IBM Security Verify Access Reviews

I generally use Microsoft Project for project planning and schedule management, especially in relation to Oracle products and DevOps project management.

We use Azure DevOps, but with regards to IBM BPM, it manages its own repository management and versioning, so Azure DevOps doesn't integrate with the IBM BPM platform. DevOps is used for other kinds of applications and source management. We use it for source code management and CI/CD pipelines for technologies such as .NET, C# .NET, Java services, and other custom development, which is managed via Azure DevOps.

I started using Azure DevOps Server from the past one and a half years because I also look after other technologies for our organization. My team is responsible for the development of some ancillary applications and back-end automation, which involves different technology stacks. We usually use Azure DevOps for source code management and the CI/CD pipeline, but that has a limited scope of utilization as we do not store our source code in a decentralized manner or on our local PC. We have a central Azure DevOps server, and we use the repos and perform the artifacts and epics flow.

I cannot give a deep dive on Azure DevOps Server since I'm just a naive user of that product, so I have two main use cases for DevOps Server: one for CI/CD and another for source management.

As far as process insight in the IBM Business Automation Workflow product is concerned, we use analytics to evaluate different statistics of our processes, analyze bottlenecks, turnaround time, and other aspects from a design point of view. We usually revise and enhance our process through change management based on business requirements and compliance needs, informed by the analysis data from the BPM product.

In the current era of cybersecurity and emerging technologies, there are always needed improvements. Generally, local domain environments with intranet users and on-premise infrastructure tend to be more secure than cloud solutions. In our organization, we prefer on-premise solutions to mitigate security threats, while cloud-based solutions often require ongoing updates to address new security challenges. Additionally, on-premise environments can be periodically updated to align with emerging threats.

I have been dealing with IBM Security Verify Access for more than four or five years.

For enabling user management and security, our internal users who have to log in to BPM rely on the ISVA solution which plays a crucial role. That security process gets the user authenticated via our central Active Directory and directory services, and once authenticated, the user is routed to the BPM portal.

We recently migrated to ISVA from ISAM. Currently, we are using the main functionality of login authentication and two-factor authentication. As it integrates with firewall and SSL and other security features, we have different routes defined that take care of the user login journey. The adaptive AI features are available only in new products, and since we utilize our solution on-prem, we must consider more stable and secure n-1 variants, so we have not implemented that part yet.

The multi-factor authentication aspect of the product helps to reduce unauthorized access incidents overall.

We have a central Active Directory, Microsoft Active Directory, where user management is done. In terms of login authentication, IBM Security Verify Access integrates with LDAP to authenticate users. The integration checks if the user exists on the organization's domain directory server, and if so, it gets authenticated and passed on to the BPM process portal. There are two login journeys—when a user logs in from the outside, such as staff sitting at home, they can also log in if authorized; in such cases, rules are defined in ISAM, triggering an OTP that is authenticated as two-factor authentication.

IBM Security Verify Access installation process is not straightforward; it requires underlying specialized knowledge upon which the IBM products are based. The complexity and scalability of the architecture necessitate in-depth technical knowledge and understanding of the system. Thus, installation is not as simple as clicking through; it requires extensive configuration of the underlying application servers, such as IBM WebSphere, where these products are deployed and configured.

I would give tech support a rating of seven to eight on a scale of one to ten.

Positive

I want to ensure that my credentials, including my picture, are included in the publication on peerspot.com, as I would like to share my feedback with my network.

I would like to elaborate on various IBM products like DOORS or WebSphere, but I have to join another meeting at this moment.

Based on my experience with IBM Security Verify Access, I would rate this solution 8 out of 10.

The authentication process with IBM Security Verify Access is good and is considered one of the best identity and access management solutions. It helps with multi-factor authentication. 

It offers multiple authentication methods like tokens and one-time passwords, enhancing security. It also includes features like password vaults and single sign-on, streamlining the access process for remote and local users across different solutions.

The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via email or SMS. This ensures secure access to your accounts by providing multiple authentication options.

