Symantec Privileged Access Manager Review

The DB clustering is a really good benefit of this solution.


What is our primary use case?

My primary use case for this solution is for work in data center components. We use it with our data center devices. 

What is most valuable?

The DB clustering is a really good benefit of using CA PAM.

What needs improvement?

An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username. Also, it would be nice to have a single sign-on, but that particular portal doesn't allow any copy/paste.

In addition, I have an additional suggestion. I will give you a scenario. In regards to the licensing, I have some concerns. The NAS team, they want to have 24/7 support. The NAS team is the one actually using this CA PAM. So, the total count is some hundred members. But at other times, the login is 23 members. So it's like a batch. Every 7 hours there is a batch change, so every 7 hours 23 members will change. But when I ask for a licensing part, they are saying we have to take 100 license, not 23 license. Each time I have to ask for 100 licenses, even though I have only 23 members at a time using the solution. If there were any options for concurrent usage of a license, that would be a better option.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I find it is a stable product for our organization. But, we have had to do some debugging sessions occasionally.

Which solution did I use previously and why did I switch?

We have previous experience with CyberArk.

How was the initial setup?

The initial setup was easy and straightforward.

What's my experience with pricing, setup cost, and licensing?

I would prefer better licensing options for the 20-100 users we have at a given time. 

Which other solutions did I evaluate?

We also considered CyberArk.

What other advice do I have?

So when we are trying develop some particular portal, when you are looking with loop-back IP, connecting the backend by a loop-back IP, the response is coming by an actual IP - that's the portal design. Because it is redirecting multiple URLs, the portal designed like in such a way like it will take your input and redirect your many multiple URLs with the connection and respond back to your browser, but the browser always it comes back with the actual IP, not the loop-back IP.  In this case, the CA PAM is working well for us.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest