What is most valuable?
The most valuable feature is the password Vault which gives the administrator control over privileged accounts. The other components that are valuable are Private Session Manager, OPM, Viewfinity, and AIM, which came as an add-on to the organisation's needs. The ability to start the project, install and add the passwords in just a few days brings a big advantage for CyberArk.
How has it helped my organization?
The client can see all the users sessions through PSM, and can protect the applications on servers using AIM. Also, the Privileged Threat Assessment helps the organisation to see all the account risks, including accounts not managed by CyberArk, and accounts/machines with unusual behavior, etc.
What needs improvement?
The DNA scan should be able to scan Unix machines for privileged accounts.
For how long have I used the solution?
PIM tested in the last 2 years.
What was my experience with deployment of the solution?
We didn't have any issues with the deployment.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
I didn't have any issues with the stability. I usually recommend the client to increase the system requirements with 10%.
How are customer service and technical support?
Customer service is OK in Romania. Technical Support
I had direct contact with the local team and they are OK.
Which solution did I use previously and why did I switch?
How was the initial setup?
Straightforward when you have the use cases and a SoW. Usually you follow the Installation Manual, and perform the after-installation tests, and you are sure that everything is OK. The only issue I had was with the anti-virus that was left on the server and that deleted some PSM files. You must always double-check the prerequisites, as you can have some surprises with the GPO that overrides your settings.
What about the implementation team?
I was part of the implementation team with support from the vendor.
Which other solutions did I evaluate?
We also looked at BalaBit Shell Control Box.