CyberArk Privileged Access Manager Initial Setup

SatishIyer - PeerSpot reviewer
Assistant Vice President at a financial services firm with 10,001+ employees

The initial part of the setup was quite good. When it came to Windows, we had success in the beginning stages, but later on we had to have a number of discussions with CyberArk with respect to the 'groups' nomenclature, as we wanted to have a very clear standard that could be used consistently throughout the organization.

The first iteration was mostly fast and easy, however at one point we realized that there was much more detailing needed to be done. So we went through another iteration with a more detailed design and came up with more comprehensive coverage of groups, or roles, as you might say. In total, I think it was around two years before the Windows part was comprehensively addressed, but after that, it was covered quite quickly. 

Before CyberArk's PAM, we had a legacy tool that was managing the privileged access for Windows and we had that decommissioned around this time, which was a victory of sorts.

View full review »
Jonathan Hawes - PeerSpot reviewer
CyberArk PAS Administrator at L3Harris Technologies

In our specific case, the initial setup and configuration were very complex, which was a result of the initial design being developed by our internal engineers and CyberArk professional services, neither of which had the "tribal knowledge" of how the network functioned, or how the processes of network engineering and security had been implemented.

View full review »
Jonathan Hawes - PeerSpot reviewer
CyberArk PAS Administrator at L3Harris Technologies

Our organization utilized the CyberArk professional support team to come in and provide a local, hands-on planning and implementation approach. This implementation methodology actually reduced long-term costs by making sure the implementation was done according to CyberArk's Best Practices.

View full review »
Buyer's Guide
CyberArk Privileged Access Manager
March 2024
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Amandeep Singh - PeerSpot reviewer
Associate Manager at Wipro

CyberArk has a distributed architecture. Therefore, as compared to other PAM solutions, it is a little bit complex. You first need to understand the environment and then install the individual components, whereas, in other PAM solutions, you have to build the database and then simply run the application and directly connect to the application. You can then start using the application.

View full review »
TD
IT Manager at BCBS of MI

The initial setup is more complex than simple, however, not daunting.

View full review »
RB
IT Manager at a tech services company with 10,001+ employees

Installing CyberArk Privileged Access Manager was easy. It's only the firewall you need to introduce into the environment that takes time, particularly if you're doing an on-premises model.

View full review »
reviewer907214 - PeerSpot reviewer
Director, CyberSecurity at Ashburn Consulting LLC

Setup depends on the complexity of the solution. A simple configuration could be up and running in a day.

View full review »
NM
Information Security Leader at a government with 10,001+ employees

There were some complexities about the setup, but deploying a solution like this is going to be complex, no matter what solution you go with. CyberArk did an excellent job of making sure that we had everything we needed. They had checklists and the prerequisites we had to do before we got to the next steps. Although it was complex, they were complex "knowns," and we were able to get everything organized fairly easily.

Our initial deployment took about two weeks.

We broke the deployment into four phases. The first phase was called Rapid Risk Reduction, and with that we were getting our domain admins under control, where we went with domain admin, server admin, and link admin. A part of that was the server administrators and Linux administrators. All of that was part of a very short-term goal that we had. 

Phase two was called risk reduction, where we were focused on Microsoft SQL, the database administrators, and Oracle Database administrators. It also included bringing in some infrastructure support as well. 

Phase three was enterprise-grade security, and with that we've been pushing the network tools and AWS admins, along with some other controls. 

And our last phase, which we've just recently started on, is one where we are going to be pushing hard to get developers onboarded into CyberArk. There are a whole lot of little details that go along with all of that. The initial auto onboarding happened in phase three, but we also have auto onboarding that we're looking to roll out across a larger group.

