Gartner report: Options for Open Source Identity and Access Management

Gartner report: Options for Open Source Identity and Access Management

Gartner published the reportOptions for Open Source Identity and Access Management: 2017 Update, on the 8th of March 2017.

In this report, Gartner analyses the technological state of the different open source products, it provides a comparison between them, and issues a series of recommendations for the end users.


General key findings

– Open-source software identity and access management components can provide more flexibility and adaptability than proprietary vendor components and at a lower cost.

– The majority of components come with varying levels of functionality and maturity. The end user needs to carry out extensive research to confirm adequacy of maturity and functionality for their use case.

– Support plans are available for most of their components from primary developers or their supporting partners. In some cases, there are two versions of a product: a free version and a version with more features that is only available in conjunction with a support plan.


Soffid Analysis

“Soffid is a vendor that develops and offers support for a comprehensive IAM solution that was custom-developed for the government of the Balearic Islands in Spain. With the permission of the government, the source code of the product has been released as open source. Soffid IAM consists of a provisioning system, a PAM module that includes a password vault, an ESSO component that uses access server-side credential injection, web SSO and federation functionality based on Shibboleth that supports SAML, OAuth, OpenID Connect and authorization enforcement based on XACML. The software runs on Windows and Linux; the ESSO module is supported on Windows and Ubuntu Linux. It includes a synchronization engine that also supports reconciliation and comes with several connectors, including SAP. Role management and recertification is also supported. The product has recently been extended to include rapid configuration capabilities and integrated with Jasper Reports.

Functionality: (Medium to High). Soffid has one of the most comprehensive list of IAM features of products reviewed in this report. It is also the only product set from one vendor that includes ESSO and PAM functionality.”

For more information please read the full report here.