CA Privileged Access Manager Server Control Review

I like that the access control on the agent. Installation is difficult.

What is most valuable?

The most valuable features are:

  • The access control on the agent
  • Being able to manage what a user can do
  • The password check-in/check-out process

How has it helped my organization?

It gives us the ability to track who is using what ID and for what purpose.

What needs improvement?

I would like to see some improvements, specifically in terms of some set-up items. We have spoken to CA quite a bit about the ability to have 'always-on', or 'active/active' status options, so if the infrastructure goes down, we don't lose transactions. This is very important for the environment and for the users so we cannot really afford any downtime with the solution. We have had problems with deployment, and we are concerned with the possibility for outages and how they can have a negative impact on the environment.

What do I think about the stability of the solution?

The stability is pretty good, but there is some room for improvement. We've already discussed these areas of improvement with CA. Some of the problems we ran into were with installation, but the agent seems to be stable. Some of the connection with the infrastructure is a little bit difficult to maintain sometimes. Overall, I would say it's pretty solid.

What do I think about the scalability of the solution?

It seems to scale well. Since we are a large enterprise, we will be putting that to the test pretty soon.

How is customer service and technical support?

I have used a lot of technical support and I would say that the technical support folks are very good. They are very proficient, professional, and knowledgeable.

Which solutions did we use previously?

We didn’t have a previous solution. This is a brand new thing for us. We knew we needed identity management so we compared several products and this is the one we ended up implementing. I think CyberArk was one of the shortlisted alternatives, but I don't remember the others. In terms of selecting this product, I guess the perception of being ready for enterprise, installation, and operations are probably the main things. We need to perceive that it's going to save us time and provide more security than we already have.

How was the initial setup?

I was involved in the set up and it was not straightforward. It was a difficult installation. As an example, if you don't want to use the standard C:\ drive, it requires a number of workarounds to get it to work on a different drive. The firewall port requirements were not well documented. I've got a pretty long list of things that were challenging. It took us quite a while to install this product to get it to the point where we can repeat it every time.

What other advice do I have?

I would have to warn somebody to basically either have the adequate manpower or plenty of time to deploy it and test it in their labs before they roll it to production. This is necessary because there will probably be some surprises along the way.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Add a Comment
Sign Up with Email