We just raised a $30M Series A: Read our story

ARCON Privileged Access Management OverviewUNIXBusinessApplication

ARCON Privileged Access Management is the #5 ranked solution in our list of top Privileged Access Management (PAM) tools. It is most often compared to CyberArk Privileged Access Manager: ARCON Privileged Access Management vs CyberArk Privileged Access Manager

What is ARCON Privileged Access Management?

ARCON PAM is a full blown Privileged Access Management solution. It has a robust password vaulting technology that comes with AES- 256 Database encryption. Dual Factor Authentication, 4Eye Authentication functionalities and Granular Access Control enables an enterprise to block any unauthorized access attempt to critical information assets. All access is based on “Need to know” and “Need to do” basis. It has the largest connector stack. Its Single Sign On enables seamless access to a host of devices with just a single click.

The Solution enables an enterprise to monitor and analyze advanced threats in a real time. It has the best-in-class real-time threat analytics. It provides comprehensive audit trails and session recordings to ensure that all activities are tracked and these logs are encrypted and separately stored creating a legal hold.

Further, it has a highly scalable architecture that easily integrates with Third Party SIEM Solutions. It also supports cloud environment.

ARCON PAM is full-functionality solution at the most optimum pricing. More than 250 global enterprises spanning wide-ranging industries such as Banking, Financial Services and Insurance (BFSI), Government Organizations, Media, Health Care, and Fintech have deployed ARCON PAM as of today.

While the company continues to be a leader in India and the Middle East, it has gained a solid traction in Africa and APAC market thanks to its well-distributed global channel network and strong industry reputation it enjoys in the cyber security domain.

ARCON Privileged Access Management is also known as ARCON ARCOS, ARCON PAM.

Buyer's Guide

Download the Privileged Access Management (PAM) Buyer's Guide including reviews and more. Updated: September 2021

ARCON Privileged Access Management Customers
RAK Bank, AXIS Bank, Reliance Capital, Kotak Life Insurance, MTS
ARCON Privileged Access Management Video

Archived ARCON Privileged Access Management Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
FH
Senior Consultant (e-Governance) Leveraging ICT for Growth, Employment and Governance at Bangladesh Computer Council
Real User
Auto-discovery, access control, and privilege management are valuable features of this tool

What is our primary use case?

Multi-user, multi-OS, multi-database, and multi-hardware platforms Cisco, Huawei, IBM, HP, Dell, etc. Lots of networking equipment including F5 Networks.

How has it helped my organization?

It helps in managing privileged access management as well as password management. Auto-discovery Access control.

What is most valuable?

Auto-discovery Access control Privilege management Security controls Identity discovery Usage of privileged accounts Time of sessions and monitoring of sessions.

What needs improvement?

Security Access management Illegal activity finding.

For how long have I used the solution?

Still implementing.

What do I think about the stability of the solution?

Good.

What do I think about the scalability of the solution?

Good…

What is our primary use case?

  • Multi-user, multi-OS, multi-database, and multi-hardware platforms
  • Cisco, Huawei, IBM, HP, Dell, etc.
  • Lots of networking equipment including F5 Networks.

How has it helped my organization?

  • It helps in managing privileged access management as well as password management.
  • Auto-discovery
  • Access control.

What is most valuable?

  • Auto-discovery
  • Access control
  • Privilege management
  • Security controls
  • Identity discovery
  • Usage of privileged accounts
  • Time of sessions and monitoring of sessions.

What needs improvement?

  • Security
  • Access management
  • Illegal activity finding.

For how long have I used the solution?

Still implementing.

What do I think about the stability of the solution?

Good.

What do I think about the scalability of the solution?

Good.

How are customer service and technical support?

Good.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

Good.

What about the implementation team?

Yes.

What was our ROI?

It's not yet calculated.

What's my experience with pricing, setup cost, and licensing?

No.

Which other solutions did I evaluate?

No.

What other advice do I have?

No.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
RY
Systems Engineer at a tech services company with 10,001+ employees
Real User
Automates and encrypts our password management, but upgrades are not straightforward

Pros and Cons

  • "Previously, we had to go through some effort to change the credentials of our devices. The process was subject to human error... For things like managing credentials, some kind of register had to be maintained. With the Password Vault of ARCON, all these processes are automated. The credentials are changed, as per the schedule. The information is encrypted, kept in our vault, and sent to all the email addresses within the ARCON solution itself."
  • "Currently, we can manage only the SSH or RDP connections, but there are many more devices that are present, apart from our SSH and RDP. We want all this to be part of the ARCON solution. For the password management, they should increase the pool of supported devices, they should have more connectors."
  • "Currently, along with the upgrade of the ARCON solution, we have to consider the desktops and the endpoints from where the solution will have to be accessed. We have to upgrade those endpoints and desktops as well. So upgrades are not smooth."

What is our primary use case?

We're using it for managing the access to our devices; privileged administrative access to the devices is handled through ARCON.

How has it helped my organization?

Previously, we had to go through some effort to change the credentials of our devices. The process was subject to human error. For example, if someone missed the schedule, the password would not be changed. For things like managing credentials, some kind of register had to be maintained.

With the Password Vault of ARCON, all these processes are automated. The credentials are changed, as per the schedule. The information is encrypted, kept in our vault, and sent to all the email addresses within the ARCON solution itself.

It has helped us in automating all the work we do. For instance, it helps us in forensic analysis. It helps us find out who has done what; what was done by the user. Also, managing the accounts on the devices has become easier.

What is most valuable?

The most valuable features are the password management and the logs that are captured. We use both extensively.

What needs improvement?

Currently, we can manage only the SSH or RDP connections, but there are many more devices that are present, apart from our SSH and RDP. We want all this to be part of the ARCON solution. For the password management, they should increase the pool of supported devices, they should have more connectors.

They have to work on their tech support. 

In addition, they have to consider that upgrades should be easy for the administrators. Currently, along with the upgrade of the ARCON solution, we have to consider the desktops and the endpoints from where the solution will have to be accessed. We have to upgrade those endpoints and desktops as well. So upgrades are not smooth.

They also have to work on a cloud solution, because most things are going towards the cloud. A cloud integration should be considered in ARCON. We have not seen one up until now.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We have not encountered any major problems with the product. We are able to use it without any problem.

What do I think about the scalability of the solution?

We haven't had any scalability issues.

How are customer service and technical support?

They need to improve on technical support, because ARCON has become a critical application. They should provide 24-hour support. But we've observed, in many scenarios, we don't get the support we need until the managers are involved. So they have to improve on the tech support.

Which solution did I use previously and why did I switch?

We started with ARCON because a few of our projects were using it and, when we were thinking in the direction of adopting a PAM solution, we got recommendations from the projects that we should consider it.

How was the initial setup?

The initial setup was straightforward. We had a team that helped us in deploying the solution. While deploying the solution, they planned the architecture and the information they would be needing. They provided that to us beforehand and, post-deployment, they arranged training for the team on two occasions.

