The product works slowly while accessing cloud-native solutions. They should work on their ability to integrate with third-party vendors. Additionally, cloud networking features and Azure, AWS, and GCP integration are needed.
Managing Director at a consultancy with 1-10 employees
Real User
Top 20
2023-07-21T02:53:57Z
Jul 21, 2023
The product's technical support could be better. The integration project requires a lot of technical details, so we need to find it quickly and easily. There was a large community of knowledge in the past. We kept it together and got the results. The community that works around the particular technical issue is shrinking. It used to be a specialized community that would help with the process. These particular areas need improvement. Broadcom is still using a hybrid cloud model, with some workloads on-premises and some in the cloud. They must start with the cloud adoption and move as many workloads to the cloud as possible. The on-premises environment is becoming stable. They need to rebuild that cost and the software. The product's pre-sales, technical support, and installation could also improve.
Manager at a computer software company with 501-1,000 employees
Real User
Top 20
2023-04-11T21:03:11Z
Apr 11, 2023
Other products offer more features. Symantec is only on-premises, not on the cloud. There are not a lot of connectors or integrations available out of the box. It doesn't do edge cases well. The connectivity options are limited. Reporting and monitoring are not very good or well organized. It needs more approval of workflows or modification options.
There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration.
There is no preferable feature. It works well in general. The performance could be better. Sometimes there is a problem with performance. There are times that it takes too long to generate reports and to run the assessment tools to collect the information. It could be faster.
The interfaces need to be revamped. They are too antiquated. This is the biggest issue I can think of. I rate the support as a solid C. Of primary concern is that there are not too many people employed nowadays with the requisite support knowledge. Since we are talking about an increasingly antiquated product, it is likely neither easy, nor desirable, to train support staff with the requisite knowledge. The support at the moment is not very efficient. It would be nice to see a size version of the solution, a cloud version. The solution is not the best or the fastest available. The solution is rather stable, but not remarkably so, as there are certain persistent bugs which tend to be present from one version to the next. The initial setup is rather complex. While they've made efforts to improve this and there's a separate version that comes with a pre-package model, the process remains, nevertheless, complex.
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a full cloud version.
All software has room for improvement. There are some features that could be added to make it even more user-friendly. Integration capabilities with other solutions and formats, including JSON, could be improved. Integration is not easy at all.
They should easier and better integration with other software. It's hard to create custom integration rules with other software, like Oracle. This needs to be improved to give the customer an easier way to integrate.
As far as improvements, the first thing I think CA needs to do is redesign the user interface. The functionality is good but the interface itself is not that user-friendly. I think also that there are some issues with the privileges of service accounts. For working with Oracle, we need some kind of service account with administrative privileges. Access works when we give the user account administrative privilege. But in some cases, particular access needs to work for user roles that have less than administrative privileges and these users and rules need to be stored in the database. I need the ability to directly configure users and rules store on databases. Maybe it is more complicated and related to Oracle services — I do not know the database side as well. But we need to read and write on the rules table and the users tables and store that data in the database. Otherwise, the product has good performance and it is a very capable solution. I can automate a lot of processes related to provisioning users and identity management, but the controls can be even more flexible with these few changes. The deployment cannot be pushed through the management console when you define the credentials for a user that can connect to the endpoint. It would be easier for deployment if the service could look at the endpoint or data center and detect what is needed to push this deployment based on the application version or based on whatever the operating system is. Things like that can make a difference at times. If they can customize by the customer, it means that if someone upgraded their environment, the client does not have to go back and request the version of an executable for a new OS. The result is that the correct executable will be deployed by the agent.
Enterprise Solutions & Services Head at Duroob Technology
Real User
2019-09-29T12:21:00Z
Sep 29, 2019
The directory has room for improvement. Also, the dashboards and, in particular, the KPI dashboard that shows the current user’s information needs reworking. It would be ideal if they could consolidate the workflow. Right now, because everything is on a different workflow engine, seamless integration cannot happen. If the solution offers a single workflow engine and a single reporting engine for all security targets, that would be ideal.
Senior Manager at a tech services company with 501-1,000 employees
Real User
2019-09-24T05:43:00Z
Sep 24, 2019
I would like to have differential campaigns. In the next release, there should be the provisioning of your certifications. When you remove access or grant extra access to someone, it would be good to have direct provisioning to different sources.
The Symantec Identity Governance and Administration (formerly CA Identity Suite) provides comprehensive identity management and governance capabilities with a simple, intuitive user experience. This user experience can dramatically simplify processes such as user access requests and access certifications, resulting in improved productivity and user satisfaction. In addition, the Symantec Identity Governance and Administration performs risk analysis and certification and enables remediation...
