We performed a comparison between CyberArk Privileged Access Manager and F5 BIG-IP Access Policy Manager (APM) based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It supports lots of requirements in the privileged access management area."
"We are utilizing CyberArk to secure applications, credentials, and endpoints."
"Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"The biggest feature is the security of the overall solution. It's very secure. The vaulting technology and the number of security layers involved in the vault, where privileged accounts are actually stored, is the heart of the solution."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"It is a robust product."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"Our customers have never complained about the stability"
"The load balancing features are valuable."
"The product allows us to create customized portals for your users."
"The solution is stable and reliable."
"The portal access was very good."
"We have seen a return on investment from F5 BIG-IP Access Policy Manager. It provided access at a time when we didn't have it."
"The most valuable feature is the virtual IP creation. It's our most frequently used feature."
"The tool is reliable and easy to configure."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"It is easily customized, and that customization makes it very easy to start trying to shoehorn the solution into roles it was never intended to fill."
"We do not have knowledgeable support teams locally."
"F5 BIG-IP Access Policy Manager has room for improvement in integration with other products."
"Cloud services are something that F5 Access Policy Manager could do better"
"Integrating identity providers and single sign-on solutions can simplify user authentication and access control."
"The solution is quite costly."
"The solution’s GUI looks very old."
"F5 BIG-IP APM disconnects when you leave it for long enough, but that is natural for IT solutions to do. That's a little bit frustrating."
"The price of this product can be improved."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More F5 BIG-IP Access Policy Manager (APM) Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while F5 BIG-IP Access Policy Manager (APM) is ranked 5th in Access Management with 13 reviews. CyberArk Privileged Access Manager is rated 8.8, while F5 BIG-IP Access Policy Manager (APM) is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of F5 BIG-IP Access Policy Manager (APM) writes " Facilitates packet inspection, modification, and offloading and offers visibility and troubleshooting capabilities, allowing for pre-production server testing". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and CyberArk Endpoint Privilege Manager, whereas F5 BIG-IP Access Policy Manager (APM) is most compared with Citrix Gateway, Ivanti Connect Secure, Cisco ISE (Identity Services Engine), Microsoft Remote Desktop Services and Microsoft Entra ID. See our CyberArk Privileged Access Manager vs. F5 BIG-IP Access Policy Manager (APM) report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.