What's my experience with pricing, setup cost, and licensing?

The product's pricing is a good value. It's appropriately priced. The product has all the required features. It doesn't work in some of the areas but, overall, it's pretty good.

Which other solutions did I evaluate?

We considered CyberArk and CA PAM.

What other advice do I have?

My advice would depend on how your administrators are placed, because it depends a lot on the desktop that they're using. It has dependencies on the .NET framework the ActiveX version. So, if you have a uniform environment, and it's very easy to upgrade the endpoints, then ARCON could be considered. Because, for any upgrade of the ARCON solution, an upgrade of the endpoints is required, for the desktops. It's from there that the administrator will be accessing the ARCON solution. It is a little complex. But if you have a uniform environment, you should consider ARCON.

It has all the capabilities and the customization is easy, but there are the problems with tech support and upgrading the solution which has a lot of dependencies. Because of those dependencies, we cannot consider deploying the upgrade quickly.

It has positive and negative points.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Find out what your peers are saying about ARCON, CyberArk, Broadcom and others in Privileged Access Management (PAM). Updated: September 2021.
542,608 professionals have used our research since 2012.
Praveen Yadav
Information Security Professional at a energy/utilities company with 10,001+ employees
Real User
Our administrators are more conscientious due to the recording feature

Pros and Cons

  • "One important feature is the administrator access, mainly for Windows machines as well as Linux machines. It is important for us because there is accountability associated with each user ID. And the recordings are also helpful."
  • "It should be browser-agnostic and, frankly, it is working well on Internet Explorer. It should work on popular browsers like Mozilla and Firefox."
  • "I would like to see a "wild card" kind of a feature or something that would enable us to search the video."
  • "It would be helpful to have a "Favorites" list. For example, if I have 100 servers but I only go to 10 servers frequently, a Favorites list would allow me to go through those ten servers only."

What is our primary use case?

Primary use is to control Microsoft administrators.

How has it helped my organization?

It has improved our government compliance score in terms of audits. Auditors used to ask this basic question: Who has done what? We never had an answer because everyone was logging in using a common ID.

The second improvement is the discipline that has developed in the administrators. They definitely want to do things in the right manner and nobody wants to do anything wrong because the recording is going on and everybody knows that they are being watched.

What is most valuable?

One important feature is the administrator access, mainly for Windows machines as well as Linux machines. It is important for us because there is accountability associated with each user ID.

And the recordings are also helpful.

What needs improvement?

There are a few improvements that could be made. One is that it should be browser-agnostic and, frankly, it is working well on Internet Explorer. It should work on popular browsers like Mozilla and Firefox.

Also, I would like to see a "wild card" kind of a feature or something that would enable us to search the video.

Finally, it would be helpful to have a "Favorites" list. For example, if I have 100 servers but I only go to 10 servers frequently, a Favorites list would allow me to go through those 10 servers only.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The product is very stable. We have not faced any issues in terms of stability.

What do I think about the scalability of the solution?

The scalability depends on the internal hardware. The software can handle a number of users and a number of servers. We started with about 100 servers. Now, we are around 900 servers. We have not found any issue in terms of scalability.

How are customer service and technical support?

We can call them, submit a ticket, they can remote in. I haven't seen any issue with the technical support.

Which solution did I use previously and why did I switch?

This was the first solution we started using.

How was the initial setup?

The setup is quite simple. The only thing that is complex about the implementation is in terms of culture. Regarding the software setup, there's no problem. It's purely a standard software installation. Nothing outstanding about it.

What was our ROI?

In terms of quantity, I have not measured the ROI. But in terms of quality, I would put it more in terms of the man-hours my people wasted in complying with whatever requirements there were. With this solution, we have been able to do away with all those man-hours and do things in a very straightforward way. We look at ROI more in terms of the usability and how it makes our life simpler.

What's my experience with pricing, setup cost, and licensing?

I definitely feel the product's pricing is a good value. It is one of the best products we have.

The licensing is server-based.

Which other solutions did I evaluate?

We had choices other than Arcon and we shortlisted a few products. We had selected a Dell solution, Arcon, and one other product. Then we went to a tendering process to learn about pricing. Ultimately whoever would quote the best price would get the order.

What other advice do I have?

I would advise, during the implementation itself, in the beginning, to start with the 20 servers only. Then test it thoroughly, not as a product but, rather, the implementation methodology. What happened with us, during implementation, was that some users caused some problems. Actually, they weren't problems, rather they were more a user culture change, and how integration would happen with the SIM.

I would rate this solution at eight out of 10. It's a good product to have but it's not a 10 because most of the features don't get implemented. It would be helpful if they could arrange it so that the customer can implement features. They should conduct meetings and tell the users, as a group, about the features that should be implemented. Also, the customer's information should be available immediately to the support team so that support can be deployed immediately.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Rajesh Gurikar
Manager, RPA at a financial services firm with 51-200 employees
Real User
Gives us excellent compliance features, including reports and server-change records

Pros and Cons

  • "For compliance, each change I do, in each of the servers, is clearly recorded. We recently faced an audit and this was an awesome feature. Even our auditor had praise for it saying, "This is really a good feature.""
  • "The user interface, overall, is really good. If I have some 20 servers in my ID, I can easily see for which servers I have read-only access, for which servers I have prompt-access, and for which servers I have server admin access."
  • "There are no APIs readily available... I'm working on automation for ARCON so that whatever the ARCON administrator is doing will be automated, rather than having to do it manually. For that, I had to spend months to get the API developed myself. Having that handy out of the box, that would really help..."

What is our primary use case?

We use it to access all the servers.

How has it helped my organization?

From the administrative point of view, there are cases that I have automated. I used to have to log in to all the servers. Now, it's really simple to work.

For compliance, each change I do, in each of the servers, is clearly recorded. We recently faced an audit and this was an awesome feature. Even our auditor had praise for it saying, "This is really a good feature."

What is most valuable?

In terms of automation, there are a number of cases, ARCON-related, where we are automating. It could be user-creation or services-creation inside ARCON. There are wonderful features which have really helped me a lot to automate things.

Also, a helpful feature from the compliance perspective is the reporting. Suppose there is one server and I want to know what are all the types of access to it. Suppose there are some 10 users who are using that server. I can easily fetch a report showing, for example, that there are two users who have server admin access; there are three users who have read-only access; there are five users who have prompt-access.

The connectivity of the user interface is really awesome. It is segregated properly. I don't know exactly how ARCON looks out of the box but ours has a little bit of customization. The user interface, overall, is really good. If I have some 20 servers in my ID, I can easily see for which servers I have read-only access, for which servers I have prompt-access, and for which servers I have server admin access. 

What needs improvement?

There are no APIs readily available. There are hundreds of products available on the market. It could be many applications, not just the server gateway. For many applications, by default, we will get the API. Let's say I'm trying to integrate "XYZ" application with another application. When we do that, usually, we look for APIs. But ARCON does not have the APIs readily available. Having that, for a complete end-to-end solution, would really help. 

