We performed a comparison between CyberArk Privileged Access Manager and NetIQ Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We utilize PTA, and we are now integrating that into our risk management program so we can identify the uses of the vault which are outside of the norm, e.g., people accessing after hours. It has reduced the amount of time that we are looking through logs and audit logs."
"It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"CyberArk has the ability to change the credentials on every platform."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"You can gradually implement CyberArk, starting with more easily attainable goals."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"The features that we have found most valuable with NetIQ Access Manager are its single sign-on and two factor two second factor database."
"The most valuable features of NetIQ Access Manager are SSO and Multi-Factor Authentication."
"There are lots of options to customize the solution to your needs."
"It's very easy to integrate with applications."
"The single sign-on feature is excellent."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"The turnaround time for technical support is lengthy."
"There is a bit of a learning curve, but it's a pretty complex solution."
"Some of the additional features that we are looking at are in the Conjur product. I am specifically discussing key management, API Keys, and things for connecting applications in the CI/CD pipelines."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"In terms of what could be improved, I would say the security of the infrastructure and the server and the working networking device."
"Classification of junctions and new versions of applications, such as APIs, can be added to enable the use of more devices that utilize biometrics for Multi-Factor Authentication to improve the solution."
"Having the ability to easily extract and view and compare and version control configurations would be ideal."
"The application portal could be improved with more options and easier customization."
"I would love to see the upgrade procedure handled more effectively. I would prefer to have OVS installation possibilities, although the upgrade procedures should include the OS as well. You should be able to use the whole application as an appliance."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 143 reviews while NetIQ Access Manager is ranked 14th in Access Management with 5 reviews. CyberArk Privileged Access Manager is rated 8.8, while NetIQ Access Manager is rated 8.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of NetIQ Access Manager writes "A mature, powerful product with good integration capabilities". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas NetIQ Access Manager is most compared with Okta Workforce Identity, Microsoft Entra ID, Auth0 and Symantec Siteminder. See our CyberArk Privileged Access Manager vs. NetIQ Access Manager report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.