As with any packaged, on-premises suite, finding the best Identity Management products for your enterprise is a not a trivial task. This is especially true when different products from different vendors, that accomplish different objectives or services, have remarkably similar (and therefore confusing) naming conventions.
To make matters worse, not unlike other COTS enterprise suites, the ‘cloudification’ of these products has begun and many vendors have started to offer a version of these products as a PaaS or SaaS offering. Additionally, many of these vendors also offer an IaaS type deployment of these packaged products in their on-prem form. M&S has analyzed these offerings, as well, and you can see our post on the current IDaaS space by clicking here.
To help layout the current Identity Management vendor / product landscape as we see it, we’ve put together the following matrix of products by vendors.
|Identity & Access Management – On Premises – Vendor / Product / Features Matrix – As of November 2015|
|Service||Oracle||IBM||Computer Associates (CA)||SailPoint||NetIQ||Microsoft||Ping||ViewDS||Courion||SAP||Fischer|
|User Life CycleSelf-ServiceRequest / Role BasedProvisioning & DeprovisioningPassword Management Attestation & Compliance /Separation of Duties||Oracle Identity Manager||IBM Security Identity Manager
IBM Security Identity Governance and Intelligence
|CA Identity Manager
CA Identity Governance
|IdentityIQ||NetIQ Identity Manager,
NetIQ Access Governance Suite
|Microsoft Identity Manager + BHOLD Suite||Access Insight,Account Courier,Password Courier||SAP Identity Manager
SAP Access Control
|Fischer Automated Role and Account Management, Fischer Access Termination, Fischer Password Reset and Synchronization, Fischer Password Express|
|Regulatory||Oracle Identity Analytics||IBM Security Identity Governance and Intelligence||CA Identity Governance||IdentityIQ||NetIQ Identity Manager, NetIQ Access Governance Suite||Compliance Courier,Access Insight||SAP Identity Manager
|Fischer Regulatory Compliance and Access Governance|
|Role Management||Oracle Role Manager||CA Identity Governance||NetIQ Access Governance Suite,NetIQ Directory and Resource Administrator Features (AD Only)||Microsoft Identity Manager + BHOLD Suite||RoleCourier||SAP Identity Manager||Fischer Automated Role and Account Management, Fischer Self Service Portal, Fischer Privileged Access Management|
|Service & SharedAccount Management||Oracle Privileged AccountManager||IBM® Security Privileged Identity Manager||CA Privileged Identity Manager
CA Shared Account Manager
|NetIQ Privileged UserManager||Microsoft Identity Manager||Fischer Automated Role and Account Management, Fischer Self Service Portal|
|Access Management (Web -SSO)||Oracle Access Manager||IBM® Security Access Manager||CA Single Sign-On||NetIQ AccessManager||PingAccess||SAP Single Sign-On||Fischer’s Federated and Web Single Sign-On solution|
|Access Management (Desktop)||Oracle Enterprise Single Sign-On Suite,Oracle AuthenticationServices for Operating Systems||IBM Security Access Manager for Enterprise Single Sign-On||Microsoft Active Directory|
|Access Management -Federation (SAML, OAuth, etc.)||Oracle Access Manager 11gR2,Oracle Identity Federation11gR1||Tivoli FederatedIdentity Manager||CA Single Sign-On
|NetIQ CloudAccess||Active Directory Federation Services||Ping Federate||SAP Single Sign-On||Fischer Ignite-Federation,In Common® Federation Enablement|
|Access Management – FineGrained Entitlements (XACML)||Oracle Entitlement Server||Tivoli Security Policy Manager||ViewDS Access Sentinel|
|Virtualization Security /Hypervisor Security||CA Privileged Identity Manager for Virtual Environments|
|Strong Authentication /Fraud Detection||Oracle Adaptive AccessManager||CA AdvancedAuthentication
( CA Risk Authentication
CA Strong Authentication )
|SAP Single Sign-On|
|Web Services Security||Oracle Web ServicesManager||CA API Gateway||PingAccess|
|Directory Server||Oracle Internet Directory,Oracle Unified Directory,Oracle Directory ServerEnterprise Edition||IBM Security Directory Server||CA Directory||eDirectory||Active Directory, Active Directory Application Mode||ViewDS Directory Server|
|Virtual Directory||Oracle Virtual DirectoryOracle Unified Directory||IBM Security Directory Integrator||LDAP Proxy||Virtual Directory Server|
|Cloud Directory||Microsoft Azure Active Directory|
|Directory Integration& LDAP Synchronization||Oracle Directory IntegrationPlatform||IBM Security Directory Integrator||NetIQ Directory and Resource Administrator||Microsoft Identity Manager||ViewDS Identity Bridge|
As a management and technology consultancy, M&S Consulting has deep experience with middleware & IdM. M&S will strive to analyze, develop and deliver an identity management vision that contains all of objectives important to an organization, in cloud, on-prem or hybrid.
All product names, logos, trademarks and images are property of their respective owners.