The policy control feature allows you to set authentication measures and policies for your organization's identity governance. This feature helps create standardized policies and organize them into groups based on departments or specific needs. It simplifies access management for both administrators and users. 

IBM Security Verify Access can be integrated with almost any solution using APIs. The time required for integration depends on whether the solution is out of the box or custom. Out-of-the-box solutions can be integrated quickly, typically within a few days or hours, while custom solutions may require additional steps and take longer to integrate.

The user interface for users and administrators could be improved to make it easier. Automating some functions could also be beneficial.

I have been working with the product for more than six years. 

I rate the solution's stability an eight-point five out of ten. Our clients primarily consist of medium to large enterprises for this solution. Smaller businesses may choose alternative solutions like Microsoft or Google Authenticator due to cost considerations. 

I rate the product's scalability an eight out of ten. 

The solution's technical support is good. 

Positive

I rate the tool's deployment a six to seven out of ten. The solution's deployment typically takes about a day. However, integrating it with different solutions that the end user might have can vary depending on the organization's size, ranging from a week to three weeks.

The product is not expensive. It depends on the number of users. 

I rate the product an eight out of ten. 

Currently, we're using IBM Security Access Manager for multi-factor authentication.

The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it.

What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding.

We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium.

As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain.

I've been working with IBM Security Access Manager for about a year, and I'm still using it.

IBM Security Access Manager is a stable solution. We have not seen any technical issues in our usage of it for one and a half years.

IBM Security Access Manager is a good and scalable solution.

The technical support for IBM Security Access Manager could be better. I'm rating support three out of five.

IBM should also look into the feedback received by the support team, and follow up with partners, especially in terms of the processes involved in a solution such as IBM Security Access Manager.

I'm unable to give information on the pricing for IBM Security Access Manager because what IBM gave me is just for me personally and it's just the starting price, while a better price offering could have been given to others.

We evaluated RSA and Auth0, and we chose IBM Security Access Manager over those two solutions because we have a portfolio of IBM products in our environment and it would be much easier to onboard them all as they are all under IBM. For example, we're also using IBM Guardium and IBM QRadar, so we've selected IBM Security Access Manager as well.

My company uses multiple solutions, and one of them is IBM Security Access Manager.

In general, I would rate IBM Security Access Manager eight out of ten because its scalability is good. As a product, it's good, for example, it has good features. It's only the support that has an issue.

I would recommend IBM Security Access Manager to users running IBM environments, otherwise, the market has many simplified solutions. If your company has IBM tools and an IBM environment, it's a must for me to recommend IBM Security Access Manager because using the solution would be easier for you. Otherwise, there's no limitation as the market is open and you'd find multiple, good solutions in the market.

My company has a partnership with IBM.

It is used for access management. I have its latest version. I don't know the exact version number, but 10.0.0 was the latest version, which is now named IBM Security Verify Access.

It provides good support for legacy applications. Legacy applications are the ones that don't support the latest mechanisms or protocols for access management. An example would be an in-house application built in the banking environment or insurance environment with a login page where inside the application, there are multiple modules to create a contract or submit some documents. Such legacy or in-house applications do not support protocols like SAML or OIDC. IBM Security Access Manager provides a very good integration mechanism in such cases. It has an IV user-header-based single sign-on mechanism for bypassing the login page and providing single sign-on access to users. It is very easy to configure. We just need a few details from the application side, which are provided by the application owner, and then we can configure the solution and go live. It is a very quick mechanism. We can integrate more than a hundred applications within three months.

It also supports SAML, which is a great protocol but requires coding. You need to know Java scripting to be able to code the token configuration for SAML Single Sign-on. IBM Security Access Manager supports the coding mechanism for SAML Single Sign-on to SaaS-based solutions or on-prem solutions.

It is easy to use. It can be adopted very quickly.

It is a virtual appliance, and it supports on-cloud and on-prem deployments. It can be very quickly installed on the cloud as well as on-prem, which is the beauty of this solution.

From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable.

They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product.

I have been using this solution for six years. 

It is a stable product.

It is 100% scalable.

It is a virtual appliance. So, the coding and configuration parameters are limited, and it can be very quickly installed on the cloud as well as on-prem.