We implement least privilege entitlements as well. We started out from a high level of not going the least privilege route and, rather, we locked things down in a way that they were managed, at least. Then we started knocking down the least privileged path. You have to start somewhere, and least privilege is not going to be the first option, out of the gate. You're going to have to take stepping stones to the best practices. And that's what we've done. We took this large amount of high-risk access and brought it into CyberArk and then pulled access away over time and have been making things more granular, when it comes to access to the systems. The access within the systems, within CyberArk, is absolutely granular and we have been very granular with that from the beginning.

For maintenance of it we need about one and a half people. My team supports it and, while one full-time person is probably enough to support the solution, my team is split up. The general operations of CyberArk are what take up the most time. The actual running of the solution, from an engineering perspective, is very lightweight; it's hardly anything.

View full review »
reviewer990891 - PeerSpot reviewer
Information Technology Specialist (Contract role) at a tech services company with 10,001+ employees

The initial setup was both straightforward and complex in equal measure.

View full review »
Alex Lozikoff - PeerSpot reviewer
Business Development Manager at Softprom by ERC

I would rate my experience with the initial setup a four out of ten, one being difficult and ten being easy. It's a modular system. To run CyberArk, you need to deploy several different services, set them up, and configure the interactions. It's not a solution in one box.

The initial setup is not very complex, but I would say it's not very simple, either.

View full review »
KD
Network Engineer at CalSTRS

It is difficult to install. You need to have their consulting services to get it installed and set up correctly.

View full review »
MM
Security Advisory Services (SAS) Business Growth Lead for Iberia at a computer software company with 10,001+ employees

The initial setup is straightforward because we have a lot of experience with it. While there are a lot of components, I don't find it difficult.

A deployment can typically be done in less than a week, but it does depend on the environment.

We have developed our own methodology for the implementation and deployment of CyberArk. We put the final users at the center of their strategy. One of the things that we have found that fails when deploying a PAM solution is that everyone focuses on the tool. CyberArk works and we know the tool is there, so we just focus on how the different groups are working with their servers, applications, etc. We focus on adapting the deployment in a way that does not disrupt their jobs. We try to be non-disruptive and not change the way users work.

We adapt the solution to already existing workflow processes, tools, accesses, etc. This is one of the best parts of CyberArk. It provides a lot of flexibility to adapt.

View full review »
Oluwajuwon Olorunlona - PeerSpot reviewer
Cyber Security Engineer at eprocessconsulting

Regarding the initial setup, I would say it's pretty straightforward on a scale from one to ten, where one is difficult and ten is easy. I'd give it a nine. Deployment took less than a week.

View full review »
Hrushikesh Karambelkar - PeerSpot reviewer
Sri Privileged Access Management Architect at Edgile

I give the initial setup a five out of ten.

The initial deployment requires a couple of weeks and for the on-premises portion an additional two to four weeks. The deployment required one full-time architect and one full-time senior consultant. 

View full review »
Meo Ist - PeerSpot reviewer
Senior Product Manager and Technology Consultant at Barikat

The implementation and integration process is very, very complex. It is a robust product, however. I don't have to do a lot of setups, luckily. However, when you first set it up, it's very difficult as you don't really know what you're doing. 

The first 27% of the implementation took us maybe three months, however, for more than 95% of installation, it took us over one year. We had all the features up and running, however. 

We started with connection and session recording features, however, items such as password changing and other integrations, for example, firewall connection and switch interface connection were rolled out over the year.

You only need one person to maintain the solution. 

View full review »
Salif Bereh - PeerSpot reviewer
Consultant at a consultancy with 10,001+ employees

If you have some experience, it is not complex to implement CyberArk. For me, the preparation is more difficult than the installation. Because CyberArk uses binaries, if you add good information, it will work. But if you miss something at the preparation stage, like the opening of the flows that you need, of course, it will be difficult. I know how the solution works, so it's not difficult.

First, you have to install the Vaults, and after installing them you can add PVWA to access the information. After that, you can install the PSM and then the CPM for the rotation, and that's it.

