Compare CyberArk Privileged Access Manager vs. One Identity Active Roles

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about CyberArk Privileged Access Manager vs. One Identity Active Roles and other solutions. Updated: March 2020.
521,690 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution.""Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control.""CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale.""CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies.""The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,""The technical support is good.""The most valuable feature is Special Monitoring.""The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."

More CyberArk Privileged Access Manager Pros »

"Having a tool to manage all changes to AD from a single pane of glass is awesome.""The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them.""Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner.""Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated.""With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems.""Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."

More One Identity Active Roles Pros »

Cons
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time.""It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers.""CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms.""There is a bit of a learning curve, but it's a pretty complex solution.""It needs better documentation with more examples for the configuration files and API/REST integration""We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process.""The authentication port is available in CyberArk Alero but not Fortinet products.""Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."

More CyberArk Privileged Access Manager Cons »

"The ability to send logs to a SIEM would be very beneficial.""When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow.""In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets.""The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there.""There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them.""I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."

More One Identity Active Roles Cons »

Pricing and Cost Advice
"I believe that this solution is priced well. It's the market leader and I think that it's the best solution.""Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well.""The price of this solution is quite reasonable.""The solution is very expensive and requires a license. We pay for an enterprise license.""Pricing is quite high and it could be improved.""They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."

More CyberArk Privileged Access Manager Pricing and Cost Advice »

Information Not Available
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
521,690 professionals have used our research since 2012.
Questions from the Community
Top Answer: Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.
Top Answer: The price of this solution is quite reasonable.
Top Answer: Return on investment on over all product solution cost. especially hardware cost. when the licence increase due to jumpbox concept Hardware requirement also increase. secondly customisation duration… more »
Top Answer: Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of… more »
Top Answer: Active Roles is above average on pricing compared to similar solutions. There are no additional costs to the standard licensing fees.
Top Answer: We would like to see * extension of change-tracking auditing capabilities, especially in relationship to the virtual attributes * more flexibility with group families * integration with cloud database… more »
Ranking
Views
36,972
Comparisons
19,289
Reviews
11
Average Words per Review
644
Rating
8.2
Views
3,169
Comparisons
1,513
Reviews
6
Average Words per Review
1,423
Rating
8.7
Popular Comparisons
Also Known As
CyberArk Privileged Access Security
Quest Active Roles
Learn More
CyberArk
Video Not Available
Overview

CyberArk is the trusted expert in privileged access management and a global leader Identity Security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.

Active Roles is a single, unified and rich tool to automate the most troublesome user and group management tasks. With One Identity Active Roles, you can streamline user and group administration, solve security issues – and meet those never-ending compliance requirements by managing and securing on-prem, and cloud AD resources simply and efficiently with a single, intuitive solution.

Offer
Learn more about CyberArk Privileged Access Manager
Learn more about One Identity Active Roles
Sample Customers
Rockwell Automation
City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Top Industries
REVIEWERS
Financial Services Firm24%
Insurance Company15%
Energy/Utilities Company9%
Healthcare Company7%
VISITORS READING REVIEWS
Computer Software Company29%
Comms Service Provider20%
Financial Services Firm10%
Government5%
REVIEWERS
Aerospace/Defense Firm25%
Comms Service Provider13%
Consumer Goods Company13%
Manufacturing Company13%
VISITORS READING REVIEWS
Computer Software Company24%
Comms Service Provider15%
Financial Services Firm8%
Manufacturing Company6%
Company Size
REVIEWERS
Small Business21%
Midsize Enterprise12%
Large Enterprise67%
VISITORS READING REVIEWS
Small Business26%
Midsize Enterprise12%
Large Enterprise62%
REVIEWERS
Small Business33%
Midsize Enterprise8%
Large Enterprise58%
Find out what your peers are saying about CyberArk Privileged Access Manager vs. One Identity Active Roles and other solutions. Updated: March 2020.
521,690 professionals have used our research since 2012.

CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 15 reviews while One Identity Active Roles is ranked 2nd in User Provisioning Software with 6 reviews. CyberArk Privileged Access Manager is rated 8.2, while One Identity Active Roles is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Provides simplicity and ease of implementation for the right level of security controls". On the other hand, the top reviewer of One Identity Active Roles writes "ARS has been instrumental in ensuring accounts get cleaned up when they get deprovisioned". CyberArk Privileged Access Manager is most compared with BeyondTrust Endpoint Privilege Management, Thycotic Secret Server, Azure Active Directory, SailPoint IdentityIQ and Cisco ISE (Identity Services Engine), whereas One Identity Active Roles is most compared with Azure Active Directory, SailPoint IdentityIQ, One Identity Manager, Okta Workforce Identity and NetIQ Identity Manager. See our CyberArk Privileged Access Manager vs. One Identity Active Roles report.

See our list of .

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.