On-Premise Identity & Access Management – Vendor + Product + Feature Matrix

Security keyboard button

As with any packaged, on-premise suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services, have remarkably similar (and therefore confusing) naming conventions.

To make matters worse, not unlike other COTS enterprise suites, the ‘cloudification’ of these products has begun and many vendors have started to offer a version of these products as a PaaS or SaaS offering. Additionally, many of these vendors also offer an IaaS type deployment of these packaged products in their on-prem form. M&S has analyzed these offerings, as well, and you can see our post on the current IDaaS space by clicking here.

To help layout the current Identity Management vendor / product landscape as we see it, we’ve put together the following matrix of products by vendors.

Click here to enlarge the table below.

Identity & Access Management – On Premise – Vendor / Product / Features Matrix – As of November 2015
Service OracleOracle IBMIBM catechComputer Associates (CA) IBMSailPoint NetIQNetIQ MicrosoftMicrosoft PingIdentityPing viewdsViewDS CourionCourion SAPSAP FischerFischer
Identity Governance
User Life CycleSelf-ServiceRequest / Role BasedProvisioning & DeprovisioningPassword Management Attestation & Compliance /Separation of Duties Oracle Identity Manager IBM Security Identity Manager
IBM Security Identity Governance and Intelligence
CA Identity Manager
CA Identity Governance
IdentityIQ NetIQ Identity Manager,
NetIQ Access Governance Suite
Microsoft Identity Manager + BHOLD Suite Access Insight,Account Courier,Password Courier SAP Identity Manager
SAP Access Control
Fischer Automated Role and Account Management, Fischer Access Termination, Fischer Password Reset and Synchronization, Fischer Password Express
Regulatory Oracle Identity Analytics IBM Security Identity Governance and Intelligence CA Identity Governance IdentityIQ NetIQ Identity Manager, NetIQ Access Governance Suite Compliance Courier,Access Insight SAP Identity Manager
SAP AccessControl
Fischer Regulatory Compliance and Access Governance
Role Management Oracle Role Manager CA Identity Governance NetIQ Access Governance Suite,NetIQ Directory and Resource Administrator Features (AD Only) Microsoft Identity Manager + BHOLD Suite RoleCourier SAP Identity Manager Fischer Automated Role and Account Management, Fischer Self Service Portal, Fischer Privileged Access Management
Service & SharedAccount Management Oracle Privileged AccountManager IBM® Security Privileged Identity Manager CA Privileged Identity Manager
CA Shared Account Manager
NetIQ Privileged UserManager Microsoft Identity Manager Fischer Automated Role and Account Management, Fischer Self Service Portal
Access Management
Access Management (Web -SSO) Oracle Access Manager IBM® Security Access Manager CA Single Sign-On NetIQ AccessManager PingAccess SAP Single Sign-On Fischer’s Federated and Web Single Sign-On solution
Access Management (Desktop) Oracle Enterprise Single Sign-On Suite,Oracle AuthenticationServices for Operating Systems IBM Security Access Manager for Enterprise Single Sign-On Microsoft Active Directory
Access Management -Federation (SAML, OAuth, etc.) Oracle Access Manager 11gR2,Oracle Identity Federation11gR1 Tivoli FederatedIdentity Manager CA Single Sign-On
CA Federation
NetIQ CloudAccess Active Directory Federation Services Ping Federate SAP Single Sign-On Fischer Ignite-Federation,In Common® Federation Enablement
Access Management – FineGrained Entitlements (XACML) Oracle Entitlement Server Tivoli Security Policy Manager ViewDS Access Sentinel
Virtualization Security /Hypervisor Security CA Privileged Identity Manager for Virtual Environments
Strong Authentication /Fraud Detection Oracle Adaptive AccessManager CA AdvancedAuthentication
( CA Risk Authentication
CA Strong Authentication )
SAP Single Sign-On
Web Services Security Oracle Web ServicesManager CA API Gateway PingAccess
Directory Services
Directory Server Oracle Internet Directory,Oracle Unified Directory,Oracle Directory ServerEnterprise Edition IBM Security Directory Server CA Directory eDirectory Active Directory, Active Directory Application Mode ViewDS Directory Server
Virtual Directory Oracle Virtual DirectoryOracle Unified Directory IBM Security Directory Integrator LDAP Proxy Virtual Directory Server
Cloud Directory Microsoft Azure Active Directory
Directory Integration& LDAP Synchronization Oracle Directory IntegrationPlatform IBM Security Directory Integrator NetIQ Directory and Resource Administrator Microsoft Identity Manager ViewDS Identity Bridge


As a management and technology consultancy, M&S Consulting has deep experience with middleware & IdM.  M&S will strive to analyze, develop and deliver an identity management vision that contains all of objectives important to an organization, in cloud, on-prem or hybrid.

All product names, logos, trademarks and images are property of their respective owners. 



Leave a Reply

Your email address will not be published. Required fields are marked *