As I mentioned, I'm working on automation for ARCON so that whatever the ARCON administrator is doing will be automated, rather than having to do it manually. For that, I had to spend months to get the API developed myself. Having that handy out of the box, that would really help, because what I am doing is not limited or restricted to the three or four cases. I'm going to automate the complete end-to-end solution of ARCON administration in our organization. So having an API would really help me.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Performance-wise, we recently upgraded. Since that upgrade, the performance has been really good. Now, I truly don't see any issues. So far so good.

There were some small glitches earlier but they have been sorted out now. There was a little bit of slowness where, when I was trying to log in to a server it used to keep saying, "loading, loading," but that has been resolved. There was another issue where I would log in to a server, but the moment I logged in, I would get disconnected. That has also been resolved. There was one more issue where, when I tried to log in to a server and key in the credentials, the credentials were not entered into ARCON. And then, due to the multiple attempts, the ID would become blocked. But that has also been sorted.

How are customer service and technical support?

The product team, the support team is readily available, 24/7. We have direct contact. If there are any issues, I get direct support. I don't see any issue there. Overall, the tech support is very good. They are very supportive, and we are getting immediate support.

Which solution did I use previously and why did I switch?

I don't recall the name of the product, but we switched because of a lot of performance issues. With that product, we used to get a lot of customer complaints as well as user complaints saying that they would be in the middle of some production activity and the performance would be very slow, causing the production activity to be delayed.

How was the initial setup?

I cannot comment on the initial setup because it was done by our system admin team along with support from the ARCON team. 

We recently upgraded. There were no issues during that implementation. Our own support team was readily available, on-site, to implement it.

What's my experience with pricing, setup cost, and licensing?

Although I'm not involved with this side of it, I assume pricing would have been reasonable, that is why we went for it. I would say definitely say it gives value for the money.

What other advice do I have?

It has really helped us a lot. It's a wonderful platform.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Anumod Kaimal
Senior Officer- Information Security
Real User
Video and audio logs are there for any activities that the privileged admin carries out

Pros and Cons

  • "It was very easy for us to move this application and database from on-premise to cloud, as well as configure new things, such as load balancing. The product is very compatible."
  • "Video and audio logs are there for any activities that the privileged admin carries out."
  • "For the in-house built applications, they need to provide good, solid access through their portal."

What is our primary use case?

The primary use of the solution is to give privileged access to critical resources, including monitoring and auditability.

How has it helped my organization?

Whatever my scope was, it was covered by the application.

I recently was having an issue with the Office 365 web browser. Therefore, I reported this problem to the ARCON team, and they brought in developers. They made it compatible with the new browser station of Office 365. 

What is most valuable?

The locks, which can be features. You can group various departments to obtain the approval records for workflows. Therefore, it creates a type of automation, and I do not have to manually do everything or configure things.

Video and audio logs are there for any activities that the privileged admin carries out.

What needs improvement?

For the in-house built applications, they need to provide good, solid access through their portal.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It has been very stable. I have not had an issue with this product.

What do I think about the scalability of the solution?

It is a scalable product.

A year ago, our infrastructure was on-premise. Then, we moved to the cloud infrastructure. Even during that time, it was very easy for us to move this application and database from on-premise to cloud, as well as configure new things, such as load balancing. The product is very compatible.

When we transitioned from our on-premise to the cloud environment, and even during the transition period, we did not face any challenges or any problems with this product. There was just minor tweaking that we had to do with the new features on the cloud, like failover, as well as autoscaling.

How are customer service and technical support?

Tech support is quite good. They have been right there to help me out. 

Their support details are good. 

Which solution did I use previously and why did I switch?

We did not use a previous access management tool. This product seems to appropriately meet our scope financially, as well as technically, which is why we went for it.

How was the initial setup?

Implementation was very straightforward. 

Implementation may take about half a day, then you have to create your environment. However, this depends upon how many resources that you need to configure through it. If you want to give access and resources to people, then you should have a clear plan for your implementation. For example, which groups should you give access to. These things take about half a day to implement. Then, configuration is about a day. 

What's my experience with pricing, setup cost, and licensing?

Product pricing is based on users and connections. We did not have to pay more for additional features.

They do have some licenses, which are required for things like Linux servers. However, in my environment, we do not have Linux servers. 

Which other solutions did I evaluate?

We also evaluated Densify.

What other advice do I have?

I am satisfied with the application. The scope and specs that we had are met by this product. It is a very good product which is scalable. 

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
AP
Consultant at a financial services firm with 10,001+ employees
Consultant
Passwords are automatically changed within our system

Pros and Cons

  • "With this log available, we can drill down to the activities performed by the people within our kiosk. There is a great feature where in the case of Unix servers, we have our own text-based logs. In the case of Window's server, we cannot create a text-based log, so our kiosk takes the screenshot or picture of the screen when I am working. It does this every three seconds."
  • "The initial setup was very simple. There was only one server we had to setup. We needed to store all the passwords, and a secure database is used."
  • "The auto-password change feature which was recently added. It is supposed to change the password. However, in some cases, while changing the password, it has caused me to lose to connection due to network-related issues or something similar. What we need to have is a type of log for failure of password change."

What is our primary use case?

We have a team of people who do the administration activity for servers and databases before our kiosk came into the picture. They used to share a common user ID along with the password among each other. Now, after our kiosks came in, they login into our kiosks with their old user ID, enter the ID, and the underlying connection is a common ID, but the password, they do not know.

How has it helped my organization?

Initially when we started, the function for automatic password change was not available. Also, Windows-based logins were not available. These two features came in later on about four to five years back. These functions have helped improve the product within our organization.

What is most valuable?

Once logged into our kiosk, I can go to 10 different servers and everything is logged. We can use this to identify which user is logged in, because the login being using to connect to servers will be a common ID, and that ID will not tell you who is the person logged in is.

With this log available, we can drill down to the activities performed by the people within our kiosk. There is a great feature where in the case of Unix servers, we have our own text-based logs. In the case of Window's server, we cannot create a text-based log, so our kiosk takes the screenshot or picture of the screen when I am working. It does this every three seconds. 

Another feature is the password can be changed automatically. For example, if you have a 60 day password change policy, your cards will change the password on its own and keep it within the system.

What needs improvement?

The auto-password change feature which was recently added. It is supposed to change the password. However, in some cases, while changing the password, it has caused me to lose to connection due to network-related issues or something similar. What we need to have is a type of log for failure of password change. We would like to have something that somebody can act upon, then rectified the problem.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We have not had any issues in the last eight to 10 years. When we were just implementing or just after implementation for six months or so, there were some stabilization issues, but those were immediately resolved.

What do I think about the scalability of the solution?

Our kiosk structure is a very good structure. It will just connect to a server and show you the screen. 

