This product is the main application for governance to identity and coordinate the application for a business process, improve the compliance certification, and have better risk management.
Product Manager at Suramericana
It has helped us to have better rules for the application and grow the business process
Pros and Cons
- "Governance."
- "We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules."
What is our primary use case?
What is most valuable?
- Governance
- Identity
How has it helped my organization?
This product has helped us to have better rules for the application and grow the business process. We can then implement these rules in the product to have automated contracts.
What needs improvement?
We would like to see integration with analytics. Also, for them to be more efficient regarding discovering and implementing new rules.
Buyer's Guide
Symantec Identity Governance and Administration
October 2024
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
For how long have I used the solution?
Still implementing.
How are customer service and support?
It is too soon to rate them as we are currently working with them for our implementation.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of Identity and Access Management at a financial services firm with 1,001-5,000 employees
Through the centralization and automation of access management functions, we've improved our security. However, its complexity and usability are areas that could use improvement.
Pros and Cons
- "Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture)."
- "The reporting functions."
What is most valuable?
The most valuable features to us are:
- Provisioning engine (on the back-end, separate from front-end components, that's part of layered architecture);
- Access-request system (to manage on- and off-boarding of users); and
- Mobile interface (ability to manage workflows and user requests from smartphone).
How has it helped my organization?
Through the centralization and automation of access management functions, and providing a baseline for identity and security analytics, we've improved our security.
What needs improvement?
I think CA Identity Manager could improve in the following areas:
- Usability
- Stability
- It's complex
- The reporting functions
For how long have I used the solution?
I've been using it since 2011 as Identity Manager (before: CA eTrust Admin).
What was my experience with deployment of the solution?
We had multiple failures with Linux-based installers hindering deployment process on Linux platform.
No major issues with deployment on Windows.
What do I think about the stability of the solution?
Multiple issues with stability of the provisioning servers.
What do I think about the scalability of the solution?
No issues encountered.
How are customer service and technical support?
Customer Service:
7/10
Technical Support:5/10
Which solution did I use previously and why did I switch?
CA eTrust Admin 8.x had been upgraded to CA Identity Manager 12.5 SP9.
How was the initial setup?
Initial setup was complex due to multiple inter-dependencies and high diversity of infrastructure components.
What about the implementation team?
Initially implemented through the vendor team, following upgrades with an in-house team.
The level of expertise delivered by the consultancy firm was high, however it has decreased significantly in the past two years.
What's my experience with pricing, setup cost, and licensing?
Pricing and licensing models are adequate and reasonable.
Which other solutions did I evaluate?
Identity Manager solutions from Oracle, SailPoint, IBM and RSA/EMC. The products from the mentioned vendors generally seem more competitive than today’s offering from CA.
What other advice do I have?
Run PoC with as close to production deployment as possible; pay attention to TCO and ROI after including provisioning costs on support services for implementation and maintenance as well as required design of reports and business processes and UIs.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Symantec Identity Governance and Administration
October 2024
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Sr. IT Security Architect at a healthcare company with 1,001-5,000 employees
Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.
Improvements to My Organization:
We previously manually provisioned staff, but now Identity Manager allows us to do auto-provisioning. Auto-provisioning means that when there's any HR activity associated with an employee, it automatically, for example, de-provisions if the employee is fired or moves positions with different access privileges.
We used to have a manual for new hired instructing them to send and email or make a phone call. It used to take 7 days for this process, for example, if we hired a $200/hour consultant. It didn't matter from a security admin perspective because they knew the new hire was coming on board, but it took a lot of manual effort and time.
Now that we have auto-provisioning, we just define the provisioning rules for access privileges and defined, targeted endpoints.
Room for Improvement:
I'd like to see it better integrated with the other CA security products.
Deployment Issues:
We've had no issues with deployment.
Stability Issues:
We're still executing Identity Manager, so far we haven't had a very bad experience. It looks like it's good, but we still have to learn a lot about how to use the product, but so far from what we've seen, it's a prominent product.
Scalability Issues:
We scaled for fifteen targeted endpoints. We are still at six, so we are still within the scoping half of what we anticipated. So far, so good.
Initial Setup:
The initial setup was IDM v8, but we could not really upgrade to v12. I don't remember on top of my head what were the technical reasons because the product has changed quite dramatically. It's a completely different architecture and everything, but the migrations we are doing now, from one version of 12 to another is quite straightforward.
