Home > ManageEngine AD360 vs Ilantus Compact Identity

Looking for an alternative to
Ilantus Compact Identity

100000+ Technicians trust AD360 to manage their Windows environment

Try AD360

Thank you for downloading!

Your download should begin automatically in 15 seconds. If not, click here to download manually.

    Download fully functional
    60-days FREE trial!

  • By clicking 'Start a free trial', you agree to processing of personal data according to the Privacy Policy.

Thanks!

One of our solution experts will get in touch with you shortly

ManageEngine AD360 Vs Ilantus Compact Identity

ManageEngine AD360 is an integrated identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. From user provisioning, self-service password management, Active Directory change monitoring, to single sign-on (SSO) for enterprise applications and multi-factor authentication, AD360 helps organizations manage identities and achieve a strong security posture. AD360 is an on-premises solution.

Ilantus Compact Identity is an IAM solution that supports SSO, password management, identity governance, identity administration, and analytics. Compact Identity is a cloud-based solution. This document juxtaposes the capabilities of these two solutions.

Note: Some features which are not explicitly indicated as supported in the competitor’s website and documents are listed as NA (information not available).

Active Directory 360

Features Description ManageEngine AD360
Try now
Ilantus Compact Identity
Identity life cycle management
User provisioning and deprovisioning Supports provisioning and deprovisioning of users to various directories and applications    
Automated provisioning Automatically creates account for users in the target directory or application  

NA

CSV-based bulk user provisioning Provisions accounts for multiple users in a single click by importing their details from a CSV file    
Template-based bulk user provisioning Uses pre-defined and customizable templates to provision multiple users accounts in a single click    
Provision users with entitlements Allows you to provide access to resources such as groups, mailbox, etc., right during account provisioning    
Entitlements management, access certification, and approval workflow
Entitlements assignment Allows you to assign entitlements to resources in your IT environment  

(supports only entitlements in AD, Exchange, Office 365, and file servers)

 
Access certification Allows managers or resource owners to periodically review who has access to what resource and certify the access entitlement    
Access policies Allows admins to define who can govern access to resources and how long an access assignment should last    
Automation Automatically assigns, reassigns, or removes entitlements based on an identity’s lifecycle status    
Multi-level approval workflow Enables admins, managers, and resource owners to review entitlement changes and approve it    
Delegation Helps delegate routine IAM tasks to help desk technicians through pre-defined or userdefined roles    
Single sign-on (SSO)
SSO to enterprise applications Provides secure, one-click access to enterprise applications    
SSO to legacy apps Supports SSO to in-house applications  

(legacy apps should support the SAML protocol)

 

(requires installation of an agent in every users’ machines)

Supported SSO frameworks List of supported SSO frameworks SAML SAML, OAuth, Open ID
Built-in directory Comes built-in with a directory to store user identity details  

(uses native identity providers and directory services, such as AD and Office 365, as the identity store)

 
Pre-integrated apps Supports SSO to hundreds of pre-integrated apps    
Shared app login Allows users to use a single license during different sessions    
Multi-factor authentication (MFA)
Supported factors Number of authentication factors supported Fifteen
  1. Challenge Response
  2. Email OTP
  3. SMS OTP
  4. Google Authenticator
  5. Microsoft Authenticator
  6. Biometric
  7. YubiKey
  8. Duo Security
  9. RSA SecurID
  10. Time-based OTP
  11. Push notification
  12. QR-code based authentication
  13. RADIUS authentication
  14. AD-based security questions
  15. SAML-based identity providers
Five
  1. Challenge response
  2. Soft tokens
  3. Biometric
  4. Email OTP
  5. SMS OTP
MFA for cloud application login via SSO Supports MFA for cloud applications while logging in via SSO    
Endpoint MFA Adds an extra step of authentication to Windows, macOS, and Linux logons    
Risk-based authentication Calculates risk score based on device, location, etc., and uses the score to allow, deny, step-up authentication    
Password management
Self-service password reset Allows users to reset their AD passwords    
Self-service account unlock Allows users to unlock their AD accounts    
MFA for password reset Number of authentication methods supported for password reset and account unlock  15  5
Password reset and account unlock for cloud and on-premises applications Allows users to reset passwords and unlock accounts across cloud applications and on-premises systems other than AD  

(supports IBM iSeries, Oracle DB, Office 365, G Suite, Salesforce, and more)