The time it takes to implement depends on the environment. Sometimes we work with complex environments and we have to adapt and collect all the information that we will need. We need to look out how the machines should be set up for the installation. It really depends on the size of CyberArk you want to install, including how many computers will be onboarded to CyberArk. There are technical and functional variables.

View full review »
reviewer988578 - PeerSpot reviewer
Snr Technical Consultant at a tech services company with 10,001+ employees

The setup is not complicated when trained staff are used.

View full review »
JA
Security Lead at a insurance company with 1,001-5,000 employees

The environment's architecture is very complex, depending on your use cases, and I'm talking about CyberArk as a whole. Their past solution — their AM solution — and all of the other solutions bundled together are straightforward, and it all needs to work together. Depending on your use case and the connected components you need to have or build, you must learn a lot. So, it's not as simple a thing to deploy — at least on-premise. It isn't straightforward. Our environment comprises 20 to 30 servers that we had to spin up and connect. Disaster recovery has to be thoroughly vetted, discussed, and documented because as you onboard and manage those privileged accounts, you need a way to get to them if something goes wrong.

It took about a month to get the product running and several months to onboard users. And when we start talking about Application Access Manager, that's ongoing, and I think that'll probably be ongoing for a very long time. We were targeting our specific use cases, so we started with interactive users. The whole idea was to restrict, manage, and monitor those interactive users. Our rollout proceeded from the most privileged users to the less privileged users. Then we started targeting service accounts and that kind of stuff. So it was a phased approach from highest risk to lowest risk to lower risk.

CyberArk PAM requires a lot of maintenance. Right now, we have about one and a half people, but I would say we need to add several more people to do a better job and add a lot of functionality. It requires a lot of maintenance and monitoring. They've relied on many different Microsoft features to secure the privileged session manager. It requires a lot of tuning, monitoring, and managing those solutions. They use AppLocker to restrict and isolate these running sessions, and AppLocker breaks all the time, so you have to go in and troubleshoot why it's broken and tweak it. That could mean adding a new rule or updating an application. It is a lot of maintenance, depending on your use case. But then again, we have gone very hard into privileged session management and developed over a hundred custom connectors. Another customer might deploy RDP and call it a day, drastically reducing maintenance.

View full review »
FD
Senior Security Consultant at a computer software company with 5,001-10,000 employees

Deploying CyberARK is complicated, but it is relatively easy for me because I have excellent scripts for implementing the prerequisites. It might be challenging for the average end user. It would be ideal to educate them in a demo environment because hard to explain this to a user without them. I would need to build an environment to show them. A simulated lab environment is one thing CyberArk PAM lacks.

We set up the prerequisites and discover the privileged accounts in the environment. CyberArk has a tool that scans the servers and detects accounts. This works best in a Microsoft environment. It's more difficult without Active Directory because you have to rely on the information the customer provides. You can begin the onboarding process once you've identified the accounts. 

It takes a month to set up the prerequisites and two or three days to install CyberArk PAM. Once it is deployed, it takes eight months to a year to tie up some loose ends. You may need to identify some accounts that you missed. The total time depends on the size and complexity of the user's environment. If you've configured everything correctly, it's simple to maintain. 

View full review »
Jan Strnad - PeerSpot reviewer
Security Architect at AutoCont CZ a. s.

The initial setup for CyberArk Privileged Access Manager was complex because, in the beginning, you must get the information from the customer such as how he wants to install it, how he wants to protect privileged accounts, how password rotation would work, etc., before you can install the solution.

The time it takes to deploy CyberArk Privileged Access Manager depends on several factors such as how many admins a customer has, how many devices, and the types of devices, for example, does the customer have servers such as Windows or Linux, some other network solution, or some applications, etc.? It could take between ten, fifteen, or one hundred days. My company needs to analyze at the beginning to define how long the process will take.

On a scale of one to five, with one being complex and five being very easy, I would rate the initial setup for CyberArk Privileged Access Manager four out of five.