How are customer service and technical support?

They have very good support. They provide 24/7 support, because we do critical things, and also we work 24/7. Therefore, if an issue comes up, we require support, and they fix it.

Which solution did I use previously and why did I switch?

There was a previous solution, but it was not writing in the logs properly. It was writing the logs only for the Unix-based system, which is text-based. Those logs were available. However, Windows and other systems were not available in that previous system.

How was the initial setup?

The initial setup was very simple. There was only one server we had to setup. We needed to store all the passwords, and a secure database is used. There is a product center, so if production goes down, it will immediately switch, and our work will continue as is. 

The initial set up of the Client installation on each and every server. This is a slightly critical thing, but we had to make sure everything was perfectly installed.

What about the implementation team?

Implementation went very smoothly because you are just changing the password on the back-end and handing it over to our kiosk, which will take care of it.

What's my experience with pricing, setup cost, and licensing?

There are no major concerns with licensing because we can handle multiple servers in our kiosk system. 

Which other solutions did I evaluate?

This was over 18 years ago. We looked an IBM and CA product (something with single sign-on).

What other advice do I have?

The first time, we manually updated the password. Afterwards, it changed on its own automatically.

For our requirements, this is the best product out there.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
AI
Head of Information Security & Risk Assurance at a financial services firm with 501-1,000 employees
Real User
We use it to control privileged access of administrators on infrastructure and security devices

Pros and Cons

  • "It gives us a lot of comfort in terms of security level. Our infrastructure devices and servers are secured and nobody can have unauthorized access to them."
  • "The best part of this product is the administrator convenience. The portal is very user-friendly. An administrator can use it very easily."
  • "This product is lacking in terms of dashboarding analytics and should have user behavior analytics. It should also have better dashboarding for executive management and security managers, which this product is missing."
  • "Anti-bridging should be built into product."

What is our primary use case?

The primary use case is we want to control the access of the administrator. 

We have a lot of the administrators in our organization who have privileged access on the infrastructure, devices, servers, and network devices. We want to control this access, and at the same time, monitor this access. We use it to control privileged access of administrators on infrastructure and security devices, then monitor them from time to time.

How has it helped my organization?

It gives us a lot of control functions, which we were lacking in our organization. The privileged users, who are mostly administrators, are configured on the endpoints. We were not previously able to monitor, review, or control this. Therefore, it gives us a lot of comfort in terms of security level. Now, our infrastructure devices and servers are secured and nobody can have unauthorized access to them. Only the authorized users, whom we provide and approve access during any point of time, can access critical devices and mission critical systems. This is the benefit that we receive from this tool.

What is most valuable?

The best part of this product is the administrator convenience. The portal is very user-friendly. An administrator can use it very easily. This is the most important part of any privileged or anti-management solution. If it is not user-friendly an administrator will not want to use it. It has to be very user friendly and easy to use. 

What is a good feature here, just insert whatever target that you want access, then click next, and you will be in the system. I would suggest this should be the most prominent feature for any of the privileged or anti-management system.

What I like on this product: It is very easy, user-friendly, and an administrator can access it at any point in time without any hassle.

What needs improvement?

This product is lacking in terms of dashboarding analytics and should have user behavior analytics. It should also have better dashboarding for executive management and security managers, which this product is missing. 

Another important feature where this product is lacking, in terms of the managing the accounts, is in the active directory (provisioning and non-provisioning), or bridging it with the active directory. Thus, it needs anti-bridging.

ARCON needs three important things:

  • The user behavior analytics should be there. 
  • The dashboarding should be improved.
  • Anti-bridging should be built into product.

This would make the product a comprehensive privileged R&D product.

In the future, I would like to have a type of functionality for the product with the mobile application. This would be helpful for some of our approvers, so they can approve at any point of time, sitting anywhere in the world when requests come in through the mobile application. Using the app, they can upload requests of the administrator or users. We would like to see this type functionality go on the product roadmap.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

This product's performance is good, especially in terms of user access and approval metrics.

What do I think about the scalability of the solution?

We have never faced any issues with scalability. This product is scalable enough. There are:

  • Any number of services that you can add.
  • Any number of users who can use it.
  • Any number of infrastructure devices which can be added.

How are customer service and technical support?

There are no issues in terms of support for this product.

Whenever we have had an issue, we raise a tech support ticket and immediately their tech support engineers come on a call. They do their best to try to resolve the issue. If they fail, sometimes to resolve the issue, then they work with their product team and come up with a solution immediately. The technical staff are good, and they are not facing hard issues in terms of support, because their technical skills are quite good.

Which solution did I use previously and why did I switch?

We were not using another solution prior to ARCON.

How was the initial setup?

It is not complicated; a very straightforward setup. Whenever they have to upgrade it, it is a 10 minute job. They upgrade the entire thing at one time. We have a two-tier architecture with a Gateway and a back-end application. Everything is deployed on the application, and the Gateway is only to connect to the end system. 

It is not multiple servers. It is not jump server technology. It is a very easy setup. You can have two servers and run it at any point of time.

What about the implementation team?

The implementation is very simple. Whenever we have faced any issues, the vendor team can easily come and troubleshoot it, because of the simple setup which they have.

What's my experience with pricing, setup cost, and licensing?

It is good value for our business. According to me, their competitors are more costly. Therefore, it is quite affordable. I find the ARCON to be much cheaper than the other products in the market.

Their licensing model is very simple, as it is based on the number of endpoints which you want to manage along with the number of users and administrators which you want to use. In terms of licensing, they are very flexible, because it is not a hard license. The licensing is simple, and there are only two types licensing: device licensing and user-based licensing.

Which other solutions did I evaluate?

We evaluated many other solutions along with the ARCON. We identified this solution as the best in terms of its accessibility. That is a main point. If an administrator can accept this, and it is very easy to use, it will be a successful product. 

We evaluated other products in the market, besides CyberArk. Ultimately, we decided to stick with this product. The cost is also a technical factor apart from the user convenience, which was the prime factor along with user acceptability. These were the two factors that we considered. Then we went ahead with ARCON.

While I have seen other products, and they are very good with dashboarding, reporting, etc. However, the analytics are so complex that the user is not able to use the product. There is a restriction in connection and containerization. You cannot take sessions, because others have taken sessions. Those are the constraints and challenges with other tools. 

Those challenges were there with the other tools, which I do not find in this tool. This tool is very simple and straightforward. If you have access, you can access the end system. From the moment our administrator accepted this tool, we did the PoC for this tool and they liked it.

What other advice do I have?

The product is really a good product and a good value for the money, in terms of costs, user convenience, and functionality that they offer. It is a comprehensive, apart from a few things. The dashboarding and analytics are not very good, so they have to work on these two parts. Apart from those, they should have an anti-bridging functionality too. They are lacking only with these few things. I am sure they will be working on these points very soon, and they will be add to the roadmap to bridge the gap.

