What is most valuable?
The secured vault storage offers great capabilities for structuring and accessing data.
Central Password Manager is useful for agentless automated password management on endpoints.
Privileged Session Manager is good for provisioning, securing, and recording sessions to the endpoints.
How has it helped my organization?
CyberArk provided an audit trail for all account operations, including session recordings for all activities performed with high privilege accounts. It also gave us the ability to define various access controls per group, enabling us to differentiate between internal and external IT staff accessing the accounts.
What needs improvement?
The product documentation could be a little more precise in certain aspects with clearer explanations for functionality limitations. New functionalities or discovered bugs take a little longer to patch. We would greatly appreciate quicker development of security patches and bug corrections.
For how long have I used the solution?
I have been working with CyberArk solutions for 7 years already.
I was involved in many implementations, proofs of concept, operational and development activities. I have worked with or test all CyberArk releases since version 5.5.
What do I think about the stability of the solution?
Unfortunately, I did have some problems with stability caused by not following the recommended configurations. But the recommended configurations are very strict, and it is not always possible to implement in a corporate infrastructure. Interference with other applications can also cause problems with CyberArk components.
What do I think about the scalability of the solution?
We did not have any problems with scalability. Each component of the solution is highly scalable and enables us to quickly increase capacity.
How is customer service and technical support?
Customer service is very responsive and they are willing to help you with any deployment decisions, production issues or just various questions you might have. Technical Support
The technical support was great. They were very responsive and eager to help. We were able to have professional communication and the involvement of all levels of technical personnel as needed.
Which solutions did we use previously?
I used another solution before CyberArk and its limited functionalities were the main reason for switching. We chose CyberArk because of its great functionalities, the ability to be deployed granularly at a different scale for each function, and the ability to be deployed in a distributed infrastructure.
How was the initial setup?
The initial setup is straightforward if you prepare for it properly and test the major functionalities using the configurations that you’ll actually require before you use it in a production deployment.
CyberArk documentation contains a lot of information, so the hardest part is to choose the right setup and deployment strategy.
What's my experience with pricing, setup cost, and licensing?
Plan ahead regarding the licensing costs. You can get a better prices per license as the number of licenses increases. CyberArk is open to providing a test license so you can test any particular functionalities prior to buying the real license.
Which other solutions did I evaluate?
We evaluated ObserveIT and IBM’s Privileged Identity Manager solution, which was still under development back in the times. We chose CyberArk because of its flexible installations, so that it was able to cover most of the deployment scenarios we required.
What other advice do I have?
Study and test it first, before going wild in the production.
It is very easy to create a disaster in production with even the smallest changes.
CyberArk has great resiliency capabilities; use them wherever you can.
Disclosure: My company has a business relationship with this vendor other than being a customer: My current company is a partner with CyberArk for selling the product as a service.
Mar 13 2017