We just raised a $30M Series A: Read our story
Rodney Dapilmoto
Systems Admin Analyst 3 at CPS Energy
Real User
Top 20
The Privileged Session Manager Proxy makes it extremely convenient for UNIX Administrators to utilize their favorite SSH client software

Pros and Cons

  • "The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."
  • "Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."

What is our primary use case?

We use this solution for privileged systems access with a high emphasis on security. End users are required to go through a process of being vetted in our NERC environment in order to use the solution. This product has been used by my company for about 5 years now.

How has it helped my organization?

By using this product, it has placed a new culture in my company by making employees more aware of IT compliance and cyber security. It has also placed us in a position to meet NERC CIP v6 requirements.

What is most valuable?

The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.

Using the PSMP (Privileged Session Manager Proxy) makes it extremely convenient for UNIX Administrators to utilize their favorite SSH client software (i.e. SecureCRT or Putty) to connect to a privileged target without having to go through the PVWA web login.

What needs improvement?

I would like to see a product enhancement with the Secure Connect feature. Today, there is no functionality to create "Accounts" using Secure Connect to permanently store a user's working tab. It is a tedious manual process of entering host IP information and user credentials to a privileged target system.

Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use. It’s a manual process of entering information all the time. Unless, you are working with accounts already stored in “Safes”.


For how long have I used the solution?

5 years

What do I think about the stability of the solution?

We have noticed some stability issues with the PSM Servers. We've noticed that there may be a limitation on the number of users that a PSM Server can handle. We have two PSM Servers deployed in our Production environment and have come to a conclusion that we may need to add two more to stabilize the environment.

An update to the above statement: Upgrading to version 9.9 significantly reduced the stability issues with the PSM Servers and the limitation on the number of users that the PSM can handle.

How are customer service and technical support?

Customer Service:

CyberArk could use some improvement with their level of customer service. Sometimes, it can take more than a day before a Case that I have submitted online gets a response from tech support.

Technical Support:

The level of technical support has been great. The challenge has been to get an initial response and sometimes follow-up from CyberArk Support.

What about the implementation team?

If you are going to setup CyberArk for the first time, I highly recommend that you utilize their Professional Services. They are extremely knowledgeable and very helpful and will ensure that your implementation is a success.

What's my experience with pricing, setup cost, and licensing?

We use Texas DIR when evaluation and making purchases of products.

What other advice do I have?

We are currently on version 9.10. We would like to upgrade to the latest version sometime this year. There is currently a CyberArk Security Bulleting CA19-09 that addresses potential administrative manipulations within the PVWA and the Digital Vault. CyberArk has released patch 9.10.4 to address the PVWA and they are working on releasing a patch for the Vault Server.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
KN
Junior Product Consultant at a tech services company with 501-1,000 employees
Consultant
Top 5Leaderboard
Good technical support with helpful third party vendors and good at recording actions

Pros and Cons

  • "The technical support is good."
  • "We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."

What is our primary use case?

I primarily use the solution to record any actions taken on specific important targets. It allows management to look at actions and play them back to see what was done within the environment.

What is most valuable?

The technical support is good.

It's pretty good at recording actions taken within an environment.

What needs improvement?

We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process.

The solution could be more stable. 

 It should have more specific configurations. There are lots of types of servers and devices. The product should have a more detailed, specific configuration and integration with other products.

For how long have I used the solution?

I've been using the solution for about three months at this point.

What do I think about the stability of the solution?

This was my first experience in the solution's UI and UX user experience and user interface. I didn't find the solution to be very stable at all.

What do I think about the scalability of the solution?

We do plan to continue to use the solution, however, it's unclear as to if we will scale it further.

How are customer service and technical support?

We're pretty satisfied with technical support. They are helpful. I find them knowledgable and responsive and I've been happy with the level of service we've been given thus far.

How was the initial setup?

We found the initial setup quite difficult. There were a lot of errors and we found the process to be a bit complex. I wouldn't describe the implementation as straightforward.

In total, the deployment took about one week from beginning to end.

What about the implementation team?

