CyberArk PAS Review

Allows secure, logged access to highly sensitive servers and services


How has it helped my organization?

It has made things more complex, but has eliminated the possibility of Pass The Hash.

What is most valuable?

Allows secure, logged access to highly sensitive servers and services.

What needs improvement?

Perhaps by design, but it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No scalability issues.

What do I think about the scalability of the solution?

Yes. The OU limitations, noted above.

How is customer service and technical support?

It's hard to find competent resellers/support.

How was the initial setup?

Complex. Lots of architecture, lots of planning, and lots of education and training are needed. Technically, roll-out isn’t bad. It’s the support, training, education, philosophy, and integration within existing ways of doing things that are challenging.

What other advice do I have?

I’m a consultant. I help implement and train others on how to use it in a highly secure environment.

I’d give it a nine out of 10. It is very, very secure.

Plan for major culture change, especially in non-progressive shops. This is a necessary evil to endure for the sake of real security.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email