As the world of IDaaS continues to evolve at a rapid pace, we’ve put together the latest IDaaS vendor – product – feature matrix for the largest active vendors in the IDaaS space. This information is current as of November 2016 and is put together by a combination of real world industry experiences, documentation reviews and other available information…
IBM and Oracle are of note this year for every different reasons. IBM has recently consolidated it’s platform and added many of the emerging technologies into their platforms to offer what appears on paper as the strongest offering, while Oracle has finally released it’s first IDaaS platform Identity Cloud Service in October of 2016.
Similarly, Okta, Ping, CA, SailPoint, Oracle and IBM have all significantly investigated in SCIM, including Oracle who’s recently released IDCS (Identity Cloud Service) provisioning engine is built almost entirely SCIM.
In an upcoming blog post, we will be detailing some of the upcoming trends in the ‘next-gen’ IDaaS products that have recently arrived. Two of the biggest trends we are noticing is the adaption of SCIM (System for Cross Domain Identity Management) and the real-world use of CASB (Cloud Security Access Brokers). These technologies / concepts / trends are on the opposite ends of IDaaS matrix, but will factor heavily in the future of Identity Management
To help layout the current IdAM product landscape as we see it, we’ve put together the following matrix of products by vendors.
Click here to enlarge the table.
IDaaS – Vendor / Product / Features Matrix – As of November 2016 | Oracle | IBM | Computer Associates (CA) | SailPoint | NetIQ | Microsoft | Ping | Okta | Duo | Dell |
---|---|---|---|---|---|---|---|---|---|---|
Identity Governance & Directory Services | ||||||||||
Cloud Directory -Directory Integration – LDAP Sync | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Identity Manager SaaS | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Provisioning |
Basic Cloud User Life CycleBasic Cloud Self- Service | Oracle Identity Cloud Service) | IBM Cloud Identity Services | CA Identity Manager SaaS | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Provisioning & Dell One – Access Control |
Multi-Directory / Premise Password Management | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Identity Manager SaaS | IdentityNow | Microsoft Azure Active Directory | PingOne | Okta | Dell One – Provisioning | ||
SCIM Support – Cloud to Cloud | Okta(?) | |||||||||
SCIM Support – Enterprise <-> Cloud / Hybrid Model | Oracle Identity Cloud Service (Enterprise to Cloud via Oracle Identity Manager, or other SCIM Provider) | IBM Cloud Identity Services (Enterprise to Cloud via On-Prem SCIM Provider) | CA Identity Manager SaaS (Enterprise to Cloud via CA Identity Manager On-Prem, or other SCIM Provider) | TBD | PingOne (Enterprise to Cloud via PingFederate or other SCIM Provider) | Okta (Cloud to Enterprise only) | ||||
Request and Workflow Based Approvals | IBM Cloud Identity Services | Dell One – Provisioning | ||||||||
Attestation & Compliance | IBM Cloud Identity Services | IdentityNow | Dell One – Governance | |||||||
Regulatory & Separation of Duties | Dell One – Governance | |||||||||
Role Management | IBM Cloud Identity Services | Dell One – Governance | ||||||||
RESTFul Services / Integration | Oracle Identity Cloud Service | IBM Cloud Identity Services | ||||||||
Access Management | ||||||||||
Access Management (Web – SSO) | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Single Sign-On SaaS | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Access Control |
Access Management -Federation (SAML, OAuth, etc) | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Single Sign-On SaaS | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Access Control |
Access Gateway / Portal | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Identity Manager SaaS | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Access Control |
Policy Driven Application Access | Oracle Identity Cloud Service | IBM Cloud Identity Services | CA Single Sign-On SaaS | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Access Control | |
Access Analytics / Reporting | IBM Cloud Identity Services | IdentityNow | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOne | Okta | Duo | Dell One – Access Control | ||
Multi Factor Authentication (MFA) | IBM Cloud Identity Services | CA Advanced Authentication SaaS | NetIQ CloudAccess | Microsoft Azure Active Directory | PingOnePingID | Okta | Duo | |||
Other Strong Authentication (Risk Based) / Fraud Detection | CA Advanced Authentication SaaS | PingID | Okta | Duo | ||||||
CASB (Cloud Access Security Broker) – API Mode | Palerra*** | IBM Cloud Security Enforcer | ||||||||
CASB (Cloud Access Security Broker) – Proxy Mode | Palerra*** | IBM Cloud Security Enforcer | ||||||||
* – See Pricing tiers for more info | ||||||||||
** – Coming Soon. Some features may not be delivered. | ||||||||||
*** – Recent Acquisition |
As a management and technology consultancy, M&S Consulting has deep experience with middleware & IdM. M&S will strive to analyze, develop and deliver an identity management vision that contains all of objectives important to an organization, in cloud, on-prem or hybrid.