Here we have three products from Thycotic Software that when combined provide a reasonably comprehensive identity management suite. Secret Server allows for full management of privileged accounts, including scheduled password changes. The Password Reset Server allows users to manage their own password changes through a self-service portal. Finally, the Group Management Server allows managers and other non-IT administrators to manage Active Directory group memberships for their assigned users and groups.
We found installation of these products to be simple and intuitive. We first had to prepare the server with a few prerequisites. Setting up these took us the most time because of the configuration requirements of the SQL Server and Microsoft Internet Information Services. After the server was ready, we had to install each product individually by launching an installer package, which opened up a setup wizard. We found all wizards to be easy to follow and we had the products up and running in no time at all. After all the elements were installed, we found the management interfaces to all be quite intuitive to navigate and use as well. More importantly, the web-based portals for Group Management Server and Password Reset Server were well-organized with a clean layout for end-users.
We found all three components plugged into the Active Directory structure quite well and we had no problem at all with managing users within any of the applications. We also found there to be many configurable policy options within each of the applications to ensure proper control over both user and privileged accounts. The only problem we had with this submission: because it is comprised of three separate products, the overall deployment felt clunky. We would like to see this group of product become more integrated as a suite.
Documentation included installation and user guides for each of the three components. We found each of the guides to be well-organized and to include a good amount of detail along with many step-by-step instructions, configuration examples and screen shots. Overall, all of the provided documents were easy to follow and all the instructions were clear and easy to understand.
Thycotic offers aid to customers through a support and maintenance contract. With a support contract, customers receive phone- and email-based technical support during business hours. Customers also can receive 24/7 support by paying an additional per-incident fee.
Customers must purchase the various products separately as these elements have not been bundled together as a suite. However, that may not be as costly as it sounds on the surface. For example, for 10 administrators and 1,000 users, this suite would run in the neighborhood of $8,000 or only about $8 per user for privileged account management, group membership management and password reset self-service. We find this product to be a reasonable value for the money.