F5 BIG-IP Access Policy Manager (APM) vs. Oracle Identity Governance vs. SAP Identity Management

I think that the platform is well suited to many Remote Access VPN solutions, but I also think there is a lot of room for improvement on the backend. If you are hoping to deploy your APM solution across many different datacenters or colos, it may not be the best choice for the final solution.

Incentivized

Well suited for: 1. Large and medium organisations who have the capacity to invest in IAM roadmap for long term. 2. Organisations with and existing oracle and partner applications ecosystem. 3. Scenario where the user base is on the higher side and organisations looking to scale up in near future. 4. Organisation with complex workflow need in identity management process. Not well suited for 1. Small organisations or even medium ones which have a lesser number of applications 2. Scenarios where custom connectors need to be developed but at the same time turnaround should be quick. 3. Scenarios when features you are looking for are missing, getting them added could take a lot of effort. 4. UI is not very user-friendly and needs to be customised. 5. Takes time to stablise post going live

Incentivized

SAP Identity Management manages organization identities centrally with a great amount of flexibility and efficiency. Compared to the conventional SAP solution of central user administration (CUA), SAP IDM (version 7.2/8.0) delivers a great number of benefits like: 1. Availability of connectors for non-SAP application identity management,

2. Modular/granular access management in the form of context-based business role definition.

3. It can be integrated with the SAP HR system for making entire user identity management automatic.

Incentivized

• SAML 2.0 identity federation support.
• Integrates with third-party SSO solutions.
• Bridging modern authentication and authorization (SAML, OAuth/OIDC) and classic authentication and authorization methods.
• Policy routing

Incentivized

• It has a very well-defined and scalable framework (LDAP directory).
• It scales particularly well, going from a basic platform to a complex one using customisation and extensions.
• It integrates well with other components like SSO and Access Manager to provide comprehensive a one stop identity management solution.

Incentivized

• In my previous organization, to achieve the granularity of access based on organization restrictions, we implemented enabler role-based security roles. Provisioning the enabler roles through the SAP GRC was a great challenge (realistically improbable). Here came the SAP IDM to our rescue. It has a peculiar feature of context-based business role provisioning feature.
• Customized context & its association with security roles & user HR attributes, give us unique ability to achieve granularity of access provisioning.
• SAP IDM integrates with the SAP HR system and identity management becomes automatic.

Incentivized

• There's some more advanced configurations within OAuth that I think could be fleshed out and easier to approach.
• There's a lot of things in F5 BIG-IP Access Policy Manager policies that I find myself recreating every policy. An easier way to copy objects from one to policy to another.

Incentivized

• The cost could be lower.
• Support.
• Identity.

Incentivized

• SAP Identity management should come up with connectors for almost all not SAP applications, which will enable the use of SAP IDM as a one-stop solution for organizations' identity management.

Incentivized

Integration with F5 BIG-IP systems that we plan to keep using for a while.

Incentivized

Once things are set up, it is nice and easy to get the Edge Client running on user's PCs. However, that setup process can be a bit daunting at first using the Policy Manager, and reviewing session logs can be difficult at first if you aren't 100% sure of what you're looking for.

Incentivized

Overall good product and somewhat reliable when used in a specific manner. However, there are cons like unending bugs and no well-defined upgrade path. The product could have been more flexible and lite in terms of organisational infra needs. OIM is a robust product but other vendors are almost on-par now.

Incentivized

Overall it's a easy to use tool. But lacks proper debuging capabilities when errors occur.

Incentivized

The support is not consistent and takes a long time to find solutions.

Incentivized

It is open platform so support is not good and than F5 and features visibility as not good as F5. F5 Set up and easy to use to admin console. Also have more feature visibility for load balancing, web server accelerator, application server ddos protection and WAF. F5 more efficient to handle concurrent request.

Incentivized

I was not involved in the purchasing decision, an enterprise architect who used Gartner as a source was influential

I feel that SAP Identity Management is easier to use.

Incentivized

• Single sign on is great for students and faculty and staff
• Users don't have to log in multiple times
• Users don't need to remember multiple login IDs and passwords
• Multi Domain SSO support bridges many internal and external facing products with single sign on

Incentivized

• It has a great impact from moving us from paper based to full EHR Compliance
• It's easy to check and see how users get and lose access to the systems that are administered through OIM
• It's also helping in tying down Policies and procedures within the Orgainization

Incentivized

• SAP IDM has the huge potential to minimize risks arising out of disorganized identity management within an organization. As all identities are managed centrally, there is very little room for manipulation of an identity.
• As this solution has the ability to integrate with SAP GRC, risk analysis becomes mandatory before any access provisioning takes place.
• As the solution is automatic, hiring to employee exits is managed with a minimal margin of error.

Incentivized