other advice do I have?
Get the latest version and good architecture before implementing the solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Manager at Suramericana
It has helped us to have better rules for the application and grow the business process
Pros and Cons
- "Governance."
- "We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules."
What is our primary use case?
This product is the main application for governance to identity and coordinate the application for a business process, improve the compliance certification, and have better risk management.
What is most valuable?
- Governance
- Identity
How has it helped my organization?
This product has helped us to have better rules for the application and grow the business process. We can then implement these rules in the product to have automated contracts.
What needs improvement?
We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules.
For how long have I used the solution?
Still implementing.
How is customer service and technical support?
It is too soon to rate them as we are currently working with them for our implementation.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Symantec Identity Governance and Administration Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
SailPoint Identity Security Cloud
One Identity Manager
Microsoft Identity Manager
Oracle Identity Governance
SAP Identity Management
NetIQ Identity Manager
OpenIAM Identity Governance
SecureAuth Identity Platform
NetIQ Identity Governance
AlertEnterprise Guardian
Buyer's Guide
Download our free Symantec Identity Governance and Administration Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between SailPoint and CA IDM?
- SailPoint IdentityIQ vs. CA Identity Governance
- Looking for an Identity and Access Management product for an energy and utility organization
- Which Identity and Access Management solution do you use?
- Sailpoint IdentityIQ vs Oracle identity Governance
- OpenIAM vs Ping identity
- Which is the best legacy IDM solution for SAP GRC?
- What are some tips for effective identity and access management to prevent insider data breaches?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- How to convince a client that Identity and Access Management (IdAM) is essential for risk elimination?