The most valuable features are:
- The access control on the agent
- Being able to manage what a user can do
- The password check-in/check-out process
CA Privileged Access Manager Server Control [EOL] is also known as CA Access Control, CA Privileged Identity Manager.
Download the Privileged Access Management (PAM) Buyer's Guide including reviews and more. Updated: September 2021
The most valuable features are:
It gives us the ability to track who is using what ID and for what purpose.
I would like to see some improvements, specifically in terms of some set-up items. We have spoken to CA quite a bit about the ability to have 'always-on', or 'active/active' status options, so if the infrastructure goes down, we don't lose transactions. This is very important for the environment and for the users so we cannot really afford any downtime with the solution. We have had problems with deployment, and we are concerned with the possibility for outages and how they can have a negative impact on the environment.
The stability is pretty good, but there is some room for improvement. We've already discussed these areas of improvement with CA. Some of the problems we ran into were with installation, but the agent seems to be stable. Some of the connection with the infrastructure is a little bit difficult to maintain sometimes. Overall, I would say it's pretty solid.
It seems to scale well. Since we are a large enterprise, we will be putting that to the test pretty soon.
I have used a lot of technical support and I would say that the technical support folks are very good. They are very proficient, professional, and knowledgeable.
We didn’t have a previous solution. This is a brand new thing for us. We knew we needed identity management so we compared several products and this is the one we ended up implementing. I think CyberArk was one of the shortlisted alternatives, but I don't remember the others. In terms of selecting this product, I guess the perception of being ready for enterprise, installation, and operations are probably the main things. We need to perceive that it's going to save us time and provide more security than we already have.
I was involved in the set up and it was not straightforward. It was a difficult installation. As an example, if you don't want to use the standard C:\ drive, it requires a number of workarounds to get it to work on a different drive. The firewall port requirements were not well documented. I've got a pretty long list of things that were challenging. It took us quite a while to install this product to get it to the point where we can repeat it every time.
I would have to warn somebody to basically either have the adequate manpower or plenty of time to deploy it and test it in their labs before they roll it to production. This is necessary because there will probably be some surprises along the way.
This is a small thing, but what I find pretty valuable is that default access is denied and you have to apply for and be granted access in order to gain access. This helps us make sure that access is not undeliberately granted.
We're happy to see it working so well with our IBM solution, saving us time and costs.
The manuals for this product used to be good. We could find in one place answers to pretty much every question or situation we had. However, it's now in piece-meal fashion. You have to piece the information together. So the user documentation has become poor.
We've had no problems deploying it.
It's stable. I don’t think we have had any downtime.
It’s very good in terms of scalability.
For the most part, technical support is great. There have been times when I haven't gotten the best technician, but that's with all tech support. If I deal with someone who's worked there a long time, the expertise is excellent and I do end up getting great support.
The initial setup was straightforward as they give you detailed instructions. User documentation is poor, however.
We have had very successful implementations, mainly due to the great support from CA.
Work with CA. Have a solid installation development plan and strategy. A lot of companies would put things in warm mode before implementing, which I recommend. Also, read the implementation guide as it is well written.
The product been used by different vendors for protecting their key resources and sensitive information and for accountability.
Six and a half years.
No issues encountered.
No, the product been stable and robust, and boasts with new additional features.
No issue with scalability.
The most important feature is the admin password management.
This product has improved the security of the corporate network and made compliance with the safety regulations of our country.
I have used it for two years.
Yes, I encountered lots of issues.
No issues encountered.
No issues encountered.
No previous solution used.
Not all the steps were explained well.
Buy a professional service for installation and first use so they can help you to resolve the various bugs.
The security level for servers.
We have been able to exceed our audit requirements for security.
Automated deployment did not work as expected, had to go to a manual deployment.
Over five years.
Automated process did not function as required.
No issues at all totally transparent to the end user.
We upgraded from eTrust 8.0.
The initial setup was straightforward.
Our in house support team deployed to over 2000 Unix and Linux servers.
This was done by our engineering team, and they looked at Oracle security and Symantec.
For financial systems this is recommended.
It depends on the client's requirements, but for me the most valuable one is the security access management with distributed architecture and centralized management.
Often, the software is installed based on security and audit requirements, for example, where the security processes of an organization need to be updated to match current security standards.
User Interface needs to be improved.
I have been designing systems based on the solution for the last four years.
Usually, the problems are similar to any enterprise software deployment. However, sometimes we would have problems adapting the enterprise security processes and software usage.
Yes, but nothing critical. Same as other software.
No issues with scalability.
Usually, CA does not provide direct customer service, so it normally depends on the quality of CA's partners.Technical Support:
As a partner of CA I can contact tech support directly and, in my opinion, it is at a good level.
No I didn't and I don't know of any other software with the same complexity of functionality.
CA Privileged Management software is very complex software and its setup needs a project manager, and trained personnel… etc.. it's not a "just installation".
You do not need this software for your direct processes but the current security standards force you to buy the product. For example, If your company manages finance it must satisfy the security standards requirements. I cannot calculate the ROI in this case as I would need to compare several projects with different solutions but I design only CA based systems.
Depends on the project and customer requirements.
There are some products with similar partial functionality, but I don’t know of another complex software with the same level of functionality.
Study the modern security standards (PCI, ISO/IEC 2700x etc.) before implementation.
It efficiently controls the access to the resources from the privileged user thus implementing the security aspects and this provides fine granular access.
UI for end point and management console.
No, deployment wise, the functionality is good.
Sometimes we encounter issues whilst generating the reports.
No issues with the scalability.
No, this is the first product I got my hands on.
Pretty cool initial set-up.
It’s quite good in industry.
It’s pretty cool product for security domain with enhanced features for PIM