CyberArk PAS Review

Third-party teams are able to connect to the end-points in a secure and isolated manner without needing to know any end-point credentials


What is our primary use case?

The main usage of our implementation is to limit the credentials exposure to our third-party teams. They are able to connect to the end-points in a secure and isolated manner without needing to know any end-point credentials.

How has it helped my organization?

Our third-party teams are able to connect to the end-points in a secure and isolated manner without needing to know any end-point credentials. Besides this, end-points themselves are back in control when the passwords are managed by the CPM.

What is most valuable?

The two main features are the CPM and the PSM. This is to make sure that the credentials are managed in a controlled manner and the sessions that are launched are set up in an isolated way.

What needs improvement?

We are aware that in 10.6, the "just in time" access has been created. I would like to see this developed further.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The vault is almost a set-and-forget solution. Once the vault has been installed and configured, not much needs to be done in there apart from the occasional upgrade.

What do I think about the scalability of the solution?

The environment is very easy to scale out. Especially running the CPM and PSM components in a load balanced virtual environment gives you the flexibility to quickly expand the environment.

How are customer service and technical support?

This has been excellent for me. They always replied quickly, and most of the time the issue was resolved. The only downside — as soon as a ticket goes to the R&D engineers, you will have to wait a bit.

If you previously used a different solution, which one did you use and why did you switch?

We did not use a PAM product before this.

How was the initial setup?

The initial setup (for a UAT environment) was straightforward. During the planning of the PROD environment, it became a little more tricky with different network segments and method for accessing the environment itself.

What about the implementation team?

We had a combination of in-house (with training), vendor (CyberArk) and third-party vendor. The third-party vendor Computacenter helped us with creating some design and documentation. I would not recommend this third-party to other people as they did not fully work with us and listen to our requirements.

What was our ROI?

We are still rolling out in our environment which makes the ROI difficult to calculate.

What's my experience with pricing, setup cost, and licensing?

Make sure to use the latest licensing model as that will give you most of the "cool" features to work with.

What other advice do I have?

One of the most important aspects is to ensure that the business is behind the solution. CyberArk suite will only work well if all users adopt the system.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email