View full review »
IB
Security Architect at a tech services company with 1,001-5,000 employees

It was a bit complex because the architecture is complex. At the same time, this is also an advantage in relation to other competitors in the market because CyberArk's architecture is inherently secure. So, while it is a bit more complex to set up initially, it is necessary for reaching the security that other solutions do not give you.

The installation can easily be done. It is the architecture part that is complex, possibly because you need to size the machines. 

It depends greatly on the project. Usually, the best approach is a modular one. You start with a set of users, then move on to expanding the solution with size in mind. 

View full review »
Iordanidis Iordanis - PeerSpot reviewer
Procurement Manager at OTE Group

The solution is very simple and straightforward. It's not complex at all. 

View full review »
KC
Corporate Vice President at a insurance company with 10,001+ employees

The initial setup was not straightforward. The very first setup that we did was specifically for AIM, which was obviously simpler. We had an in-built vault which we replaced with the AIM setup. 

Our PSM setup was very complex. We had about 450 applications that we had to onboard over a period of one year, and we had to remove close to 16,000 accounts. It was a very complicated setup. We built close to 35 different connection components to get this product in.

View full review »
DK
Manager at a financial services firm with 1,001-5,000 employees

CyberArk Privileged Access Manager's initial setup is straightforward. However, it can depend on many factors, such as architecture.

View full review »
it_user519366 - PeerSpot reviewer
Information Security Advisor at a insurance company with 1,001-5,000 employees

Setting up and learning a new platform is always a complex undertaking. This is why CyberArk provides local hands-on support to get the system set up and the company’s techs trained. The base setup will differ from company to company, based on their immediate needs and what they wish to accomplish immediately. Heightened IDs, local workstation IDs, off-network server accounts, service IDs… the list goes on and on.

View full review »
Iordanidis Iordanis - PeerSpot reviewer
Procurement Manager at OTE Group

I would rate the tool’s setup a nine out of ten. The solution’s setup is easy. We have a good internal implementation team who completed the deployment in a few days. About five to six engineers worked on the tool’s deployment.

View full review »
Muamer Riza Gani - PeerSpot reviewer
Assistant Vice President for Cyber Security Project at a financial services firm with 1,001-5,000 employees

The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.

I rate the initial setup of CyberArk Privileged Access Manager a five out of ten.

View full review »
Syed Javid - PeerSpot reviewer
Security Consultant at a financial services firm with 1,001-5,000 employees

When you do an implementation, it is always challenging internally. While the setup is very easy because they give you tools for installation, you have certain things that you need to keep in mind when you implement it in an organization. These things become a kind of a roadblock. Every time that something comes up that you need to enable from the organization's side, e.g., if you have to unlock a few things on the organization's side, you must go through a process and some teams might not allow you to go ahead with it.

The deployment took three to six months.

View full review »
reviewer990921 - PeerSpot reviewer
IT Support Specialist / Project Lead at a energy/utilities company with 10,001+ employees

Straightforward setup with a substantial learning curve to implement.

View full review »
DH
Senior Technologist at a retailer with 1,001-5,000 employees

The upgrading process was pretty straightforward. We had some issues with the platforms when we upgraded. That was probably on our part, maybe we missed something.

View full review »
VA
Consultant at a recruiting/HR firm with 10,001+ employees

The initial setup was not that straightforward. However, we had vendor support, and we were able to fix all the issues.

It took us almost a month to deploy the solution.

I’d rate the solution a three out of five in terms of ease of setup.

In terms of maintenance, some of the components are not in the cloud, so we handle these aspects ourselves. We have a dedicated team for it.

View full review »
ChaminiEllawala - PeerSpot reviewer
Identity and Access Management Engineer at Wiley Global Technology Pvt. Ltd.

The deployment process is really easy, and I would give it a four out of five.

View full review »
JP
Cybersecurity Engineer at a healthcare company with 10,001+ employees

It is pretty complex, but they have professional services to help with that. It is complex because of all the security around it, all the hardening, and getting everything set up to communicate with each other. I am not sure about the duration of the initial deployment because I wasn't on the team then.

