We performed a comparison between CyberArk Privileged Access Manager and Netgate pfSense based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."
"The ability to develop and deploy applications with no stored secrets is very valuable."
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"The key aspects of privileged access management are being able rotate passwords, make sure someone is accountable, and tie it back to a user (when the system is being used)."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level."
"This is a complete solution that can detect cyber attacks well."
"The solution is very easy to use and has a very nice GUI."
"A free firewall that is a good network security appliance."
"Its reliability and cost-effectiveness stand out."
"We've found the stability to be very good overall."
"The initial setup was straightforward, therefore I wanted to continue using the product."
"It is a stable solution."
"The initial setup is not complex."
"Is good at blocking IP addresses."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"What could be improved in CyberArk Privileged Access Manager is the licensing model. It should be more flexible in terms of the users. Currently, it's based on the number of users, but many users only log in once in four months or once in five months. It would be great if the licensing model could be modified based on user needs. We even have users who have not logged in even once."
"There is a learning curve when it comes to planning out the deployment strategy, but once it is defined, it runs itself."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"Initially, there was a lot of hiccups, because there were a lot of transitions due to manual installations."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"It is not centrally managed, where you log into the website and can see all your services there. We would like to be able to see is all the configurations from a central interface on all our pfSenses."
"If a user doesn't have a large amount of experience in Linux systems, they will have problems using this solution. Users need to be highly skilled in troubleshooting competency. Users who do not have such skills will find the product difficult to use."
"They can improve the dynamic of the input of IPs from outside."
"The product could offer more integrated plugins."
"I would like to see pfSense integrate WireGuard. Currently, pfSense uses OpenVPN, and there's nothing wrong with it, but WireGuard is a lot leaner and meaner."
"It requires more attention to provide a better alternative for open source to small government or educational institutions with reduced budgets in terms of technology."
"Adjustment in the interfaces: I had to adjust those interfaces manually and of course that is a great feature that you can restore it but it is immediately also one point for improvement. If you don't have to adjust, if it's just stamped and it works, that's great."
"User interface is a little clumsy."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 143 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. CyberArk Privileged Access Manager is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Netgate pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, KerioControl and Sophos UTM.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.