Most Helpful Review
Enterprise Password Vault, Privilege Session Manager & Application Identity Management have been very useful for our...
CyberArk is not just an IT security or cybersecurity tool. It's also an administrator tool. I had a fair number of systems where the passwords were not fully managed by CyberArk yet, and they were expiring every 30 or 45 days. I was able to get management turned on for those accounts. From an administrator perspective, I didn't have to go back into those systems and manually change those passwords anymore. CyberArk... lightened the load on our administrative work.
You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily.
We have accomplished our security goals. We have two-factor authenticated and vaulted our important accounts, so people can't just steal stuff from us.
The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization.
In the newer version, there are 3850s, all of them are scalable. They fit better into the medium or small businesses.
They now know the details about their network traffic that they did not know before: Applications that they are using and some application they did not know they were using.
We have reduced the number of configuration lines by 90%. We need fewer number of admins right now because of it.
This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful.
One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening.
CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well.
There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution.
From time to time, they have released some content updates that have some issues, maybe twice a year.
There are various reports that come with the box or with the VMware, but you can only run them daily.
Pricing and Cost Advice
With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.
CyberArk provides all the features bundled. This is compared to other vendors who provide them as a different license for each functionality.
Cost efficiency is the number one thing that can be improved in my mind. This would change lots of companies minds on purchasing the product.
I know Palo Alto is not cheap. They have been telling me, the members of the finance team, it is not a cheap solution. It is a solution whose target is that no matter how big your organization is, small, medium, or large, it is about the maturity of your security team or infrastructure team whom you want to work with.
It is a little bit of crazy if you compare it to Vanguard, Sophos, or even Cisco. The newest version of Cisco, the Next-Generation Firewall of Cisco, is less expensive than Palo Alto. It is more comparable to Check Point.
For licensing, It depends how they want to use the firewall. The firewall can be used only for IPS purposes. If you only want that firewall IPSs, you will only need a license that is called threat prevention. That license, threat prevention, includes vulnerabilities, antivirus signatures and one additional measure (that I can't remember), but it includes three measures and security updates.
The box, if you do not want to buy the threat prevention license in the box, you can buy it only with the support license. It is for the support of the hardware. It works like a simple firewall. It integrates what it calls user IDs and application IDs. If you do not buy any other license, only the firewall, Palo Alto will also help you improve a lot of your security.
When you have a client compare box against box, a lot of times Palo Alto is a bit more expensive, but its network firewalls have a very rich ratio.
Compared 14% of the time.
Compared 8% of the time.
See more CyberArk Privileged Access Security competitors »
Compared 7% of the time.
Compared 25% of the time.
Compared 14% of the time.
See more Palo Alto Networks VM-Series competitors »
Compared 10% of the time.
Also Known As
|Also Known As||CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager|
|Website/Video||CyberArk||Palo Alto Networks|
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
The VM-Series is a virtualized form factor of our next-generation firewall that can be deployed in a range of private and public cloud computing environments based on technologies from VMware, Amazon Web Services, Microsoft, Citrix and KVM.
The VM-Series natively analyzes all traffic in a single pass to determine the application identity, the content within, and the user identity. These core elements of your business can then be used as integral components of your security policy, enabling you to improve your security efficacy through a positive control model and reduce your incident response time though complete visibility into applications across all ports.
In both private and public cloud environments, the VM-Series can be deployed as a perimeter gateway, an IPsec VPN termination point, and a segmentation gateway, protecting your workloads with application enablement and threat prevention policies.
Learn more about CyberArk Privileged Access Security
Learn more about Palo Alto Networks VM-Series
|Sample Customers||Rockwell Automation||Warren Rogers Associates|
VISITORS READING REVIEWS
No Data Available
VISITORS READING REVIEWS
No Data Available