We performed a comparison between CyberArk Privileged Access Manager and WALLIX Bastion based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"CyberArk PAM can be easily automated."
"Increased our insight into how privileged accounts are being used and distributed within our footprint."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application."
"This solution is quite stable."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"I like that it's Linux-based, and you don't need to have separate implementations, extra database licenses, or enterprise licenses. I think because it's Linux-based, it's more seamless than Windows. I also like the access manager, which I think is a super tool. Everything is browser-based, and you don't need a VPN. So, that's a great thing."
"Its video recording capabilities have definitely been key for us."
"We use WALLIX Bastion to provide access and to monitor sessions."
"The solution's technical support team is helpful."
"The interface is very simple. It doesn't need any plug-ins, just browsers that are installed at the beginning."
"WALLIX Bastion's most valuable feature is the Access Manager because you can use it and access the data center without any client VPN."
"The support is great. They offer 24/7 support, but the specific level of support depends on your subscription. There's a weekday-only option, and a 24/7 option that covers all days of the week. They also have offices in different regions, including West Africa, so people there can easily get support. There's no need to worry about getting assistance."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"I would like to see improvement in the custom connector for integration with different devices."
"One of the main things that could be improved would be filtering accounts on the main page and increasing the functionality of the filters. There are some filters on the side which are very specific, but I feel there could be more."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"The initial setup has room for improvement to be more straightforward."
"It would be better if I could manage multiple accounts in one place, like CyberArk. With WALLIX, you can only manage one account, and you are given a separate category. You have to click on each connection to do anything. For example, CyberArk might give three options for one connection if you want to have an interactive user-level experience. But with WALLIX, you have to click three times to get that access. Also, the biggest disadvantage of WALLIX is the reporting. I feel like it's very weak in reporting when compared to the other solutions. As a solution, they're good and stable. But they need to make their reports neater and better. Right now, we're going to the console and then pressing buttons every single time."
"For me, the main issue has to do with the system performance itself."
"The performance of WALLIX Bastion's password manager is very low."
"The product doesn't have behavior analytics. They promised to develop this, but only for the cloud, not for on-premise versions."
"There could be more automation features for the solution."
"WALLIX Bastion is GUI-driven, but it sometimes needs some management."
"Based on my experience as a sales tech person, one area of improvement could be a more unified licensing model."
"The password management needs improvement. Management of Access Manager should be improved as well."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while WALLIX Bastion is ranked 9th in Privileged Access Management (PAM) with 8 reviews. CyberArk Privileged Access Manager is rated 8.8, while WALLIX Bastion is rated 7.8. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of WALLIX Bastion writes "Used to provide access and to monitor sessions". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, One Identity Safeguard and ManageEngine PAM360, whereas WALLIX Bastion is most compared with BeyondTrust Privileged Remote Access, One Identity Safeguard, Fudo PAM, Delinea Secret Server and Teleport. See our CyberArk Privileged Access Manager vs. WALLIX Bastion report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