If any customer is looking for this product, and comparing it with another product in the market, I would suggest that they do a proper PoC. Do not go with marketing and branding terms. They should do proper business cases and give it to their administrators, then ask them to use it for at least a week or 10 days time. Afterwards, they should decide whether they want to ahead with this product or another product in the market.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
SS
IT Infrastructure Management at a financial services firm with 51-200 employees
Real User
Enables us to meet regulatory and auditing requirements

What is our primary use case?

We use it for privileged access management for our production environment. We use it to record all of the changes that take place in our entire environment. That is the main function because there is a lot of compliance that we need to meet. It helps us meet those requirements.

How has it helped my organization?

Initially, we did not have any record of the production changes, what was been taking place in our infrastructure and environment. To work on this, we got in touch with ARCON. After the implementation, we were able to make changes and record all of the changes, either in the GUI mode or the command mode. This helps us to build on the changes that take place.

What is most valuable?

Because we are a financial institution, the compliance aspect is the most important for us. Using this ARCON product, we are able to leverage the compliance and auditing to meet the regulatory information and share it when we are required to.

What needs improvement?

The product is good but a lot of things can be changed, the way the system has been designed. All the access levels have currently been provisioned so a little more effort could be put into it to have a more friendly environment and user experience. The management portal could be a more friendly environment wherein I could deploy with fewer management resources from my side. We have been requesting from the ARCON team to have fewer management activities.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

It's a really good, secure system. It meets all the requirements. We have a high-availability environment so even if the system goes down, we always have the backup available. Functionality-wise, the cluster setup means the product has HA capabilities.

How are customer service and technical support?

We've had problems along the way but they were not major. The product support team has been very good. There was an issue with functionality within the product, which, as a technical team, we were not able to resolve. With the help of the product vendor, we were able to resolve it.

Which solution did I use previously and why did I switch?

We did not have a previous solution. We were looking in the market for a product but we couldn't find one that met our requirements. ARCON provided a product that was able to meet the requirements and that's why we went with it.

How was the initial setup?

Initially, because it was a new product for us, it was a bit difficult for everybody to understand the product. But since we've been using it for quite a long time, even the new features, the new screens, that have been deployed in the latest versions, are very user-friendly. It's not that difficult for the users to understand.

What's my experience with pricing, setup cost, and licensing?

The product's pricing is a good value. We haven't had any issues with licensing.

Which other solutions did I evaluate?

We went through a few of the other products which were available but, as I mentioned, they did not meet all our requirements. In the end, we evaluated this particular product and chose to go live with it in our environment.

What other advice do I have?

It's a go-ahead for any organization that is looking to meet their compliance and audit requirements. This is a very good product to go with for getting your work done.

It meets most of the requirements we have. I did not give it a nine out of 10 because there are still more requests that I am looking to have fulfilled, changes to be implemented in a new version. These would make the product more stable, as well as a better product on the market.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user864609
Head IT-Security at a financial services firm with 10,001+ employees
Real User
Enables provisioning of administrative access, records administrative activities in logs

Pros and Cons

  • "After storing the administrator password in this password vault of the solution, the solution can automatically go and change the password based on the defined frequency with the defined complexity."
  • "It is recording video records for Windows and command-line reports for others, Linux and AIX, of whatever activities being carries by that particular administrator."
  • "One thing which needs improvement is where it is keeping video logs of Windows Servers, whatever activities are being carried out by the administrator. Because Windows logs are a video, they are unsearchable, so if you need to search for a specific administrator and what he has done on a server, right now you need to go through different video logs of that particular timeframe. I think they are coming up with an additional feature where in it can be indexed and can be searchable."

What is our primary use case?

Controlling the privileged access to all the target servers.

What is most valuable?

Provisioning of all administrative access through this solution. The privileged administrators are logging in to the solution using their domain ID and then getting access to the required servers based on their credentials. The administrators do not need to know the actual administrator's password. Otherwise, in an environment if you have N of servers, the administrator needs to know the ID password of each and every server. After implementation of this solution they are all stored in the password vault of this solution.

So in this case, let's say one administrator is managing a hundred servers. He may not know the different passwords of the different servers. That person will log in to this solution using his domain ID and password and he will get access to the servers he is managing. This is a primary use of this particular solution.

And then, after storing this administrator password in this password vault of the solution, the solution can automatically go and change the password based on the defined frequency with the defined complexity.

Additionally, it is recording video records for Windows and command-line reports for others, Linux and AIX, of whatever activities being carries by that particular administrator.

What needs improvement?

One thing which needs improvement is where it is keeping video logs of Windows Servers, whatever activities are being carried out by the administrator. Because Windows logs are a video, they are unsearchable, so if you need to search for a specific administrator and what he has done on a server, right now you need to go through different video logs of that particular timeframe. I think they are coming up with an additional feature where in it can be indexed and can be searchable.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

We haven't had any issues with stability.

We have designed a solution such that it has been implemented in both the production as well as the DR environments. Whenever we wanted to upgrade the product to the next version, we upgrade the DR first, then production. And whenever production is being upgraded, the entire access is switched over to DR for all the users. So effectively there is no down time for the end users, the administrators.

The stability of the product becomes very important. Otherwise, if the server in the solution is down, all the administrators lose their access for administration. It has proved its stability over the last five to six years.

What do I think about the scalability of the solution?

We never had scalability issues. The primary issue will be storing the logs. The storage is attached to the SAN, so whenever there is a space crunch, in terms of storing the logs, we just increase the SAN storage. That's it. In terms of computer requirements, we never had an issue in terms of performance.

How are customer service and technical support?

We had a little different model altogether. We had their resource on site for our support. We used to talk to the onsite person only. So I wouldn't be a right person to give you feed back on the tech support, as such. But whenever we had to escalate to tech support, there was a good response.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

The setup is pretty straightforward, it is normal. There is application server, there's a gateway server and there's a database server. I don't think there is any complexity in that. 

What's my experience with pricing, setup cost, and licensing?

The product's pricing is good value.

In terms of licensing, go for user-based licensing, without any limit on the target servers.

Which other solutions did I evaluate?

We evaluated different solutions. We evaluated CyberArk and, if I remember correctly, we had evaluated one more Indian product. I don't recollect its name.

Primarily we took the decision to go ahead with ARCON because the criteria for privileged administrative environment as a domain was evolving a lot at that time. It was in 2012. We felt that they offered many customizations, anything which was required that was specific to the customer's environment. They offered that customization to us. And they have come up with a number of customizations, and a number of good features over that period of time. With CyberArk, we didn't have that much flexibility in terms of customizing the product.

What other advice do I have?

Obviously your administrators should participate in the decision to buy this product, because they will have to go through the solution to access any server or any device on which they wish to do administration. At times, initially, it may seem to people who are doing administration that their flexibility is removed. You have to make them aware that the solution brings them flexibility in terms of not remembering the passwords of many servers; when they have a number of servers to be administered, they write down the passwords. Those issues are taken away.

