CA Privileged Access Manager Review
We set a rule once, and it can be applied when we add new clients into our cloud environment.

Valuable Features

  • Consolidates access to all the systems
  • Easy to deploy/virtual
  • Records access for troubleshooting issues

Improvements to My Organization

One example of how it has improved the way my organization functions is that before, we had to deal with the firewall rules between domains to control access. With CA PAM, we simply set the rule once, which can be applied when we add new clients into our cloud environment.

Room for Improvement

They need to improve how it scales. We end up adding new “appliances” to scale for large or complex environments.

I run a multi-tenant cloud environment so I cover multiple domains and environments. So, as we grow our customer base by adding more systems, new customers or have different security zones for new applications/systems for customers, we end up having to add more appliances….we can only scale the virtual resources so much before we start hitting the performance thresholds on the appliance and the thresholds we have set with a customer.

By segregating and/or adding new appliances we even out the load and still maintain the performance we want with our customers. Obviously, I am talking about customers that have a higher access than some other companies.

Use of Solution

I have used this solution for roughly a year.

Stability Issues

At the beginning, we did have some stability issues, i.e., until we understood the product, and then the process was better.

Scalability Issues

There were scalability issues. The architecture forces us to add systems - similar to a Cisco model.

Customer Service and Technical Support

The technical support is above average.

Previous Solutions

I have used different systems in the past with other companies that I worked for, so I have been able to compare several of these. CA PAM is the least expensive option than most and is easy to deploy.

Initial Setup

The initial setup/configuration was easy. It was more troublesome in finessing the rule sets/processes that needs to be used, which isn’t a product issue but an internal walkthrough of how we wanted the access to be controlled and in what manner.

Pricing, Setup Cost and Licensing

Negotiate well but more importantly, design your architecture and understand what you will need as you scale (build building blocks).

Other Solutions Considered

We also evaluated One Identity, Centrify and Microsoft PIM.

Other Advice

Make sure you fully vet out what is needed for the complete process, and understand what you need up front for the initial set and what will be added at what trigger points.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a CA MSP Partner.

Add a Comment

Why do you like it?

Sign Up with Email