CyberArk PAS vs. Palo Alto Networks VM-Series

As of May 2019, CyberArk PAS is ranked 1st in Advanced Threat Protection with 61 reviews vs Palo Alto Networks VM-Series which is ranked 3rd in Advanced Threat Protection with 12 reviews. The top reviewer of CyberArk PAS writes "Gives us the security of all credentials in one place and lightens our administrative load". The top reviewer of Palo Alto Networks VM-Series writes "A reliable tool with excellent support". CyberArk PAS is most compared with SailPoint IdentityIQ, Cisco ISE (Identity Services Engine) and BeyondTrust Endpoint Privilege Management. Palo Alto Networks VM-Series is most compared with Fortinet FortiGate, Juniper SRX and Meraki MX Firewalls. See our CyberArk PAS vs. Palo Alto Networks VM-Series report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about CyberArk PAS vs. Palo Alto Networks VM-Series and other solutions. Updated: May 2019.
340,467 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.There are no issues with scalability. Our clients are very happy to use the product.We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.We are able to know who is accessing what and when; having accountability.This solution is quite stable.The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out.I really like the PTA (Privileged Threat Analytics). I find this the best feature.

Read more »

Embedding it into my application development lifecycle prevents data loss and business disruption, allowing the adoption to operate at the speed of my AWS Cloud.It has a good performance which helps you with the stability of your virtual environment.In AWS, Palo Alto provides us a better view than flow logs for network traffic.App-ID and User-ID have repeatedly shown value in securing business critical systems.It provides complete security posture from end-to-end. This has given us better visibility into what our security aspects are.You already can scale it if you put it in Auto Scaling groups. If you put it in a load balancer, it should already be able to scale.It allows us to see all our traffic to properly secure it and only allow what is needed through the firewall.It offers a single pane of glass for all the different types of installations.

Read more »

Cons
Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.The initial setup of CyberArk is a challenge if you do not have prior experience with it.Make it easier to deploy.I think having a distributed architecture would certainly help this solution.There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar.If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature.Tech support staff can be more proactive.

Read more »

It can definitely improve on the performance.It has to be more scalable for the deployment of VMs on the cloud.I would like to see a more thorough QA process. We have had some difficulties from bugs in releases.We have ran into issues with Palo Alto’s limitations for resolving large IP lists from DNS lookups, as well as the antivirus interfering with App-ID.The product could provide protection above Layer 3, which gets into the application layer and provides better visibility into those aspects of application security.On the cloud side, they need to come up with more HA solutions to support the multi-region.AWS doesn't integrate well with third-party firewalls.I would like a way to do everything programmatically, or be able to copy the configs from different prices at different levels.

Read more »

Pricing and Cost Advice
In comparison to other products on the market, CyberArk is a more costly product.This solution is considered to be more expensive than others out there on the market today.I do not have any opinions to add about the pricing of the product.No, I do not have any advice on the price of the product.Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.If you are looking at implementing this solution, buy the training and go to it.Our risk is definitely significantly lower. Also, our resources are low.

Read more »

The pricing and licensing of this product on AWS should be from $1.28/hr or $4,500.00/yr. Then, it would be a good price for the performance that it delivers.We used BYOL, because of the cost to own.The pricing and licensing of this product on AWS for a three-year commitment is a great deal, if you can plan that far ahead.Because the solution was getting deployed on AWS, it was the best place to go and it was available there.One of the factors for selecting Palo Alto was they had flexible pricing. They had a pay-as-you-go model. Comparable to other products, such as Check Point, the price point was definitely a plus.The pricing was expensive but it was comparable to the competition.AWS is available as a AMI that you can purchase from the AWS Marketplace. Therefore, you need to purchase the licensing, since it is per AMI. Then, you deploy it on a regular EC2. Then, for on-premise, you can use both Palo Alto's software and hardware.The price is not bad. They have a yearly renewal fee, and the pricing is exactly where we expect it to be.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
340,467 professionals have used our research since 2012.
Ranking
Views
42,726
Comparisons
15,621
Reviews
60
Average Words per Review
538
Avg. Rating
8.9
Views
3,350
Comparisons
2,046
Reviews
10
Average Words per Review
510
Avg. Rating
8.6
Top Comparisons
Compared 10% of the time.
Also Known As
CyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager
Learn
CyberArk
Palo Alto Networks
Overview

CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.

The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.

The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.

In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.

Offer
Learn more about CyberArk PAS
Learn more about Palo Alto Networks VM-Series
Sample Customers
Rockwell AutomationWarren Rogers Associates
Top Industries
REVIEWERS
Financial Services Firm28%
Insurance Company15%
Healthcare Company10%
Retailer8%
VISITORS READING REVIEWS
Financial Services Firm32%
Retailer13%
Comms Service Provider10%
Energy/Utilities Company9%
No Data Available
Company Size
REVIEWERS
Small Business17%
Midsize Enterprise9%
Large Enterprise74%
VISITORS READING REVIEWS
Small Business11%
Midsize Enterprise12%
Large Enterprise77%
REVIEWERS
Small Business36%
Midsize Enterprise29%
Large Enterprise36%
Find out what your peers are saying about CyberArk PAS vs. Palo Alto Networks VM-Series and other solutions. Updated: May 2019.
340,467 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email