In terms of maintenance, it doesn't require a lot of people. Maintenance is just keeping up with patches. It is pretty stable and doesn't require a lot.

View full review »
MK
IT Manager at a financial services firm with 1,001-5,000 employees

The initial setup was complex. Our deployment took three months.

We needed to scale our environment and implement the correct number of servers to prepare for a working environment.

View full review »
DP
Associate Director of IAM at INTL FCStone Inc.

The initial setup is very straightforward. It's well-documented. We sought to have external advisors and third-party consultants help, in addition to CyberArk's help, because we had such tight deadlines. We were installing multiple environments with a turnaround in weeks and had to complete the training at the same time. Junior engineers were coming in and they could walk through it. We found out that it's almost self-doable. But that's probably not advised in any solution. The help was appreciated but it's straight-away easy.

View full review »
HP
IT Security Specialist I at a healthcare company with 1,001-5,000 employees

I was not involved in the initial setup.

View full review »
RK
Information Security Analyst III at a healthcare company with 10,001+ employees

We had an educational and technical guide for the entire setup process. I also had CyberArk with me on the phone.

View full review »
Furqan Ahmed - PeerSpot reviewer
Network Engineer at Pronet

The setup process of CyberArk is quite typical. Once you understand the process, it is very easy for you. That said, for a newbie, it may be a bit difficult. For example, for the PSM module, we have to make changes in the registry of the devices. You have to collaborate with your system team to make a configuration. I can get complex. That said, once you know, it's very easy.

View full review »
Gaurav Gaurav - PeerSpot reviewer
Architect at a tech services company with 10,001+ employees

The setup process is typical. It's not easy to set up. It depends upon the environment, the requirement, what the customer is looking for, et cetera. If, let's say, there's 1,500 accounts, which need to be protected and 10,000 servers, which need to be protected, the deployment can be done with the two-node setup. The two-node setup is okay. However, when it comes to the larger organization where we have lots of privileged accounts and lots of servers or when the account increases to 100,000 servers and 100,000 or 200,000 privileged accounts, in those cases, the product is complex.

You need to be well trained in order to be able to execute an implementation. 

View full review »
SB
IEM tower manager at Capgemini

We set up huge environments.

View full review »
Meo Ist - PeerSpot reviewer
Senior Product Manager and Technology Consultant at Barikat

It is a little complex as compared to its competitors. Its deployment took a long time.

View full review »
YP
Threat Protection Architect at a consumer goods company with 10,001+ employees

The initial setup is complex because it requires a clear company structure which was not the case. Technically also CyberArk is hard to address at the start because of its technical complexity and abilities.

View full review »
Korneliusz Lis - PeerSpot reviewer
CyberSecurity Service Support Specialist at Integrity Partners

The initial setup can be complex. It is important to go really carefully step-by-step with instructions. When you do that, you can be 100% sure everything will work well.

View full review »
CF
Principal Information Security Engineer/Lead Active Directory Architect at a healthcare company with 10,001+ employees

The initial setup was a bit complex.

View full review »
Aakash Chakraborty - PeerSpot reviewer
IEM Consultant at iC Consult GmbH

I have been part of the initial implementation. However, the day-to-day operational tasks are being handled by a different team.

I was part of a migrational project. When I joined this organization, they were just migrating from the last stable version to the present stable version. It was pretty straightforward. There was, in my organization at least, documentation that was a bit more thorough to follow. That helped me a lot.

The implementation takes quite some time. Even in production, we have to instantiate the service. We had to take a special weekend, which means downtime since this is a critical application. Therefore, moving this takes some time. It's not that there are glitches and all. It's such a heavy application that requires moving so many things. For us, it took around nine to nine and a half hours roughly to deploy. This is considering if I take off all the in-between stoppages and breaks.