Most of the things are available out of the box, and we require only one person to support the entire BU. For implementation, we need two people to integrate and build the environment and make the production go live.

It costs about 300K AED for a year. Its pricing is a bit on the higher end, but in comparison to other products in the market, its price is still better. There are lots of other products that are very costly.

It is quite a good solution. It is easy to use. If you have a lot of legacy applications, you can go for this solution.

I would rate it an eight out of ten.

It is mostly used for access management. It handles all aspects of access, such as single sign-on, access control, etc.

We are using its latest version. It is a VM-based product. So, it is more of a cloud product.

It can do a lot of different functions. Different types of teams can use this product for a variety of use cases, such as RSA, OTP, and single sign-on functionalities. It is completely oriented around access. 

Its stability and UI are most valuable.

There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality.

It should support the Zero Trust methodology.

We have been using it in our organization for more than 10 years.

It is good in terms of reliability and stability.

I don't see any concerns with that. We have around 20,000 users in our organization. It isn't being used extensively, and we have no plans to increase its usage.

I have had no need for that.

It has been there for a while.

It is straightforward. I didn't implement it here, but I've done this with previous clients and at previous companies. Mostly, it is straightforward, and you don't really require external and third-party consultants.

I would advise looking for a product with good performance and advanced functionalities, especially on the security side. There should be stability and up-to-date or latest functionalities. Generally, if a product is stable, it doesn't have advanced functions, and if a product is highly advanced, it may not be stable. You should try to find a combination of both. It also depends on your requirements. Some people have small-scale usage, and performance might not be their concern, but security should always be a priority.

I would rate this solution a seven out of ten.

I am a provider of mobile authentication and my customers want to upgrade the Single Sign-On platform solution. We then provide them our mobile authentication to plugin with the new version of IBM's Single Sign-On.

I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth. 

The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector.

In the future, there could be better instructional documentation published on their website. It was difficult for us to learn.

I have been using the solution for two years.

The solution is really reliable and stable.

The solution is very scalable. I have provided the solution to my customer that has approximately 10,000 users. I think we can expand it up to 100,000. It is ready to accept a large amount of the customer.

We do the deployment and maintenance of the solution with a team of three engineers and it took approximately two weeks.

The first time we did the installation it took a lot of time because we had to learn how to do it. Now that we understand the solution and have done the installation before, it is easy. 

The license and costs depend on the amount range of users you have. For just approximately 2,000 users, the price is practical and fair. However, when you have 20,000 users, it starts to become really expensive, and the discount per user is not attractive enough to go ahead and purchase. We only have a budget for approximately 7,000 users, having more users would be too expensive for us. 

For small or medium-sized businesses they cannot afford this solution.

I rate IBM Security Access Manager an eight out of ten.

The primary use cases of this solution are for my clients who are mainly from the banks and the University. I work on projects with our local University with a federation and we do the authentication of the students.

The most valuable feature is the authorization.

The user interface needs to be simplified, it's complex and not user-friendly.

In the next release, I would like to see improvements made to the user interface.

I have been working with IBM Security Access Manager for approximately five years.

This solution is quite stable.

This solution is scalable.

The technical support has improved. We are satisfied and have not had any problems.

Previously, we did not use another solution.

The initial setup is easy and straightforward.

It can take three days to deploy this solution on-premises.

It's a good solution for identification and access management. 

It's a mature solution and the support is good.

I would rate this solution a seven out of ten.

The mobile features of the solution are very good. Users can enroll via QR code. The product also has a very small firewall application. 

The solution has powerful authentification and authorization. It offers a good way to increase security.

I'm not as familiar with the cloud deployment model, but if it's not as reliable as the on-premises version, they need to ensure it's just as secure.

Configuration could be simplified for the end-user.

The solution is very stable.

The initial setup is straightforward, but depending on the company's unique complexities, and the size of the organization, deployment can take up to two months.

We use the on-premises deployment model. Typically we deal with enterprise-level organizations. We're an IBM partner and reseller.

I'd rate the solution eight out of ten.