We performed a comparison between CA Identity Suite [EOL] and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SailPoint, One Identity and others in Identity Management (IM)."We used to have a problem where an employee's access wasn't terminated when they left the company. Now, we have much better visibility into and control over who has access."
"The most valuable functionality of the solution for us is that when employees stop working for the municipality, they are automatically disabled in Active Directory. Omada controls that 100 percent. They are disabled for 30 days, and after that time Omada deletes the Active Directory account. The same type of thing happens when we employ a new person. Their information is automatically imported to Omada and they are equipped with the roles and rights so they can do their jobs."
"The most relevant feature is Omada's reporting engine. Omada never 'forgets' and archives every process. All steps an admin, user, or manager has executed, are recorded in Omada."
"Omada's best feature is creating accounts, automatically assigning permissions, and distributing resources based on assignment policies."
"The most valuable feature for us is the ability to set up connectors to various IT systems and offer a wide range of supported connectors."
"It has a very user-friendly interface compared to what we are used to, and it is highly configurable. In the old solution, when we needed to do something, we had to have a programmer sitting next to us, whereas, in Omada Identity, everything is configurable."
"The most valuable aspect of the product is that it is Microsoft-based and it supports all Microsoft technology."
"Its best feature is definitely the process design. It is quite easy and straightforward to design a process."
"The most valuable feature is the speed of implementation. Now with the Virtual Appliance, it's much faster. In the past, to implement this kind of solution, it would take so many weeks. Now, it takes one day, or minutes, and we have the deployment ready."
"With the Virtual Appliance, combined with CA Identity Manager and GovernanceMinder as one solution, it eliminates having multiple infrastructure requirements, multiple products, and gives a holistic view of the access granting."
"The most valuable feature is the re-certification campaign capabilities."
"I found all of them quite valuable, especially the identity manager, governance, and identity portal. All the features are helpful."
"You can spin up IDM or Identity Suite in a few hours and it is ready to use."
"Nowadays it is offered as a Virtual Appliance, and that saves considerable time for installing and controlling it."
"It is very simple to use."
"There are no issues with scalability. Our clients are very happy to use the product."
"We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"On the EBB user side, we were able to secure all the server root passwords and admin for Windows. This was a big win for us."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
"There is room for improvement in Omada's integration capabilities, particularly in streamlining complex integrations and enhancing programming logic for better rule management."
"Improved traceability would be helpful for administrators. For example, let's say a user's permission is being revoked. We can only see the system that has carried out a particular action but not what triggered it. If an event definition or something has changed in the criteria for the permission being removed or something like that, we don't have immediate access to that information. It takes a little detective work."
"We are still on Omada on-prem, but I understand that when Omada is in the cloud, you cannot send an attachment via email. We have some emails with attachments for new employees because we have to explain to them how to register and do their multi-factor authentication. All that information is in the attachment. People have to do that before they are in our system. We cannot give them a link to our Intranet and SharePoint because they do not yet have access. They have to register before that, so I need to send the attachments, but this functionality is not there in the cloud."
"Omada's reporting functionality is limited and could benefit from greater customization."
"Its flexibility is both a good thing and a bad thing. Because it is very flexible, it also becomes too complex. This is common for most of the products we evaluated. Its scalability should be better. It had a few scalability issues."
"The comprehensiveness of Omada's out-of-the-box connectors for the applications we use could be better. We are getting a new HR system called Cornerstone for which they do not have an out-of-the-box connector, so we have to take the REST connector and play around with it."
"The backend is pretty good but the self-service request access screen, the GUI, needs improvement. It's an old-fashioned screen. Also, Omada has reports, but I wouldn't dare show them to the business because they look like they're from 1995. I know they are working on these things and that’s good, because they’re really needed."
"The account management integration isn't bad, but it isn't plug-and-play like Microsoft Azure. You need some deep development knowledge to set up the connectors."
"The connectors for the identity and governance part could use some improvement, by way of adding more areas. They need more development to cover more target applications."
"The documentation can be improved because sometimes we have some technical issues that were not documented and we have to rely on support to solve them. Then there are issues around getting the architecture, but it's challenging to get the architecture."
"If there was a seamless integration between portal and IdentityMinder, then that would help a bit."
"I would like synchronization when a mapping is added between end points. Currently, the synchronization is not complete. It would be great if this synchronization happened immediately."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"We don't often contact technical support, but when we do it, the response could be faster and better."
"I would like to see improvement in the custom connector for integration with different devices."
"There is a learning curve when it comes to planning out the deployment strategy, but once it is defined, it runs itself."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Earn 20 points
CA Identity Suite [EOL] doesn't meet the minimum requirements to be ranked in Identity Management (IM) while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. CA Identity Suite [EOL] is rated 8.2, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of CA Identity Suite [EOL] writes "Eliminates multiple infrastructure requirements and products, gives a holistic view of access granting". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". CA Identity Suite [EOL] is most compared with , whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard.
We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.