Privileged Access Management is a complex topic. I won't say that any of the tools are straightforward. That said, if you are thorough, then it's pretty straightforward for people who are in this industry.

I'd rate the setup process a four out of five in terms of ease of implementation.

View full review »
VS
Senior Associate at a consultancy with 10,001+ employees

Sometimes, when we install their product, the BFN (Bridge to Future Networks) to the component manager, we have issues. When we install this component in high ability mode, and the load balancer, then sometimes that creates different problems. Sometimes, to find the issue we actually, even if one of the component goes down, get notifications easily. That is not an issue, but to rectify the issue, sometimes it takes longer than I would like, you know. When it goes for a higher ability mode for the component then it makes our work a little a cumbersome.

View full review »
AP
Technical Manager at Tech Mahindra Limited

Initially, there was a lot of hiccups, because there were a lot of transitions due to manual installations. 

View full review »
DM
Core Analyst/ Server Admin at a comms service provider with 1,001-5,000 employees

I went through the proof of concept and then I also went through the initial install of our infrastructure. For our company, I've probably done 80 to 90 percent of the work in CyberArk myself.

The implementation was fairly straightforward. We had a really good implementation engineer. He did a really good job. Of course, every individual brings his own kind of approach to things. They give you insight and then you run into someone else that gives you a little different perspective. It surprised me how straightforward some of the setup is. I've experienced some things since then that lead me to think it is something that CyberArk is constantly improving on: How to implement new installs or upgrades and make them better and easier.

For instance, there was one system that, when we first installed in 2016, we were told upfront that this was not an easy system to spin up and get working. We had made an attempt at it and failed. A year later, I installed it by myself from the documentation and it went as smoothly as could be, no problems. They had improved it over that year to the point where just about anybody could do it.

View full review »
JM
Lead Automation Developer at COUNTRY Financial

I was involved in the upgrading processes, but not the initial setup. Upgrading is lengthy, because we have quite a few components, but it is definitely straightforward.

View full review »
KS
Information Security Administrator at a insurance company with 501-1,000 employees

The initial setup is straightforward. They have done major reforms on the installation process, so now we have automatic installations. We just have to run a particular script, and that does the installation for us. We also have a manual installation and that is our legacy process. So, we have both options. It is up to the customer how to move forward, but it is pretty straightforward. 

View full review »
GO
Founder at GoTab IT Risk Services

What is complex is privileged access management. When companies look at implementing a software solution for privileged access management, if they actually haven't looked at the complexities of privileged access within their own organization — and I'm speaking more in terms of the business processes for that type of access across the organization — then any software tool is going to look complex because it's not going to solve the problem.

If a firm focuses on understanding their existing Privileged Access operating model, the inherent business processes, and the risk & pervasiveness of Privileged Access across their enterprise, then they will be better positioned to understand the business problem they need to solve.  CyberArk will then become a capability that enables them to solve their IT Risk issues with privileged access, and capitalize on the efficiencies with their new operating model.  The complexity seldom ever lies in the technology. It always lies in how well it integrates with the business processes that the firm is trying to solve as part of its deployment.

View full review »
Maarten22 - PeerSpot reviewer
Works at Liberty Global

The initial setup (for a UAT environment) was straightforward. During the planning of the PROD environment, it became a little more tricky with different network segments and method for accessing the environment itself.

View full review »
SP
Senior Security Engineer at a financial services firm with 1,001-5,000 employees

The initial setup was pretty straightforward. I think the implementation only took a couple of days.

View full review »
CH
Information security engineer/ business owner

I have done several installations for the CDM contract of CyberArk and I've done several upgrades as well.

The installation is as straightforward as it comes. There are some glitches, but it's not with CyberArk, it's with the environment that I'm installing in. In that environment they don't ever follow directions, so we have to get there and say, "We need you to rebuild your vault because you did it from an image and not from the CD, and it's not supposed to have any GPOs, it's not supposed to be on the domain. CyberArk tells you this in their paperwork. We told you this." But, of course, they don't listen. We get there and they spend a day telling us, "Hey, we have to rebuild our server." And we say, "Okay, well thanks for those eight hours. I appreciate it."