Other Advice:
Have something in your mind, like a handful of targeted endpoints. Stick with them, implement it, then extend to the others. Don't just change your scope.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Specialist at CAS Trading House
Has a simple GUI and is easy to deploy, but has no proper documentation on how to do backups, and has lengthy configurations and workflows
Pros and Cons
- "What I found most valuable in Symantec Identity Governance and Administration is its simple GUI. It's also easy to deploy compared to other products. With other products, you have to install the Windows version inside the Windows machine on all units, but with Symantec Identity Governance and Administration, it can work offline, so the solution is a little bit easier than other systems."
- "There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration."
What is our primary use case?
We use Symantec Identity Governance and Administration for user creation, division, modulation, workflow, and giving access to managers. We also use the solution for reconciliation and recertification purposes.
What is most valuable?
What I found most valuable in Symantec Identity Governance and Administration is its simple GUI. It's also easy to deploy compared to other products. With other products, you have to install the Windows version inside the Windows machine on all units, but with Symantec Identity Governance and Administration, it can work offline, so the solution is a little bit easier than other systems.
What needs improvement?
There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration.
What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration.
For how long have I used the solution?
We've been using Symantec Identity Governance and Administration since 2019, so three years now.
What do I think about the stability of the solution?
Symantec Identity Governance and Administration is a stable solution, though sometimes you'll experience an issue or a problem with it. Stability-wise and performance-wise, I would rate it three out of five.
What do I think about the scalability of the solution?
Currently, my company has a license for two thousand two hundred users, so you could scale Symantec Identity Governance and Administration, but only a few use it, probably because the solution has a lengthy process where you have to make a lot of connections in the backend, and that's taking up a little bit of time.
How are customer service and support?
Currently, the technical support for Symantec Identity Governance and Administration isn't as good as it used to be. Broadcom has introduced other support and my company also provides support to customers, but in terms of getting good support from Broadcom, my team hasn't been getting it.
The support team for Symantec Identity Governance and Administration is responsive, but there's a delay in the response.
On a scale of one to five, with five being the best and one being the worst, I'm rating support two out of five.
Which solution did I use previously and why did I switch?
We didn't use a different solution before using Symantec Identity Governance and Administration, but currently, we're searching for other solutions that have similar features to Symantec Identity Governance and Administration. We haven't found a solution with the WSO2 identity feature. We didn't find a better product. We're trying to look for a new solution because Symantec Identity Governance and Administration has a lengthy configuration. Deploying the solution and configuring rules on it is lengthy as well. We have to do all these manually, which customers don't want, so we're planning on replacing Symantec Identity Governance and Administration.
How was the initial setup?
The initial setup for Symantec Identity Governance and Administration was very easy. It took around thirty minutes to be fully deployed. Setting up the solution was quite simple, but configuring it was a little bit lengthy.
On a scale of one to five, with one being the worst and five being the best, I would rate the setup for Symantec Identity Governance and Administration four out of five.
What about the implementation team?
In my company, I did the deployment of Symantec Identity Governance and Administration myself. My company also supports customers in terms of deploying the solution, but via vendors.
What's my experience with pricing, setup cost, and licensing?
I'm not aware of the licensing cost for Symantec Identity Governance and Administration because I'm part of the technical team, not the sales team.
What other advice do I have?
In my company, Symantec Identity Governance and Administration is deployed on-premises, but planning to deploy it on the cloud, though it hasn't been decided yet. I still need to learn how to use the cloud version of the solution.
Symantec Identity Governance and Administration doesn't require that much maintenance, and maintaining it is an easy process.
My company has between fifty to one hundred users of the solution.
I would recommend Symantec Identity Governance and Administration to others because it's a good product, particularly if you're okay with limited features. It also has a straightforward installation. The product is good enough to be used in a smaller environment, but if you want to automate more processes, then Symantec Identity Governance and Administration won't be as good. It utilizes the CPU and there could be some issues with a higher degree of automation.
I'm rating Symantec Identity Governance and Administration six out of ten.
My company has no partnership with Symantec Identity Governance and Administration.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Managing Director, Application Development
Video Review
We implemented CA Identity Manager to allow us to automate the self service reset of passwords.
What is most valuable?
One of the primary features we use is the password reset. The challenge we had was that our helpdesk had to manually reset customers in the field and reset their passwords one at a time, so we implemented CA Identity Manager to allow us to automate this self service reset of passwords.
How has it helped my organization?
One of the biggest benefits is the reduction of calls to the help desk. We reduced by a third our calls for password resets because users of the system could then reset themselves using the challenge questions and you know, people forget passwords it's an easy function. That was a huge benefit.