It also provides a lot of security to the administrator himself. He can also review what commands fired, what commands did not fire.

The solution was suited for the purpose when we evaluated it, and it has also evolved to meet the different needs, additional needs. I think it's continuing to evolve.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
it_user854085
Manager (Systems) at a financial services firm with 10,001+ employees
Real User
We have been able to automate previously manual access management processes

Pros and Cons

    • "If you take Microsoft hypervisor - which comes with its own interface, its own web layer, etc. - something like that also requires privileged IDs. As per our institution policy now, everything has to come through ARCON. We have demanded that these kind of advanced features also should be there."

    What is our primary use case?

    We use it for privileged access management.

    How has it helped my organization?

    Our purpose initially was to have a few critical projects. Not to have password management of all projects. So we started on a smaller scope. Later on, we implemented it across the organization. So now, all technical solutions are being controlled by ARCON. And the main area of improvement here is, we have ease of access. People have password-less access and a need-to-know-basis access whenever they require, when the approvals are in place for access. Previously, all this things were handled manually in the environment. Those we have automated, we have eliminated dependency on any manual intervention.

    Everything is in the system. When a person wants to have access, they put in the data, the requirement, the timing, the other technical parameters. The project managers in charge of the infrastructure, they approve it and the access is available to the person who requires it, all the time. 

    Equally we are able to monitor it all. It gives us the capability of monitoring it online, rather than going to the persons' desk for the activities being done. We sit in our office and monitor what is happening in the target device, using ARCON. The recordings and other things are available, in case any forensics are required.

    What is most valuable?

    Mainly the password vault. So, we have all of our generic IDs, which are present in the infrastructure, we have it securely vaulted. When we want to have access, we use ARCON only to have the access of the target devices or systems.

    What needs improvement?

    We have the load balancer and we have certain cloud environments. So, if you take Microsoft hypervisor - which comes with its own interface, its own web layer, etc. - something like that also requires privileged IDs. As per our institution policy now, everything has to come through ARCON. We have demanded that these kind of advanced features also should be there.

    They have improved a little bit in providing all the interface, but as of now it is not comprehensive, not at all the interfaces, but the major ones are covered. Whatever we have demanded, they have tried to provide the solution. In fact, with a little bit of time, because of new technology, integrations, and dependency on the OEM side - taking all these things into consideration - they have done a good job in integrating many of the technologies which we have demanded.

    For example, vCenter that is a hypervisor for VMware. They have a vCenter environment. Now it can be easily integrated with ARCON. We have a plug-in for that. It was not there last year, now they have come up with it and it is working very well. So my cloud management user IDs are now using ARCON for managing the cloud.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    In the basic functionality of the solution, there have not been any challenges. The product is very well designed so that it actually adapts the scalability well. 

    But we have seen changes over the last year in terms of security. I would rather not say it is a product deficiency or a deficiency the company. I've been reviewing other products as well, and when we see a product releases something it challenges the other market players. We are seeing that the security trends are becoming very stringent, now providing a high level of security. There has been a lot said and recommended about the access of the infrastructure.

    We have our own infrastructure management team which actually looks into the vulnerabilities and the old architecture, protocols, etc. When we start eliminating tools, it's becaue they only support the old communication mechanisms. The migration from SSL to TLS. This is one example. Lately, TLS 1.2 has been recommended by the IT industry. This product was working last year in SSL only. We migrated to TLS 1.2. The adaptability to move quickly towards a new environment is lacking and they are deficient in having integration with other OEMs. I am not naming company names but I would say, for example, one load balancer should be integrated.

    For about the last one year or so, everybody has their Web layer for their own product, for their appliances, for their load balancer. Those Web layers are developed by the particular OEM of the appliance. They all have their own logic for providing their access. This solution, doesn't immediately provide any way to integrate with that particular Web layer. So what we do is, whenever we have a new appliance and there is a Web layer above it, we report it to ARCON and they look, see whether it matches any existing solutions, or whether it requires new development.

    That is something that is happening every time a Web layer comes out, which is proprietary to an OEM. We have to have them look at it. We cannot directly integrate with that. But that is the scenario with all the products in the market. They cannot integrate directly with any proprietary system. ARCON tries to provide a quick solution.

    What do I think about the scalability of the solution?

    Earlier they were having issues, only releasing upgrades quarterly. Now they have changed the frequency to monthly, for about the last six months. So that is some kind of improvement.

    Updates are not a problem, our in-house team is capable of implementing them, even without support from the company. They provide documentation with the  technical dependencies and the steps.

    How are customer service and technical support?

    I would rate it eight out of 10, mainly when we ask about regular technical issues. We do a certain hardening of infrastructure. Whenever we start doing hardening, it affects the access management. So troubleshooting on technical aspects, on these kinds of things, which are a regular technical issue, they are good.

    But when it comes to new implementations or new integration - because in the last six months we have given them 15 to 20 new integrations, new Web layers, new appliances to integrate and other things - those are new for them also. So they take their time for checking the feasibility, seeing how it works, and then releasing it. So, in these cases they are taking time. 

    But otherwise, the support is good. For regular activities, their support doesn't have any challenges. People are available on the phone. There is a portal available for us to look for technical support, and they do update it regularly.

    Which solution did I use previously and why did I switch?

    This is the first solution.

    How was the initial setup?

    They set it up for us and then we trained our people.

    What's my experience with pricing, setup cost, and licensing?

    I am not in a position to give any financials, but whatever we have paid, it is value for money.

    Their licensing model is good. They have been flexible for us.

    Which other solutions did I evaluate?

    We have evaluated two solutions, for two projects - two of our projects required access management. Then we selected this and we extended this solution for multiple projects as well.

    It was an open RFP for us in 2015. There were eight products in that quadrant. So we referred to all of them. For us it was an open tender. Then we technically evaluated, compared them, and then selected one product. It was open to the global market and we saw all the products which were present at the time. I think ARCON is one of the leaders now.

    What other advice do I have?

    Have your access management process is in line. If you have complex processes, or you have not defined it, it will be rather difficult to implement any such product.

    I give ARCON a nine out of 10. The missing point is for not quickly adapting, as per the example I mentioned above, regarding integrations. I don't know whether it's a deficiency at their end, maybe that proactiveness is not there. Or maybe there are too many changes happening in the market, they might not be able to cope with all the changes that are happening.

    Lately, in the last year or so, all technical products in the IT world have come up with their own access management portfolio. These kinds of products require integration with this portfolio. I have received 15 to 20 items which require integration, 75% were already available and 25% had to be built. So that minus one is because of that 25% they could have integrated even before I asked them. They could have done a workflow just by surveying market.

    Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    it_user831819
    Chief Manager at a financial services firm with 501-1,000 employees
    Real User
    Interaction between the servers and the client is recorded, which is helpful for analysis

    Pros and Cons

    • "The entire conversation that is happening between the servers and the client is recorded. It is a good feature if you want to do some analysis, and for investigation."

