CA Privileged Access Manager Review

It will provide us with more security


What is our primary use case?

It is for all admins. We need to have a two-factor authentication. So for that, we are using the PAM, Privileged Access Manager product called Xceedium.

We have just put it in QA, so it will go live in production by March or April. 

How has it helped my organization?

It will provide us with more security. Anybody who has access can only get it. It makes admin access more critical. People are not building service accounts. 

It will provide more security and monitoring. 

What is most valuable?

The session recording is useful. We can capture what each of our users are doing.

It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed. It is also isolated from Internet, so there is no way hackers or anybody can come into the systems.

What needs improvement?

We are going to work on Trade Analytics, so we wanted to see how Trade Analytics work and all.

They need to work on some of the enhancements, which we have already given to them. 

They need to have zero tier and active-active setup with zero minimum downtime, which they are working on it. 

For how long have I used the solution?

Still implementing.

What do I think about the stability of the solution?

So far, it is stable in our development and QA. Once we go in production, we will know it. We have just started testing on the products, especially integration testing and performance testing. After that, we will know the stability, and we are putting Splunk and monitoring alerts on right now. 

What do I think about the scalability of the solution?

For scalability, we had some performance issues with the regular virtual jump servers. Therefore, to make the improvement better and all, we ordered bare metal physical servers. This way we will have better results and the performance will be good. 

How is customer service and technical support?

We are using the technical support. We also have a list of all the security enhancements, which are needed. We gave it to CA. They are working on it, and for any issues, we are escalating the issues and working with the product team directly. 

They are really good at answering us quickly. Some of them, they also provided us a patch, and some of them are going into the new version, which is 301, so we are upgrading our environment to 301 now in our development and QA next week. 

How was the initial setup?

It was a straightforward setup.

What's my experience with pricing, setup cost, and licensing?

Cost-wise, CA was better compared to others in the market. 

Which other solutions did I evaluate?

One of the goals for one of our projects this year was to implement Privileged Access Management. We tried different products in the market: Xceedium, CyberArk, etc. This is when we decided on Xceedium. 

All were almost good, but CA's UI was much better. Performance-wise, CA was good. One of the advantages was Unix, which was not on CyberArk. It was more Windows-focused. We have been using Windows and Linux both. 

When we started analyzing different products, CA was really good. They are more proactive every time. 

They really worked hard in the PoC. They made sure all of our use cases are validated, and they would even provide us patches during our PoC. 

What other advice do I have?

Depending on your requirements, you can compare different products and decide what you want. This product so far seems good to us.

Most important criteria when selecting a vendor: Our use cases, all of them, should be validated: the product performance and how the product behaves. We do a full end-to-end PoC to make sure how the product performs. Basically making sure all of the use cases have been satisfied and each have a proactive active-active setup. 

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email