What needs improvement?
We are actually looking at something to make it easier from a user front end. The helpdesk does a lot of work today, so we're looking at another product from CA. I think it's called the Identity Suite.
Make the maintenance and the updates easier. As well as a more intuitive interface.
What do I think about the stability of the solution?
It's been very solid. We went live a year ago, so almost 18 months and it's been rock solid.
What do I think about the scalability of the solution?
It's been very good. We have above 40,000 users on that platform and we never have any issues.
How are customer service and technical support?
We haven't had any issues that required us to go to technical support, so it's really been very good.
Which solution did I use previously and why did I switch?
We were using a product from Oracle - OID. Primarily it was all home grown, we had to build the backend database, we did some interactions, so it was really a custom solution and it wasn't as scalable, and it didn't have the security features. Rather than invest our development effort into creating security components, partnering with somebody made more sense.
How was the initial setup?
Converting from our old system took a little bit of work. We had a lot of old database access accounts that we had to move over, again, 40,000 or 45,000 but once we took care of that it was pretty painless.
Which other solutions did I evaluate?
We compared a couple of other vendors. Some of the newer ones are cloud-based, we weren't comfortable with that yet.
What other advice do I have?
The most important criteria when selecting a vendor is stability, the quality of their product, price is always a factor; to make sure you can afford it. We looked at what we had, switching to a new product then we compared it with several other vendors. We typically would go through a matrix and say, "Okay, here are all the items that we feel are important," so when we make that decision you can go back and say this is why and how we made it.
Rating: I'd say probably 8/10. Again, we haven't had any issues from a support perspective, once we've implemented it it's been very solid, people love it and we've saved a lot of money and time from the help desk perspective, so it's been a good investment. I'm really hard on numbers, so 9 or 10 is like impossible.
With security, you have to have a culture of security, and protecting the accounts and passwords and access has to be number one, given every time you see a breach in the news, it's because somebody is not taking care of security. It's top of mine.
It's [CA Identity Manager] done exactly what we want it to. We've actually branched out and done some additional federation logs and stuff like that. Because of the success we've also looked at some other products like CA Advanced Authentication from a external consumer standpoint. It's been a good partnership with CA.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
SiteMinder Engineer at a government with 501-1,000 employees
User record, self-service features, and user rules and entitlements help us manage our users, although the only issue we have is related to the Microsoft integration.
What is most valuable?
I use the user record (a permanently stored data element), self-service features (access requests, application access, remove/change users), and the rules and entitlements for users.
How has it helped my organization?
These features really help our organization because they are the best features available for managing users.
What needs improvement?
The only issue we have is that sometimes we have an issue related to the Microsoft integration. That impacts Identity Manager's performance, and it's something we need.
For how long have I used the solution?
I've been using it for four years.
What was my experience with deployment of the solution?
No issues with deployment.
What do I think about the stability of the solution?
Most of the time, because we do a lot of testing, it seems to be in good shape, and as far as I can see there's no problem at all with stability.
What do I think about the scalability of the solution?
We have issues with scalability, and it has taken time due to the requirement of extra memory and more CPU.
How are customer service and technical support?
Very well, as I have been working with these people for a while. I have never had any issues with the technical support. They support us 24/7 and are really good.
Which solution did I use previously and why did I switch?
The initial set up was complex because we had a lot of documentation. We had to look at our system first and see the platform with other products. It takes a while to build and for it to work with our sandbox, but eventually it was fine. Although it did take time initially, after that it was a cake walk.
How was the initial setup?
It was all done in-house, but again the technical support was there when required.
Which other solutions did I evaluate?
We saw other options in the market, but the technical support of CA made the difference. This is why we chose the product. If the system is down, someone could help us and this was an important factor.
What other advice do I have?
I don't see any issues with CA, and everyone in the business is happy with CA and their support. Everything is good.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Senior Infrastructure Engineer with 10,001+ employees
The GUI provides user-account centralization and auto-maintenance of accounts on different end points, yet the GUI is more complicated than it needs to be.
What is most valuable?
The product is easy to install, setup and configure. For me the ease of installation and configuration was most valuable as my experience with earlier Oracle Identity Manager products was slightly tedious. Things might be different now with Oracle products though. Also, CA provided a long list of standard connectors which did not require too much of customization and it suited well with the customer.
How has it helped my organization?
For the customer, the product provided an easy to use GUI for user-account centralization and auto-maintenance of accounts on different end points (target systems). Much of the manual tasks such as sending mails for approval and requests were reduced greatly. The amount of helpdesk calls were greatly reduced due to self-service tasks provided by the product.
