PingOne for Workforce

One of my company's customers has already integrated ForgeRock and set up Splunk. We just did some simple configuration, but not much since our customer did it.

I use the tool for its single sign-on capabilities. With ForgeRock, we can enable single sign-on and multi-factor authentication features, as well as single-layer or two-layer multi-factor authentication and password-less authentication.

Basically, we enable multi-factor authentication when logging in to ForgeRock. With ForgeRock Access Management, we can access Splunk using single sign-on capabilities. If you need one more multi-factor authentication for Splunk, we can enable it for that particular application. We already enabled multi-factor authentication for ForgeRock Access Management. Users are authenticated through multi-factor authentication, so Splunk does not require one more such tool. If you want the improvements and prefer one more multi-factor authentication tool, then it is okay.

In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area where improvements are required.

I have been using ForgeRock for a year and a half. One of my company's customers uses the tool. My company implements and offers support for the tool.

I provide full support in the application integration for our customers.

I have used Splunk for CybeArk for one of my company's customers. I don't know of particular advantages in ForgeRock as such, but it helps reduce manpower and improve security, and then we can keep the environment stable.

The product's implementation phase is very easy, but a lot of customizations are required.

ForgeRock uses Splunk. ForgeRock's integration with Splunk is very easy and straightforward.

In terms of the tool's adaptive risk and intelligence features, I can say that it is an area that is time-based. In different regions, the working hours are different. We can configure the tool based on the timing and the work location.

In terms of the tool's operational efficiency, ForgeRock Access Management is used in a lot of environments, different regions, and in different stages of production environments. Manual monitoring is not possible, especially monitoring everything with the system memory and CPU memory, along with the user behaviors. Splunk easily monitors everything. From a business perspective, it will reduce risk and then reduce manpower. Splunk provides exact results and monitoring results to track a particular issue so we can easily identify the issue.

We usually receive alerts regarding high CPU utilization because of the high traffic we receive.

I can't comment on whether the tool helps in the area of predictive analytics or automated threat detection.

I recommend the product to others. I can also recommend products like CyberArk and Okta. Wherever we need to monitor the environment, specifically the cloud environment or on-prem one, I can suggest all the above-mentioned tools.

I rate the tool a nine out of ten.

We are consultants who have deployed versions of the ForgeRock solution.

From a functionality point of view, it's a solid product. Of course, the customers always complain about the price.

The solution has some AI features. It works very well, especially in Identity and Access Management. It helps detect anomalies in user behavior patterns. It also suggests security roles and other ways of doing things based on industry best practices.

The price could be better. 

It looks like it's well funded, but the joining process with Ping Identity is a concern. It could take priority from a product point of view, which is a concern for customers.

In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with de-dupe functionality and biometric onboarding. This would help complete the entire use case, especially from a customer identity management perspective.

I have been using this product for ten years or so. 

We are an implementer and supporter.

Overall, I would rate it an eight out of ten. 

We are like a big reference site in Africa, and they've already made a lot of deployments there. So, I would recommend it to everyone. 

I use the solution in my company for all of our authentications, specifically microservice authentications.

Microservice authentication and authorization is built using the product. Third party vendors have been integrated with our platform using OAuth 2.0 supported by the product. MPIN and Biometrics development has been made using product API's

The solution's most valuable feature is that it comes shipped with directory services and LDAP, which is packaged with it. It also has high support for DevOps. You can manage OAuth 2.0 clients as code.

The product's customization is a bit complicated. The tool is customized by exporting config files to Git  and bundling them as images. It is hard for the developers to maintain it as it requires training.

Kubernetes  deployment for ForgeRock  which is called ForgeOps is not included in product support. The company does not officially support ForgeOps as a product feature but they support it on a best effort basis. It would be better to have ForgeOps as a part of product support.

I have been using ForgeRock  for two years. I am just a customer of the tool.

It doesn't actually have any bugs.

It is a very scalable solution in terms of Kubernetes  architecture.

All the developers in my company work with ForgeOps APIs, and around 10 to 15 developers make customizations in the product.

As ForgeOps is not internally supported as a product feature, one always has to have professional service to support it. I rate the technical support an eight or nine out of ten.

Positive

Our company started off with Forgerock as the IDAM solution but was considering switching to KeyCloak. However we further made an investment on developing MPIN and Biometrics using product API's, a reason why my company continues with the product.

The product's initial setup phase was not difficult as it started supporting Helm charts. With the latest releases, it has been made easier to manage. Just making the tool highly available requires some expertise.

The product is easy to use in a development environment. It is easy to set up the tool, and it is easy to configure the product in the development environment, but it requires expertise to set up a highly available deployment and use the product in multiple environments.

The solution is deployed on an on-premises model.

Our company was considering switching back to Keycloak from ForgeRock, so as to not pay any license fees. ForgeRock also supports M-PIN and biometric features that Keycloak does not provide. My company started developing for M-PIN and biometric, a reason why my company continues with the product.

I would suggest others use the product after asking them to consider their use cases. SSO  may be a use case for some, and using the product as an IDM tool may be a use case. At the moment, my company is not deploying all the components of ForgeRock itself. My company uses ForgeRock for OAuth 2.0. For example, my company is not deploying the IDM and identity gateway components. You should consider your use case and select the required components for that use case.

My company does not use the SSO  features of the tool. My company uses SSO to access ForgeRock's AM Console for individual users. My company does not use single sign on features of the product and instead, we use Auth0 .

I rate the tool a seven or eight out of ten.

We use ForgeRock to implement SSO MSA for different customers with large databases. We also use the solution to unify their system and dashboards.

The most valuable features of ForgeRock are social login and data protection. From an organization's point of view, data privacy is the most valuable feature of ForgeRock. Data should be protected in the right way in an organization. User data is everything in an organization, and if data hacking harms an organization's reputation.

ForgeRock is a very good product for security and meeting your compliance and automation requirements. Our IT team's workload has definitely reduced after implementing ForgeRock.

The solution's deployment should be made easier.

I have been using ForgeRock for nine or ten months.

The solution's stability has to be better, but it depends mainly on how the solution is deployed. Everything is linked to the deployment style. If the deployment is done properly, everything can be fixed automatically.

I rate the solution a seven out of ten for stability.

Around four to five users are using the solution in our organization.

I rate the solution ten out of ten for scalability.

The solution’s technical support is good.

Positive

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a five out of ten.

The solution’s deployment takes more than two to three months. We need to install the identity gateway servers first, and based on the gateway servers, they have to initiate the proxy servers. Once the proxy servers are properly configured, I can start with my different application integration. The whole process itself stretches to two months. That's why it's a very lengthy procedure.

ForgeRock is an expensive solution.

We are using ForgeRock mostly for banks and universities. We are letting them use the self-registration page via social logins, having the consent to provide the data, and implementing the ease of logging into the system. So, this is how we are using the solution's CIAM.

Overall, I rate the solution an eight out of ten.

Customization can be a difficult job.

I have been using ForgeRock for last three to four months. 

It is a customizable solution so if the customization is on track then it is stable. 

The technical support team is very good. 

Positive

I used Seapoint previously. 

As it is a new product I would rate it five out of ten.