We performed a comparison between CyberArk Privileged Access Manager and F5 BIG-IP Access Policy Manager (APM) based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"Ensures accounts are managed according to corporate policies."
"The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"Performance-wise, it is excellent."
"CyberArk has allowed us to get the credentials and passwords out of hard-coded property files."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"The portal access was very good."
"The product allows us to create customized portals for your users."
"The solution is stable and reliable."
"The most valuable feature is the virtual IP creation. It's our most frequently used feature."
"In my opinion, the GUI is perfect with the configuration options provided. F5 BIG-IP has given customization options and policy configuration tools in the GUI. It's good and good enough to work."
"The performance of the solution is valuable."
"The load balancing features are valuable."
"Our customers have never complained about the stability"
"It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"The turnaround time for technical support is lengthy."
"If you are an administrator or architect, then the solution is kind of complicated, as it is mostly focused on the end user. So, they need to also focus on the people who are implementing it."
"I would like to see improvement in the custom connector for integration with different devices."
"Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the CLI side."
"The operational deployment is not great."
"The solution is quite costly."
"The initial setup was complex."
"The technical support’s response time must be improved."
"The solution’s GUI looks very old."
"Integrating identity providers and single sign-on solutions can simplify user authentication and access control."
"F5 BIG-IP APM disconnects when you leave it for long enough, but that is natural for IT solutions to do. That's a little bit frustrating."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More F5 BIG-IP Access Policy Manager (APM) Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while F5 BIG-IP Access Policy Manager (APM) is ranked 9th in Access Management with 13 reviews. CyberArk Privileged Access Manager is rated 8.8, while F5 BIG-IP Access Policy Manager (APM) is rated 8.2. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of F5 BIG-IP Access Policy Manager (APM) writes " Facilitates packet inspection, modification, and offloading and offers visibility and troubleshooting capabilities, allowing for pre-production server testing". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and BeyondTrust Privileged Remote Access, whereas F5 BIG-IP Access Policy Manager (APM) is most compared with Citrix Gateway, Cisco ISE (Identity Services Engine), Microsoft Remote Desktop Services, Ivanti Connect Secure and Microsoft Entra ID. See our CyberArk Privileged Access Manager vs. F5 BIG-IP Access Policy Manager (APM) report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.