Any recommendations moving from iiq to isc

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Hi sailors
we are moving from sailpoint iiq to sailpoint isc what are the recommendations you suggest to follow

2

check these
first of all check what are their actual capabilities and try to replicate those one in ISC.
In case you are migrating for IIQ to ISC, keep in mind that you are not going to have the same capabilities, but the main structure is exactly the same.

4 Likes
3

Note : these i pasted from @KRM7
Hey Sailor,

Thinking to start building your ISC/IDN tenant from scratch, don’t know where to start ?

No problem, I got you covered. below are the steps in high level you need to consider.

  1. Creation of administrative accounts in IdentityNow Admins Source
    β†’ Create all your teammates as admins, once your HR source is onboarded, remove all your teammates except one or two or a break glass account.
  2. UI Customization
    β†’ Change the logo and colors, won’t take much time
    β†’ You need to add no-reply email address from SailPoint to your org email
    β†’ Add the domain, verify it using DNS
  3. Install Virtual appliance
    β†’ Make sure you have 2 in PROD, 1 is enough in Sandbox
    β†’ Make sure the ports are opened
  4. Install IQ Service
    β†’ I believe your org uses AD, so go for it.
    β†’ 1 for PROD and 1 for Sandbox is enough unless you have a lot of users and more AD based applications
    β†’ However in Sandbox 1 is enough
  5. Integrate Authoritative source
    β†’ Source configuration
    β†’ Account Schema
    β†’ Correlation
    β†’ Test connection
    β†’ Account Aggregation
    β†’ Schedule Aggregation
  6. Identity Profile creation for Authoritative source
    β†’ Create IDP with priority lesser than (number higher than) Identity Now admins IDP which is default
    β†’ Identity Profile settings
    β†’ Mappings
    β†’ LCS Provisioning
    β†’ You need to decide how many LCS you need, I suggest Prehire, Active, Inactive, and Deleted.
  7. Searchable attributes
    β†’ We can make attribute searchable a max of 15, so we need to carefully choose attributes
  8. AD connector Integration
  9. Other connectors based on priority
    β†’ Source configuration
    β†’ Entitlement and account aggregation
    β†’ Create Account Provisioning Policy form
    β†’ Handle attribute sync for all sources, for HR source you might need to sync email address
    β†’ Set if you need to send email notification when a user account is provisioned
  10. Password Policies
  11. Access Model
    β†’ Create Access Profiles
    β†’ Create Roles (Request and condition based)
  12. Email Template Customization
    β†’ You need to edit OOTB email templates
  13. Governance Groups
  14. Segments
  15. Applications
  16. Reports
    β†’ Subscribe to reports for various purpose
  17. Certifications
  18. SoD Policies
  19. Workflows
  20. Replication in PROD
    Use Configuration Hub and VS code extensions to replicate configs in PROD

There will be some more like Transforms and Rules development which you will come to know as the work progress.

Hope this helps you
[/quote]

4 Likes