      What is our primary use case?

      Used for server access management.

      How has it helped my organization?

      It has all the features that we require. In this regard I cannot tell you much other than that this solution is good for us, and we have been using it for a long time.

      What is most valuable?

      The most important feature is to know who is accessing the servers, the entire conversation that is happening between the servers and the client is recorded. It is a good feature if you want to do some analysis, and for investigation. So it is helpful to us.

      What needs improvement?

      I can't think of anything because the features which we require, it has everything that we need. So I cannot tell you much about the improvements required for this product. We are using all the features, and it is good to have.

      The only thing is, while the product is good, they could do something on the support side. Support is quite good, but some improvements are required because the time to resolve is four hours. If they could reduce that to two hours, that would be good for us.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      There has been no problem.

      What do I think about the scalability of the solution?

      No issues with scalability.

      How is customer service and technical support?

      Technical support is good, whenever we have issues they will resolve the issue, so the support is good.

      How was the initial setup?

      The setup is not complicated because we implemented it in a single virtual platform, and using that console we integrated all the server platform for access, and directed user privileges. We provided users with a single sign-on.

      What's my experience with pricing, setup cost, and licensing?

      The pricing works for us. Comparatively, this software's pricing is good.

      What other advice do I have?

      We have suggested to other operations that they test this product. We have always spoken well about this product.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user823761
      IT Security Mananger
      Real User
      Prevents unauthorized authentication changes and improves our security

      What is our primary use case?

      Privileged access management, to protect privileged access.

      How has it helped my organization?

      It prevents unauthorized authentication changes and improves our security.

      What is most valuable?

      Video capture.

      What needs improvement?

      They need to support all web browsers. At the moment it only supports Explorer, IE. They have to come up with a solution to support all browsers.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      Stability is fine, it's good actually.

      What do I think about the scalability of the solution?

      Yes it is scalable, it has capacity to scale up and expand.

      How are customer service and technical support?

      Tech support is very good.

      Which solution did

      What is our primary use case?

      Privileged access management, to protect privileged access.

      How has it helped my organization?

      It prevents unauthorized authentication changes and improves our security.

      What is most valuable?

      Video capture.

      What needs improvement?

      They need to support all web browsers. At the moment it only supports Explorer, IE. They have to come up with a solution to support all browsers.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      Stability is fine, it's good actually.

      What do I think about the scalability of the solution?

      Yes it is scalable, it has capacity to scale up and expand.

      How are customer service and technical support?

      Tech support is very good.

      Which solution did I use previously and why did I switch?

      No previous solution, this is our first.

      How was the initial setup?

      It's simple.

      What's my experience with pricing, setup cost, and licensing?

      Pricing and licensing are good, very aggressive.

      Which other solutions did I evaluate?

      We evaluated three products. CyberArk, ARCON, and one more product but I don't remember the name.

      What other advice do I have?

      I give it a seven out of 10 because, as I said, it does not support all browsers.

      Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
      it_user827673
      IT Manager
      Real User
      Streamlines management, configuration, and more secure access to servers

      Pros and Cons

        • "The usability should be expanded to other browsers like Chrome and Firefox."

        How has it helped my organization?

        Provides more secure access to servers and also provides audit trails.

        What is most valuable?

        Ease of configuration and management. All features are available and cover all the use cases, like database, thin clients, file sharing clients, etc.

        What needs improvement?

        The usability should be expanded to other browsers like Chrome and Firefox. That would help us roll out our solution quickly.

        For how long have I used the solution?

        One to three years.

        What do I think about the stability of the solution?

        No issues with stability.

        What do I think about the scalability of the solution?

        No issues with scalability.

        How are customer service and technical support?

        The support is prompt and readily available.

        Which solution did I use previously and why did I switch?

        No previous solution was being used.

        How was the initial setup?

        The initial setup was straightforward. The implementation team configured the solution in a very short amount of time.

        What's my experience with pricing, setup cost, and licensing?

        The pricing and licensing model is very economical.

        What other advice do I have?

        Product is very efficient. Thorough testing needs to be done prior to implementation to test the solution in your specific architecture.

        Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
        it_user826695
        IT and Infosec Professional
        Real User
        Video logs help us to identify any misuse of privileged accounts

        Pros and Cons

        • "The video logs help us to identify any misuse of privileged accounts."
        • "We expect improvement in the dashboards to provide visibility of password compliance status, whenever a password is opened from the vault. Also, flexibility to customize the live dashboard."
        • "We would like to see support for privileged accounts used in web-based systems like Blue Coat Secure Web Gateway, VMware ESXI management tools, etc."

        How has it helped my organization?

        This product has helped us to protect privileged accounts and comply with password policies for privileged accounts. The video logs help us to identify any misuse of privileged accounts.

        What is most valuable?

        • Integrated dual factor authentication using mobile app
        • Single sign-on
        • Password vault
        • Video recording

        What needs improvement?

        We expect improvement in the dashboards to provide visibility of password compliance status, whenever a password is opened from the vault. Also, flexibility to customize the live dashboard. 

        We would also like to see support for privileged accounts used in web-based systems like Blue Coat Secure Web Gateway, VMware ESXI management tools, etc.

        For how long have I used the solution?

        Less than one year.

        What do I think about the stability of the solution?

        We faced one issue where video logs were not opening from all systems. The issue was solved after a version upgrade.

        What do I think about the scalability of the solution?

        We found the product is scalable if we provide the recommended hardware by the vendor.

        How are customer service and technical support?

        We have not had any issue with support. Support personnel are available whenever support is required.

        Which solution did I use previously and why did I switch?

        We did not use any other solution.

        How was the initial setup?

        Initial setup is straightforward and it can easily integrate with OS, database, network devices, etc., without the need for any connectors.

        What's my experience with pricing, setup cost, and licensing?

        The product is available with competitive pricing. Licensing is not complex. We calculated the license requirements by counting the number of admins and the number of devices which were going to integrate with it.

        Which other solutions did I evaluate?

        We evaluated Iraje and CyberArk.

        What other advice do I have?

        Every organization has a different environment, so do a thorough evaluation for different connection channels it supports like RDP, SSH, Telnet, web browsers, etc.

        Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
        it_user822438
        Windows System Engineer
        Real User
        Eases network admin by logging changes securely, but needs support for more browsers

        Pros and Cons

        • "Logging, particularly screen recording for Windows RDP sessions. Also, command-logging for SSH sessions. This really helps us to see what commands/changes have been executed in a particular service at a given point of time, and by whom."
        • "The product is browser dependent. As of now, it only works on Internet Explorer from the client side. Admins cannot use any other browsers (Chrome, Edge, Firefox, etc.) to access the client manager online."

        How has it helped my organization?

        Provides a secure way of accessing the critical services in our organization, with a lot of auditing features built in. It really helps in daily system/network administration tasks by logging the changes executed, in a secured and reliable way.

