What is our primary use case?
The primary use case is we want to control the access of the administrator.
We have a lot of the administrators in our organization who have privileged access on the infrastructure, devices, servers, and network devices. We want to control this access, and at the same time, monitor this access. We use it to control privileged access of administrators on infrastructure and security devices, then monitor them from time to time.
How has it helped my organization?
It gives us a lot of control functions, which we were lacking in our organization. The privileged users, who are mostly administrators, are configured on the endpoints. We were not previously able to monitor, review, or control this. Therefore, it gives us a lot of comfort in terms of security level. Now, our infrastructure devices and servers are secured and nobody can have unauthorized access to them. Only the authorized users, whom we provide and approve access during any point of time, can access critical devices and mission critical systems. This is the benefit that we receive from this tool.
What is most valuable?
The best part of this product is the administrator convenience. The portal is very user-friendly. An administrator can use it very easily. This is the most important part of any privileged or anti-management solution. If it is not user-friendly an administrator will not want to use it. It has to be very user friendly and easy to use.
What is a good feature here, just insert whatever target that you want access, then click next, and you will be in the system. I would suggest this should be the most prominent feature for any of the privileged or anti-management system.
What I like on this product: It is very easy, user-friendly, and an administrator can access it at any point in time without any hassle.
What needs improvement?
This product is lacking in terms of dashboarding analytics and should have user behavior analytics. It should also have better dashboarding for executive management and security managers, which this product is missing.
Another important feature where this product is lacking, in terms of the managing the accounts, is in the active directory (provisioning and non-provisioning), or bridging it with the active directory. Thus, it needs anti-bridging.
ARCON needs three important things:
- The user behavior analytics should be there.
- The dashboarding should be improved.
- Anti-bridging should be built into product.
This would make the product a comprehensive privileged R&D product.
In the future, I would like to have a type of functionality for the product with the mobile application. This would be helpful for some of our approvers, so they can approve at any point of time, sitting anywhere in the world when requests come in through the mobile application. Using the app, they can upload requests of the administrator or users. We would like to see this type functionality go on the product roadmap.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
We have never faced any issues with scalability. This product is scalable enough. There are:
- Any number of services that you can add.
- Any number of users who can use it.
- Any number of infrastructure devices which can be added.
How are customer service and technical support?
There are no issues in terms of support for this product.
Whenever we have had an issue, we raise a tech support ticket and immediately their tech support engineers come on a call. They do their best to try to resolve the issue. If they fail, sometimes to resolve the issue, then they work with their product team and come up with a solution immediately. The technical staff are good, and they are not facing hard issues in terms of support, because their technical skills are quite good.
Which solution did I use previously and why did I switch?
We were not using another solution prior to ARCON.
How was the initial setup?
It is not complicated; a very straightforward setup. Whenever they have to upgrade it, it is a 10 minute job. They upgrade the entire thing at one time. We have a two-tier architecture with a Gateway and a back-end application. Everything is deployed on the application, and the Gateway is only to connect to the end system.
It is not multiple servers. It is not jump server technology. It is a very easy setup. You can have two servers and run it at any point of time.
What about the implementation team?
The implementation is very simple. Whenever we have faced any issues, the vendor team can easily come and troubleshoot it, because of the simple setup which they have.
What's my experience with pricing, setup cost, and licensing?
It is good value for our business. According to me, their competitors are more costly. Therefore, it is quite affordable. I find the ARCON to be much cheaper than the other products in the market.
Their licensing model is very simple, as it is based on the number of endpoints which you want to manage along with the number of users and administrators which you want to use. In terms of licensing, they are very flexible, because it is not a hard license. The licensing is simple, and there are only two types licensing: device licensing and user-based licensing.
Which other solutions did I evaluate?
We evaluated many other solutions along with the ARCON. We identified this solution as the best in terms of its accessibility. That is a main point. If an administrator can accept this, and it is very easy to use, it will be a successful product.
We evaluated other products in the market, besides CyberArk. Ultimately, we decided to stick with this product. The cost is also a technical factor apart from the user convenience, which was the prime factor along with user acceptability. These were the two factors that we considered. Then we went ahead with ARCON.
While I have seen other products, and they are very good with dashboarding, reporting, etc. However, the analytics are so complex that the user is not able to use the product. There is a restriction in connection and containerization. You cannot take sessions, because others have taken sessions. Those are the constraints and challenges with other tools.
Those challenges were there with the other tools, which I do not find in this tool. This tool is very simple and straightforward. If you have access, you can access the end system. From the moment our administrator accepted this tool, we did the PoC for this tool and they liked it.
What other advice do I have?
The product is really a good product and a good value for the money, in terms of costs, user convenience, and functionality that they offer. It is a comprehensive, apart from a few things. The dashboarding and analytics are not very good, so they have to work on these two parts. Apart from those, they should have an anti-bridging functionality too. They are lacking only with these few things. I am sure they will be working on these points very soon, and they will be add to the roadmap to bridge the gap.
If any customer is looking for this product, and comparing it with another product in the market, I would suggest that they do a proper PoC. Do not go with marketing and branding terms. They should do proper business cases and give it to their administrators, then ask them to use it for at least a week or 10 days time. Afterwards, they should decide whether they want to ahead with this product or another product in the market.
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Jul 02 2018