Cyber ark

CyberArk Privileged Account Security Review
The ability to start the project, install and add the passwords in just a few days is valuable.

Valuable Features

The most valuable feature is the password Vault which gives the administrator control over privileged accounts. The other components that are valuable are Private Session Manager, OPM, Viewfinity, and AIM, which came as an add-on to the organisation's needs. The ability to start the project, install and add the passwords in just a few days brings a big advantage for CyberArk.

Improvements to My Organization

The client can see all the users sessions through PSM, and can protect the applications on servers using AIM. Also, the Privileged Threat Assessment helps the organisation to see all the account risks, including accounts not managed by CyberArk, and accounts/machines with unusual behavior, etc.

Room for Improvement

The DNA scan should be able to scan Unix machines for privileged accounts.

Use of Solution

PIM tested in the last 2 years.

Deployment Issues

We didn't have any issues with the deployment.

Stability Issues

The product is very stable.

Scalability Issues

I didn't have any issues with the stability. I usually recommend the client to increase the system requirements with 10%.

Customer Service and Technical Support

Customer Service:

Customer service is OK in Romania.

Technical Support:

I had direct contact with the local team and they are OK.

Previous Solutions


Initial Setup

Straightforward when you have the use cases and a SoW. Usually you follow the Installation Manual, and perform the after-installation tests, and you are sure that everything is OK. The only issue I had was with the anti-virus that was left on the server and that deleted some PSM files. You must always double-check the prerequisites, as you can have some surprises with the GPO that overrides your settings.

Implementation Team

I was part of the implementation team with support from the vendor.

Other Solutions Considered

We also looked at BalaBit Shell Control Box.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementation partner with CyberArk.
2 visitors found this review helpful
1c258dfa 4280 450b bd6c 95acffee2af7 avatar2bfe2e9



We have CyberArk PAS implemented within our company for the past 5 months now and getting accustomed to the daily operational tasks involved with administering the application. We are running ours in an HA implementation running on VMware with Windows 2012 R2 servers. One of the biggest hurdles we had to get over was the configuration of the Vault Servers to use SHA-2 (SHA-256) security certificates. We are using RSA (RADIUS) two-factor authentication for end users to use CyberArk.

Like (0)04 July 16
Birzu alexandru adrian li?1414334311
Birzu Alexandru-AdrianConsultantTOP 5POPULAR

Did you try the 9.7 version? CyberArk changed the HA configuration for windows server 2012 R2, and they use their proprietary Secured Cluster Vault. With this version MS Cluster will not be supported with Windows 2012. They will keep the old clustering system only for Windows 2008. Maybe this mode helps your security policies.

Like (0)04 July 16
89343959 c66d 4e1d a2f5 d1c0d2b63f32 avatar

Currently I am facing an issue in CyberArk HA with MS Clustering. Issue is that node 1 services are going down automatically and node 2 is taking time to come up. Due to this delay DR server also get active and then conflicting with node 2 EPV. During initial investigation I saw that there is timed out issue occurring between DC's and EPV's. I further investigating it however i am also seeking some help if any one had this issue before.

Like (0)22 July 16
A5223938 eed9 42af 9f16 9a9bd1568f21 avatar
Orlee GillisCommunity Mgr

Tanmay, have you been able to make progress in your investigations of how to solve the difficulties you've been having with MS Clustering?

Like (0)06 October 16
Anonymous avatar x30
Why do you like it?

Sign Up with Email