What needs improvement?
With the new age products such as Dell, Forgerock, and Ping, and the change in demands of the customer, CA needs to do a lot more. For example, Dell IM provides built-in features with governance in mind, although they also provide a separate product called IM with governance edition.
The GUI in CA is more complicated where a user might have to drill down more into the menu to find the real form. Also, during configuration for a new person it's a tough deal to drill into the menus to find the place to actually setup.
CA came up with SIGMA to be better on GUI and scalability, but it had a lot of issues and poor scalability in both versions. I lost one bid purely based more on the poorer GUI provided by CA, and due to the fact that SIGMA did not provide things which were asked by the customer and did not provide scope of much customization either, so I did not understand the use of the product. I am not aware if SIGMA is officially launched now or not.
For how long have I used the solution?
I've used it for around three years.
What was my experience with deployment of the solution?
Migrating and comparing objects using the add-on tool Config Xpress has its own challenges, we had some issues when we connected the two development and production environments and tried comparing. We used it the other way, i.e exporting the environment XML files which was indeed time consuming.
What do I think about the stability of the solution?
Overall, it's quite a stable product.
How are customer service and technical support?
I would 3.5/5 as it was good, but with some slight delay.
Which solution did I use previously and why did I switch?
I have used Oracle's product, and am currently also using Dell. My previous customer moved from Oracle to CA purely due to cost factor. With a simple requirement, I would still use CA, but with newer customer demands. CA has to come up with new features which other vendors provide and tune up the GUI.
How was the initial setup?
It's a very straightforward process, very easy to use.
What about the implementation team?
I have implemented it both with a vendor team and an in-house one as well. Implementation is straightforward, you just need to read the manuals provided by CA which says it all from installation and configuration to tuning.
What's my experience with pricing, setup cost, and licensing?
I haven't actually dealt with the licensing costs etc. but i know it's cheaper than Oracle, but more expensive than Dell/Microsoft/Forgerock.
What other advice do I have?
As with all products, this has its pros and cons please do a study of other products based on your requirements before deciding on a product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Snr Application Analyst at Rogers Communication
Fast, stable solution with which we can provision all of our employees.
What is most valuable?
The valuable features are the speed and the ability to provision all of our employees. I like the usability as well.
What needs improvement?
I'm happy with the features that are in the current release.
We have IDM integrated with Provisioning, SiteMinder, and CA Directory as our IAM solution. When we embark on an upgrade initiative for one of these components we quickly find that newer versions of IDM are not supported with the other exisiting components. This results in a much larger project to upgrade SiteMinder, IDM, Provisioning, Directory, and the OS which results in Senior management abandoning our upgrade project. I would like to see IDM supported with a larger version footprint in relation to the other required components in our IAM application framework.
What do I think about the stability of the solution?
The provisioning perspective is very stable. In terms of identity management, the logic is good, but performance could be better.
What do I think about the scalability of the solution?
The tool is not scalable. That is not a limitation from a CA software perspective. The lack of scalability is more a result of how we originally set up the product.
How is customer service and technical support?
We have used technical support. Overall, we find it very good. For Identity Manager, it is hard to get the right support agent.
How was the initial setup?
I was involved in the installation and it was complex. We were coming from a very old version and we had to upgrade. There was a lot of data migration.
What other advice do I have?
I have many colleagues from different companies and we all tend to lean towards CA products. We are accustomed to using CA.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Symantec Identity Governance and Administration Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
Cisco Identity Services Engine (ISE)
CyberArk Privileged Access Manager
SailPoint Identity Security Cloud
One Identity Manager
Microsoft Identity Manager
BeyondTrust Endpoint Privilege Management
One Identity Active Roles
Oracle Identity Governance
SAP Identity Management
NetIQ Identity Manager
Delinea Privileged Access Service
Buyer's Guide
Download our free Symantec Identity Governance and Administration Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What Is The Biggest Difference Between SailPoint and CA IDM?
- SailPoint IdentityIQ vs. CA Identity Governance
- Looking for an Identity and Access Management product for an energy and utility organization
- Which Identity and Access Management solution do you use?
- Sailpoint IdentityIQ vs Oracle identity Governance
- OpenIAM vs Ping identity
- Which is the best legacy IDM solution for SAP GRC?
- What are some tips for effective identity and access management to prevent insider data breaches?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- How to convince a client that Identity and Access Management (IdAM) is essential for risk elimination?