We performed a comparison between CyberArk Privileged Access Manager, Netgate pfSense, and Palo Alto Networks WildFire based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."Ensures accounts are managed according to corporate policies."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"Provides improved security around having your credentials locked down and rotated regularly."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"The credentials management capability is key to ensuring that the credentials are kept secure and that access to them is done on a temporary and event-driven basis."
"It supports lots of requirements in the privileged access management area."
"Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."
"Its reliability and cost-effectiveness stand out."
"Great extensibility of the platform."
"This solution has helped our organization by protecting our network from attacks."
"We generally use it because it's cheap. When we need something more robust we use Barracuda and Sony Wireless Routers. For certain clients, we use pfSense because it's compatible with the VoIP platform."
"The initial setup is easy."
"Super easy to manage. Anyone who has been working with firewalls can handle it."
"The interface is straightforward and easy to use."
"It is easy to use and has integrity with other systems, such as proxies and quality of service."
"Using WildFire has reduced the number of viruses and the amount of malware that comes into our system, which means that I don't have to rely on the end-users to identify it."
"It is stable and pretty much scalable."
"The analysis is very fast."
"The most valuable feature is the Automatic Verdict, to recognize whether something is a threat, or not."
"The most valuable feature for us is the VPN."
"What I like about Palo Alto is that it is a complete product, with everything in it."
"Remote access is excellent."
"The most valuable features of this solution are sandbox capabilities."
"The web access piece needs improvement. We have version 9.5 or 9.9.5, and now we have to upgrade to version 10."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"There is a bit of a learning curve, but it's a pretty complex solution."
"The greatest area of improvement is with the user interface of the Password Vault Web Access component."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"The interface on version 9 looks old."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"We have not had any problems with it, and we also do not have a need for any new features. If anything, its reporting can be better. Sophos has better reporting than pfSense. Sophos has more detailed information. pfSense is not as detailed. It is summarized."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"ClamAV AntiVirus can cause some crashes. That service should be improved."
"The main problem with pfSense is that we have to use proxy solutions."
"I would like to see SD1 integration into the software. That would be fantastic."
"In terms of areas of improvement, the interface seemed like it had a lot. The GUI interface that I had gotten into was rather elaborate. I don't know if they could zero in on some markets and potentially for small, medium businesses specifically, give them a stripped-down version of the GUI for pfSense."
"More documentation would be great, especially on new features because sometimes, when new features come out, you don't get to understand them right off the bat. You have to really spend a lot of time understanding them. So, more documentation would be awesome."
"Also, simplifying the rules for the GeoIP. Making it simpler to understand would be an improvement."
"Other vendors have some sort of bandwidth management built into the firewall itself and Palo Alto is missing that."
"The automation and responsiveness need improvement."
"The support is good but they could be faster."
"Our main concern is that everything has to be synced with the WildFire Cloud and has to be checked through the subscription."
"When comparing this solution to others it is not as good overall."
"They should make their user interface a little more user-friendly."
"The global product feature needs improvement, the VPN, and we need some enhanced features."
"Palo Alto Networks WildFire should be more real-time in nature. The signature updates should happen in a minute or less than a minute to be a very good feature for the customer."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