We did not handle the entire implementation ourselves. We had assistance from an outside firm. They were helpful.

What other advice do I have?

We're just users of the solution. We're customers. We aren't resellers or consultants. We don't have a business relationship with the solution.

I'm using the latest version of the solution.

I'd recommend the product to others.

Overall, we've been mostly happy with the solution. I'd rate it at an eight out of ten so far.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
555,139 professionals have used our research since 2012.
Meo Ist
Senior Product Manager and Technology Consultant at Barikat
Consultant
A robust, stable, and scalable solution for protecting passwords

Pros and Cons

  • "It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password."
  • "It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler."

What is most valuable?

It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password.

What needs improvement?

It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler. 

What do I think about the stability of the solution?

Its stability is very good. It is a very robust and stable product if you have the correct installation and configuration. Otherwise, you would have problems.

What do I think about the scalability of the solution?

It is scalable. Our customers are enterprises with a minimum of 2,000 users and maybe 100 admin users.

How are customer service and technical support?

We are satisfied with their support. Our customers need local support, and CyberArk provides that. Their documentation is also good.

How was the initial setup?

It is a little complex as compared to its competitors. Its deployment took a long time.

What about the implementation team?

We had a consultant, and we were satisfied with the service. You need someone with one or two years of experience.

What's my experience with pricing, setup cost, and licensing?

They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc.

What other advice do I have?

I would rate CyberArk Privileged Access Security an eight out of ten. It is a good product.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
reviewer988578
Snr Technical Consultant at a tech services company with 10,001+ employees
Consultant
Reduces the number of “admin” accounts by utilizing accounts that can be used by individuals with the same role

What is our primary use case?

Managing passwords to infrastructure and applications, keeping those accounts “safe,” and being able to audit their use.

How has it helped my organization?

The audit capabilities include video so that not only keystrokes but also mouse clicks are captured. This provides safety and reassurance for anyone working in our infrastructure. 

What is most valuable?

Reducing the number of “admin” accounts by utilizing accounts that can be used by individuals with the same role, but only one at a time. When the accounts have been used, its password is changed (to something a user would have had to write down) before being made available for reuse. The passwords which are hidden from the users are not known, and thus can be long and complex, while only being used for a session before being changed.

What needs improvement?

Privileged Threat Analytics (PTA) that can function in more that one AD domain at a time. The recent enhancement that allows resilience in PTA is great, but operation in more than one domain is required as many organizations have multiple AD domains. Even if it’s just prod and test or PPE split, you still want to know what’s going on in it.

For how long have I used the solution?

Three to five years.

Which solution did I use previously and why did I switch?

No Previous PAM solution used.

Which other solutions did I evaluate?

Yes, based on Gartner

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Richard Nagygyörgy
Product Manager at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
Priced well with good support, stable, and scalable

Pros and Cons

  • "The most valuable feature is Special Monitoring."
  • "The authentication port is available in CyberArk Alero but not Fortinet products."

What is our primary use case?

I am a consultant. We are in the process of using this in our clients' companies.

What is most valuable?

The most valuable feature is Special Monitoring.

What needs improvement?

The authentication port is available in CyberArk Alero but not Fortinet products.

For how long have I used the solution?

I have been working with CyberArk PAS for one year.

What do I think about the stability of the solution?

CyberArk is stable.

What do I think about the scalability of the solution?

It's a scalable solution. 

How are customer service and technical support?

I have limited experience with technical support, but our customers like the support.

In general, it appears to be fine.

Which solution did I use previously and why did I switch?

I have also worked with Thycotic, until the completion of the project.

How was the initial setup?

The initial setup is straightforward.

What's my experience with pricing, setup cost, and licensing?

It is best suited for mid to large-size enterprises. It is not the best for smaller companies, largely because of the price.

I believe that this solution is priced well. It's the market leader and I think that it's the best solution.

The price is quite good for us.

What other advice do I have?

For those who are interested in using this product, you have to know your requirements and compare them with CyberArk to see if it is suitable for them and fits their budget.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Anthony Mook
Senior Security Manager at SMU
Real User
Reliable, scalable, and easy to install but the pricing could be better as it's expensive

What is our primary use case?