 NA
Real-time password synchronization Automatically synchronizes users’ Active Directory passwords with cloud applications and other on-premises systems    
Password policy enhancer Password complexity requirements: Requires a specified number of lower case letters, upper case letters, numbers, and symbols in the passwords    
Dictionary rule to block common and weak passwords.    
Pattern rule to block keyboard patterns (asdf, qwerty, etc.) in passwords.    
Cached credential update for AD passwords. Allows remote users who are not connected to the AD domain to reset passwords and log in to their machines    

(available only in Ilantus Xpress Password)

Password expiration notification Sends periodic password expiration reminders to AD users  

(supports email, SMS, and push notifications) Password)

 

(available only in Ilantus Xpress Password; supports only email)

Account expiration notification Sends periodic account expiration reminders to AD users    
Notify users’ managers about expiration Sends password and account expiration notifications to users’ managers and IT admins    
Password reset from login screen Allows users to reset their passwords right from the login screens of their Windows, macOS, or Linux machines  

(supports Windows, macOS, and Linux)

 

(supports only Windows)

Mobile app for password reset Allows users to reset their passwords using a mobile app    

(requires subscription to Xpress Password)

Help desk-assisted password reset Allows help desk technicians to reset passwords on behalf of users after verifying their identity    
Self-service
Self-service group management Allows users to request membership to AD groups and get the request approved by admin or group owner    
Self-service for updating AD attributes Allows users to update AD attributes such as address, mail, mobile, etc., on their own.   NA
Approval workflow for self-service Allows admins, technicians, and managers to review users’ self-service actions before approving it   NA
Privilege management
Privileged account tracking Tracks all the activities of privileged account holders including their logon/logoff activities    
File permissions report Helps identify which users have access to critical files in your file servers    
File permissiFile permission managementons report Manages the NTFS and Share permissions of files and folders in your Windows environment    
Active Directory management
User management Allows you to disable or enable user accounts, modify user attribute values, reset passwords, unlock accounts, and do much more in bulk, manually and also automatically    
Computer management Allows you to create and manage computer objects; modify their attributes in bulk    
Group management Allows you to create and manage groups; modify group memberships in bulk    
GPO management Allows you to create and link GPOs to OUs; modify GPO settings    
Management of other objects Allows you to create and manage contact objects, home folders, terminal services profile folder, passwords, and more in AD    
Office 365 management
User management Allows you to create users with or without license, enable MFA settings, reset passwords, modify naming attributes, and do much more in bulk    

(supports only provisioning)

Group management Allows you to create and manage distribution groups, security groups; modify group memberships; modify group properties such as Send As permissions; all in bulk    
Contact management Allows you to create and manage contacts in bulk; modify contact attributes and properties in bulk    
License management Allows you to assign, remove, or replace licenses of selected users or groups    
Mailbox, shared mailbox, and public folder management Allows you to manage Exchange Online mailboxes, configure settings, enable or disable features; modify public folders, and do much more in bulk    
Mobile device management Helps clear mobile device data and remove mobile devices    
Calendar management Lets you modify or remove calendar permissions    
On-premises Exchange management
Mailbox management Allows you to create and modify mailboxes, shared mailboxes, room mailboxes, equipment mailboxes, and more in bulk    
Identity analytics and compliance
Prebuilt reports Provides reports to track user activities in the product    
State-in-time reports for AD Offers over 150 reports on various aspects of your AD environment, including reports to find out inactive users, recently created users, last logon of users, etc.    

(only a few)

State-in-time reports for Exchange Server Offers over 100 reports on various aspects of your Exchange on-premises environment, including reports to find out nonowner mailbox permissions, mailbox storage growth, distribution lists members, etc.    
State-in-time reports for Office 365 Offers over 150 reports on all aspects of various Office 365 services, including Azure AD, Exchange Online, OneDrive for Business, Skype, Microsoft Teams, etc.    
Prebuilt reports for IT compliance Provides report templates for various compliance mandates such as SOX, HIPAA, PCI DSS, GDPR, etc.   NA
Change auditing
Active Directory change auditing Audits every single change happening in Active Directory    
On—premises Exchange and Exchange Online change auditing Audits every single change happening in your hybrid Exchange environment    
Office 365 auditing Audits changes happening in Office 365, including Exchange Online, Azure AD, OneDrive for Business, and Microsoft Teams.    
File server auditing Audits file and folder read, modify, create, delete, DACL, SACL, and other changes  

(supported environments: Windows, Windows failove cluster, NetApp, EMC, and Synology)

 
Windows Servers and workstation auditing Audit local logon activity, AD FS logons, PowerShell processes, etc.    
Logon/Logoff auditing and account lockout analysis Audit logon and logoff events; analyze account lockout source, time, etc.    
Technician activity audit reports Audits technicians’ activities (who did what, and when) using the product’s various modules    
Real-time alerting Sends email and SMS alerts in real time for important security-related changes in your IT environment   NA
User behavior analytics (UBA)
Detect abnormal user behavior Helps detect, investigate, and mitigate threats like malicious logins, lateral movement, privilege abuse, data breaches, etc.    

