We use this solution for privileged systems access with a high emphasis on security. End users are required to go through a process of being vetted in our NERC environment in order to use the solution. This product has been used by my company for about 3 years now.
How has it helped my organization?
By using this product, it has placed a new culture in my company by making employees more aware of IT compliance and cyber security. It has also placed us in a position to meet NERC CIP v6 requirements.
What is most valuable?
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.
Using the PSMP (Privileged Session Manager Proxy) makes it extremely convenient for UNIX Administrators to utilize their favorite SSH client software (i.e. SecureCRT or Putty) to connect to a privileged target without having to go through the PVWA web login.
What needs improvement?
I would like to see a product enhancement with the Secure Connect feature. Today, there is no functionality to create "Accounts" using Secure Connect to permanently store a user's working tab. It is a tedious manual process of entering host IP information and user credentials to a privileged target system.
Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use. It’s a manual process of entering information all the time. Unless, you are working with accounts already stored in “Safes”.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
We have noticed some stability issues with the PSM Servers. We've noticed that there may be a limitation on the number of users that a PSM Server can handle. We have two PSM Servers deployed in our Production environment and have come to a conclusion that we may need to add two more to stabilize the environment.
An update to the above statement: Upgrading to version 9.9 significantly reduced the stability issues with the PSM Servers and the limitation on the number of users that the PSM can handle.
How are customer service and technical support?
CyberArk could use some improvement with their level of customer service. Sometimes, it can take more than a day before a Case that I have submitted online gets a response from tech support.
The level of technical support has been great. The challenge has been to get an initial response and sometimes follow-up from CyberArk Support.
What about the implementation team?
If you are going to setup CyberArk for the first time, I highly recommend that you utilize their Professional Services. They are extremely knowledgeable and very helpful and will ensure that your implementation is a success.
What's my experience with pricing, setup cost, and licensing?
We use Texas DIR when evaluation and making purchases of products.
What other advice do I have?
We are currently on version 9.10. We would like to upgrade to the latest version sometime this year. There is currently a CyberArk Security Bulleting CA19-09 that addresses potential administrative manipulations within the PVWA and the Digital Vault. CyberArk has released patch 9.10.4 to address the PVWA and they are working on releasing a patch for the Vault Server.
Disclosure: I am a real user, and this review is based on my own experience and opinions.