The product works slowly while accessing cloud-native solutions. They should work on their ability to integrate with third-party vendors. Additionally, cloud networking features and Azure, AWS, and GCP integration are needed.
The product's technical support could be better. The integration project requires a lot of technical details, so we need to find it quickly and easily. There was a large community of knowledge in the past. We kept it together and got the results. The community that works around the particular technical issue is shrinking. It used to be a specialized community that would help with the process. These particular areas need improvement. Broadcom is still using a hybrid cloud model, with some workloads on-premises and some in the cloud. They must start with the cloud adoption and move as many workloads to the cloud as possible. The on-premises environment is becoming stable. They need to rebuild that cost and the software. The product's pre-sales, technical support, and installation could also improve.
Other products offer more features. Symantec is only on-premises, not on the cloud. There are not a lot of connectors or integrations available out of the box. It doesn't do edge cases well. The connectivity options are limited. Reporting and monitoring are not very good or well organized. It needs more approval of workflows or modification options.
There are several areas for improvement in Symantec Identity Governance and Administration. They have no proper documentation on how to do backups. They also have a lengthy workflow process where we have to make some configurations to manage automation in the rules and in our tasks which takes time. We have to manually configure all the configuration files, and we cannot export users because there's no export system in Symantec Identity Governance and Administration. What we'd like to see in the next release of the solution is for them to make configuration and integration with other systems their top priorities. We have many API systems to manage, so hopefully, if they make these enhancements shortly, we can directly connect with our API systems when using Symantec Identity Governance and Administration.
There is no preferable feature. It works well in general. The performance could be better. Sometimes there is a problem with performance. There are times that it takes too long to generate reports and to run the assessment tools to collect the information. It could be faster.
The interfaces need to be revamped. They are too antiquated. This is the biggest issue I can think of. I rate the support as a solid C. Of primary concern is that there are not too many people employed nowadays with the requisite support knowledge. Since we are talking about an increasingly antiquated product, it is likely neither easy, nor desirable, to train support staff with the requisite knowledge. The support at the moment is not very efficient. It would be nice to see a size version of the solution, a cloud version. The solution is not the best or the fastest available. The solution is rather stable, but not remarkably so, as there are certain persistent bugs which tend to be present from one version to the next. The initial setup is rather complex. While they've made efforts to improve this and there's a separate version that comes with a pre-package model, the process remains, nevertheless, complex.
They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a full cloud version.
All software has room for improvement. There are some features that could be added to make it even more user-friendly. Integration capabilities with other solutions and formats, including JSON, could be improved. Integration is not easy at all.
They should easier and better integration with other software. It's hard to create custom integration rules with other software, like Oracle. This needs to be improved to give the customer an easier way to integrate.
As far as improvements, the first thing I think CA needs to do is redesign the user interface. The functionality is good but the interface itself is not that user-friendly. I think also that there are some issues with the privileges of service accounts. For working with Oracle, we need some kind of service account with administrative privileges. Access works when we give the user account administrative privilege. But in some cases, particular access needs to work for user roles that have less than administrative privileges and these users and rules need to be stored in the database. I need the ability to directly configure users and rules store on databases. Maybe it is more complicated and related to Oracle services — I do not know the database side as well. But we need to read and write on the rules table and the users tables and store that data in the database. Otherwise, the product has good performance and it is a very capable solution. I can automate a lot of processes related to provisioning users and identity management, but the controls can be even more flexible with these few changes. The deployment cannot be pushed through the management console when you define the credentials for a user that can connect to the endpoint. It would be easier for deployment if the service could look at the endpoint or data center and detect what is needed to push this deployment based on the application version or based on whatever the operating system is. Things like that can make a difference at times. If they can customize by the customer, it means that if someone upgraded their environment, the client does not have to go back and request the version of an executable for a new OS. The result is that the correct executable will be deployed by the agent.
The directory has room for improvement. Also, the dashboards and, in particular, the KPI dashboard that shows the current user’s information needs reworking. It would be ideal if they could consolidate the workflow. Right now, because everything is on a different workflow engine, seamless integration cannot happen. If the solution offers a single workflow engine and a single reporting engine for all security targets, that would be ideal.
I would like to have differential campaigns. In the next release, there should be the provisioning of your certifications. When you remove access or grant extra access to someone, it would be good to have direct provisioning to different sources.
The product has a lot of need for improvement. Our issues are being raised back to the vendor as enhancements.