(requires thirdparty integration)

Disaster recovery
Active Directory backup and recovery Takes full or incremental backups of AD objects. Lets you restore them granularly at object or attribute level    
Office 365 backup and recovery Takes full or incremental backups of Exchange Online mailboxes, SharePoint sites, and OneDrive for Business files and folders. Lets you restore them granularly at object or attribute level    
Exchange backup and recovery Takes full or incremental backups of Exchange mailboxes. Lets you restore them granularly at mailbox or item level    
Integrations
ITSM solutions Integrates with ITSM and ITIL solutions for user provisioning, identity management, password sync, etc.    
SIEM solutions Integrates with SIEM solutions to provide network-wide deeper analytics    
HRMS solutions Integrates with HRMS solutions to automate user lifecycle management    
Database servers Integrates with databases to automate user lifecycle management    
PAM solutions Integrates with a privileged access management (PAM) solutions for password vaulting and other PAM capabilities    
APIs Provides APIs to connect to external applications   NA

Can the solution be considered value for money?

Component-based pricing model.
Starts at $595* per year
for identity management

* - self-service, SSO, auditing, and other components cost extra.

Summary

As you can see from the above table, both ManageEngine AD360 and Ilantus Compact Identity provide comprehensive identity governance and management capabilities. However, there are some important differences between the two:

  • When it comes to IT security, change auditing, and compliance, AD360 is the clear winner. The auditing capabilities of AD360 are unmatched by Ilantus.
  • AD360 provides disaster recovery and comprehensive management capabilities for AD, Exchange, and Office 365
  • User behavior analytics (UBA), a must for enterprise security nowadays, comes built-in with AD360. Ilantus Compact Identity doesn’t support UBA.
  • AD360 provides nearly 1000 pre-built reports on various aspects of your IT environment as well as a bird’s-eye view of all activities by users and admins, in real time. It can also send you alerts via email and SMS when an important event happens in your environment. The analytics capabilities of Ilantus Compact Identity are fairly limited when compared with AD360.
  • Compact Identity does have a strong SSO and access review plus certification module.
  • AD360 is available only as an on-premises version. Compact Identity is available only as a SaaS offering.

While the IAM capabilities of the two solutions are almost similar, ManageEngine AD360 has capabilities, including change auditing and disaster recovery in addition to IAM, which are essential for enterprises that depend on Microsoft technologies, such as AD, Exchange, and Office 365.

Start your evaluation of AD360 with a 60-day free trial: Download now.

customer-testimonial-logo

What customers say about us

  • CAMH will be able to save close to $26,000 a year on service desk calls related to Active Directory password resets and locked accounts, and will see a return on investment within the first six months of product implementation.

    Judy OlivierProject Manager, CAMH

About ManageEngine AD360

AD360 is an identity and access management (IAM) solution for managing user identities, governing access to resources, enforcing security, and ensuring compliance. AD360 provides all these functionalities for Windows Active Directory, Exchange Server, and Office 365. With AD360, you can choose the modules you need and start addressing IAM challenges across on-premises, cloud, and hybrid environments—all from a single console.

For more information about AD360, please visit

www.manageengine.com/ad360.
Download
Demo

Thank you for downloading!

Your download should begin automatically in 15 seconds. If not, click here to download manually.

Download fully functional60-days FREE trial!

  •  
    By clicking 'Claim Your Free Trial', you agree to processing of personal data according to the Privacy Policy.

Thank you

Thank you for your interest in ManageEngine AD360. We have received your request for a personalized demo and will contact you shortly.

Schedule apersonalized web demo

  • By clicking 'Submit', you agree to processing of personal data according to the Privacy Policy.

Disclaimer: ManageEngine does not guarantee the accuracy of any information presented in this document, and there is no commitment, expressed or implied, on ManageEngine’s part to update or otherwise amend this document. The furnishing of this document does not provide any license to patents, trademarks, copyrights or other intellectual property rights owned or held by ManageEngine.