We use this solution for ID purposes. When we remove a user from the server, we need a privileged ID password. We are a University. It's a large organization.

What is most valuable?

It's not very different when compared with other products.

What needs improvement?

From what I can see, the Systems Integrator is useless. When I ask for the information, nothing is given to me. They need to provide better training for the System Integrator.

For how long have I used the solution?

I have been working with this solution for two years.

What do I think about the stability of the solution?

Its' quite stable.

What do I think about the scalability of the solution?

It's a scalable solution but could be improved. On a scale of one to five, I would…

What is our primary use case?

We use this solution for ID purposes. When we remove a user from the server, we need a privileged ID password.

We are a University. It's a large organization.

What is most valuable?

It's not very different when compared with other products.

What needs improvement?

From what I can see, the Systems Integrator is useless. When I ask for the information, nothing is given to me. They need to provide better training for the System Integrator.

For how long have I used the solution?

I have been working with this solution for two years.

What do I think about the stability of the solution?

Its' quite stable.

What do I think about the scalability of the solution?

It's a scalable solution but could be improved. On a scale of one to five, I would rate it a four.

How are customer service and technical support?

I have not used technical support.

How was the initial setup?

The initial setup is pretty easy. It is not complex.

What about the implementation team?

We used a reseller, integrators, but they were useless to me.

What's my experience with pricing, setup cost, and licensing?

Pricing is quite high and it could be improved.

What other advice do I have?

I would rate CyberArk Privileged Access Security a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
JL
Presales Engineer at a tech services company with 51-200 employees
Reseller
Top 5Leaderboard
Local tech support is very helpful

Pros and Cons

  • "The technical support for this solution is very good. If I was to rate it on a scale of one to five, I would give it a five."
  • "The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."

What is our primary use case?

Our primary use case for this solution is business and client management. Our clients are mostly from the banking sector. 

What is most valuable?

The CyberArk solutions that have been the most valuable for my solution are the Discovery & Audit (DNA) and Privileged Threat Analytics (PTA) tools. CyberArk is a very important tool for my organization.  

The setup was very easy for me. 

What needs improvement?

The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers. 

For how long have I used the solution?

I have been using the solution for about a year. My company resells and implements this solution. 

What do I think about the stability of the solution?

I think this solution has a lot of stability. 

How are customer service and technical support?

The technical support for this solution is very good. If I was to rate it on a scale of one to five, I would give it a five.

How was the initial setup?

The initial setup was straightforward. It can be carried out by a single person. 

Which other solutions did I evaluate?

The great thing about this solution is that they offer tech support in my language. 

What other advice do I have?

I recommend this product. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
Hichem TALEB-BENDIAB
CDO & Co-Founder at ELYTIK
Real User
Top 10
Complete package, thorough threat detection, but expensive

What is most valuable?

This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access. 

For how long have I used the solution?

I use the solution for security. I make sure the bulk of the password of the certificate for the cloud and on-premise applications are good. I action and administer them when needed.

What do I think about the stability of the solution?

The solution is stable, it is very resilient.

What do I think about the scalability of the solution?

I have found the solution to be scalable.

How was the initial setup?

The installation is not difficult for me because all the information is on the website.

What's my experience with pricing, setup cost, and licensing?

The solution is…

What is most valuable?

This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access. 

For how long have I used the solution?

I use the solution for security. I make sure the bulk of the password of the certificate for the cloud and on-premise applications are good. I action and administer them when needed.

What do I think about the stability of the solution?

The solution is stable, it is very resilient.

What do I think about the scalability of the solution?

I have found the solution to be scalable.

How was the initial setup?

The installation is not difficult for me because all the information is on the website.

What's my experience with pricing, setup cost, and licensing?

The solution is very expensive and requires a license. We pay for an enterprise license.

What other advice do I have?

This is a complete package that has a lot of the capabilities you would want in this type of solution but it is very expensive.

I rate CyberArk PAS a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.