        What is most valuable?

        Logging, particularly screen recording for Windows RDP sessions. Also, command-logging for SSH sessions. This really helps us to see what commands/changes have been executed in a particular service at a given point of time, and by whom.

        What needs improvement?

        The product is browser dependent. As of now, it only works on Internet Explorer from the client side. The product should not be browser dependent and should be compatible with all the modern browsers. Admins cannot use any other browsers (Chrome, Edge, Firefox, etc.) to access the client manager online, and have to stick with IE for accessing the services.

        Most people are either Chrome users or Firefox users. For them, I have to convince them to use IE.

        This has been communicated to the company some time ago. They said this is already under development, to make the product work in the other browsers.

        For how long have I used the solution?

        One to three years.

        What do I think about the stability of the solution?

        No issues with stability.

        What do I think about the scalability of the solution?

        No issues with scalability.

        How are customer service and technical support?

        Good. They are fine. They respond quickly whenever I put a ticket. Almost all the tickets I've created, I've gotten a pretty quick response. I cannot pinpoint any single instance, but almost all the tickets, whenever I have a problem, they have been good on the other side, and they are very happy to assist us. We are happy with that.

        Which solution did I use previously and why did I switch?

        We have never used a PAM solution before. ARCON is the first of its kind in our organization.

        How was the initial setup?

        Setup was straightforward.

        What's my experience with pricing, setup cost, and licensing?

        Pricing is reasonable.

        What other advice do I have?

        ARCOS is a powerful, stable, and reasonable product for anyone looking for a PAM solution.

        Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
        it_user824787
        Portfolio Manager at a tech services company with 10,001+ employees
        Real User
        Gives you all the features in a very cost-effective solution

        Pros and Cons

          • "They they should focus on support. The support needs to be very strong. Since the product is becoming stronger, their support team also should be equally strong. They should respond to open queries within the time limit they have set. Their support team should be more technical, to understand the issue or the set up."

          What is our primary use case?

          We are using it for privileged identity management. We are an ARCON partner and nowadays, in the industry, every customer is asking about a PAM product.

          What is most valuable?

          We are using all the features. My favorite is Passive Mode.

          What needs improvement?

          When the ARCON product was not on the mark - we got this account six years back - we gave all the requirements to them and they took our requirements as a positive, and built all the features we wanted, because we are supporting multiple customers. Now I see the product is ready, it has all the features, it meets all the requirements.

          We have given them a few more requirements like SSH keys, or to have the risk factors. They are working on those, they are in the development stage.

          Also, they they should focus on support. The support needs to be very strong. Since the product is becoming stronger, their support team also should be equally strong. They should respond to open queries within the time limit they have set. Their support team should be more technical, to understand the issue or the set up.

          For how long have I used the solution?

          More than five years.

          What do I think about the stability of the solution?

          It is a very stable product.

          What do I think about the scalability of the solution?

          It is scalable.

          How is customer service and technical support?

          I would rate tech support about five or six out of 10.

          How was the initial setup?

          It is straightforward.

          What's my experience with pricing, setup cost, and licensing?

          ARCON will give you all the features in a very cost-effective solution.

          Pricing and licensing is very good compared to other players in the market. This product is from an India-based company. I feel it is also very effective.

          Which other solutions did I evaluate?

          I have evaluated other players: CyberArk, CA, Unisys, but they are all complex and costly.

          What other advice do I have?

          Arcon fits the requirements, at a small cost.

          In terms of advice, I would first check with you what your requirements are and what budget you're looking at. Budget varies but requirements are the most important. If your requirements match this product... Whenever any customer comes to us, we first check if ARCON meets their requirements. If ARCON doesn't meet their requirements then we recommend another product.

          I would rate this product at eight out of 10. There are still a lot of improvements which we have suggested to them, they will probably be available within the next three or four months.

          Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
          Sanjeet Kumar Bhuyan
          Security Consultant and Cybersecurity Support at a tech services company with 51-200 employees
          Real User
          Top 5Leaderboard
          Session recording covers compliance and our in-house applications

          Pros and Cons

          • "Session recording is the most valuable feature, as it covers compliance and it also covers our in-house applications."
          • "It should support the SQL Always On platform with FQDN name instead of IP."
          • "Initially, there were some issues with .NET applications in Windows 10 systems."

          How has it helped my organization?

          It was much more challenging to support Arabic language and some legacy IE9 supported applications integration. But Professional Services solved the issues very well.

          What is most valuable?

          Session recording, as it covers compliance and it also covers our in-house applications.

          What needs improvement?

          It should support the SQL Always On platform with FQDN name instead of IP, so where all the databases are managed centrally.

          In our company, we are not managing single-single SQL Servers, we are putting in a technology called Always On, where all the databases are managed centrally.

          Whatever solutions or tools we have, we need one SQL instance or something that we can provide from that Always On system so that way, from the database side, there is high availability, it is in two or three different physical locations. If tomorrow something bad were to happen, and your main site was down, you wouldn't need to worry because all the same data would be available on the other site.

          For this database, ARCON first said, "We do support Always On." Then we started migrating this database to the Always On database and slowly we came to see that they have two different databases, which are keeping recording logs or something - the sessions become very high. As soon as it is replicating, it is not shrinking the database. They told us, "Okay, keep our database separate from your Always On. Give us a standalone." 

          So the reason that's not going to benefit our organization is because, single-handed, we were managing from one platform. Now we have to manage two, three, four, five different, single-single, standalone databases, which will create more overhead for our admin staff.

          For how long have I used the solution?

          One to three years.

          What do I think about the stability of the solution?

          One time, due to database connectivity issues.

          What do I think about the scalability of the solution?

          Not yet, although a couple of our requirements were solved with the next patch release.

          How are customer service and technical support?

          Five out of five. No doubt they are good.

          Which solution did I use previously and why did I switch?

          We did not have a previous solution. We evaluated some solutions and then started using ARCON. We found the potential was there in ARCON because it was supporting the applications which are only OS-based. That means, if you have Linux OS or Windows OS, it is supporting you. But from the application point of view, no one was supporting it, so that was a plus-point which contributed to ARCON being selected.

          How was the initial setup?

          Initially, there were some issues with .NET applications in Windows 10 systems, but with the help of our internal IT support we overcame the issues.

          What's my experience with pricing, setup cost, and licensing?

          Pricing is low and licensing is flexible.

          Which other solutions did I evaluate?

          We evaluated TPAM, Centrify, CA, CyberArk and InspectView and, of course, ARCON. 

          There were a couple of other products which were causing us pain points, like Tripwire IP360. Then Tripwire, they also have something called CCM, Configuration Compliance Manager.

          What other advice do I have?

          Definitely go for user training before full deployment.

          Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
          Buyer's Guide
          Download our free Privileged Access Management (PAM) Report and find out what your peers are saying about ARCON, CyberArk, Broadcom, and more!