Most Helpful Review
You can quickly deploy the entire product with a basic config. However, the GUIs are not very clear.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer?
I liked the debugging part. There are only two files (trace file and log file) that you need to look into while performing debugging, and the logs give you the exact info on where and what needs to be fixed.
You can quickly deploy the entire product with a basic config within couple of hours.
It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days.
The most valuable feature is the Federation part of Single Sign On, which is customizable and is easily integrated with any customer application or any third party application.
Federation is valuable, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways.
The Directory is secure. It's our user store, and it's important to keep our members safe. The product does well with that.
If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On.
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.
For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.
There are no issues with scalability. Our clients are very happy to use the product.
We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.
We are able to know who is accessing what and when; having accountability.
This solution is quite stable.
The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out.
I really like the PTA (Privileged Threat Analytics). I find this the best feature.
CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together.
The GUIs are not very clear, especially when integrating with other products from CA.
The Federation part of CA Single Sign On, it's a bit complex to implement because it involves the SSL certificates, exchange of certificates, and lot of technical details. The documentation misses some important parts of this, so that's the reason it took some time for us to go live.
I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product.
They need to make configurations easier, and not have the engineer having to guess what will happen when he changes a particular setting.
The initial setup was complex, painful. But that is to be expected of any new setup. When you're a big bank like us, any kind of migration to a new product is hard. I expect it to be painful, and it was painful. But it's not something that you can avoid.
I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.
The main thing is we do not have the traceability and good monitoring that CA can provide us to capture problems when they occur.
Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.
Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.
The initial setup of CyberArk is a challenge if you do not have prior experience with it.
Make it easier to deploy.
I think having a distributed architecture would certainly help this solution.
There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar.
If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature.
Tech support staff can be more proactive.
Pricing and Cost Advice
CA solutions are generally expensive but for the customer the ROI is big.
I recommend conducting a PoC on every available product before choose one.
In comparison to other products on the market, CyberArk is a more costly product.
This solution is considered to be more expensive than others out there on the market today.
I do not have any opinions to add about the pricing of the product.
No, I do not have any advice on the price of the product.
Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.
With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.
If you are looking at implementing this solution, buy the training and go to it.
Our risk is definitely significantly lower. Also, our resources are low.
out of 26 in Access Management
Average Words per Review
out of 26 in Access Management
Average Words per Review
Compared 52% of the time.
Compared 17% of the time.
Compared 6% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 8% of the time.
Also Known As
|Single Sign-On, SiteMinder||CyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager|
|CA (A Broadcom Company)||CyberArk|
CA Single Sign-On provides secure single sign-on and flexible access management to applications and Web services on-premise, in the cloud, from a mobile device or a partner’s site. For over a decade, CA Single Sign-On has been a leader in enterprise-class secure Web single sign-on and identity federation, providing a comprehensive solution that addresses access to applications and cloud services. CA Single Sign-On delivers unparalleled reliability, availability, scalability and manageability.
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Learn more about CA SSO
Learn more about CyberArk PAS
|British Telecom, CoreBlox, DBS, HMS, Itera ASA and Simeo||Rockwell Automation|
Financial Services Firm42%
Comms Service Provider8%
Software R&D Company25%
Financial Services Firm29%
Software R&D Company28%
Financial Services Firm14%
Comms Service Provider12%