View full review »
KR
Identity and Access Management Engineer at a energy/utilities company with 10,001+ employees

I did an initial installation at another company. It was pretty straightforward. 

View full review »
ProbalThakurta - PeerSpot reviewer
Senior Partner at a tech consulting company with 51-200 employees

The time it took for the deployment was approximately two years. It was not a simple process for the vendor. It should have been completed in one year, it took too long.

Our process steps for deployment involve specific stages, starting with onboarding Windows and Linux devices, and concluding with the onboarding of application service accounts and related components.

I rate the initial setup of CyberArk Privileged Access Manager an eight out of ten. 

View full review »
BRUNO REYNAUD - PeerSpot reviewer
Information Security Engineer - Pre-sales at a tech services company with 11-50 employees

The initial setup of CyberArk Privileged Access Manager is easy.

View full review »
DR
IT Security at a manufacturing company with 10,001+ employees

I have done many upgrades on many different systems and applications. It was more of a difficult upgrade path only because there were a lot of small things which could have been done if it were prepackaged into scripts inside the executable during the installation. For example, it automatically stops services so it can do the upgrade. 

There were a lot of manual steps which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5.

View full review »
MU
CyberArk Consultant at a hospitality company with 10,001+ employees

For the initial setup, where there are out-of-the-box plugins, it is pretty straightforward. But when we start going into a more advanced level, where a new plugin has to be developed, or the connection component has to be developed, there is a bit of a complexity. But again, nothing too complex, nothing which cannot be achieved.

View full review »
NR
Security Architect at a healthcare company with 10,001+ employees

The initial setup was straightforward. We did have an implementation engineer from CyberArk who walked through it with us. He guided us through the process. Even though the documentation is straightforward, there is a lot there to do with a lot of different components which make it up. In and of itself, there are a lot of moving parts, but having that implementation engineer onsite, helping us walk through it helped us be very successful quickly. We also had the same experience when we went through upgrades where we contracted with professional services to help us. They have always had someone out there who guided us through it, either onsite or remotely. We have had both instances and both have been very successful.

View full review »
JG
Security Analyst at a financial services firm with 5,001-10,000 employees

I was not involved in the initial setup.

View full review »
EG
Data Security Analyst II at a financial services firm with 5,001-10,000 employees

I was not involved in the initial setup.

View full review »
TK
Cyber Security Consultant at a tech services company with 10,001+ employees

Again, it completely depend upon your architecture design of CyberArk and planning. More complex Architecture leading to more complexity in implementation. Understand the Architecture, understand client requirement and only then design and implement. The sure shot guarantee of successful implementation is "Keep It Short and Simple".

View full review »
BW
Systems Admin II at a transportation company with 5,001-10,000 employees

I was part of the initial setup with EPM. It was straightforward during the PoC. Once we rolled it out to users, it got a little more complex.

View full review »
SN
Director Information Security at a insurance company with 501-1,000 employees

The initial setup was very complex. There were a lot of manual process. Over the years, we have seen a significant transition in the installation scripts, the setup, and the custom capabilities. So, CyberArk has come a long way since the beginning.

The upgrade processes have also improved.

View full review »
KE
Security Analyst at a retailer with 10,001+ employees

It was complex. Because at that point. I had only recently joined the security team. I was told, "Here's a share with the files. Go install this."

View full review »
it_user677688 - PeerSpot reviewer
CyberArk Consultant at a comms service provider with 10,001+ employees

The installation manual is quite straightforward and extensive. There also is an implementation manual to support the function implementation. The installation requires specific hardware which sometimes might not fit the standards within an organisation. Over the last few years the documentation has improved hugely. Of course, there is always room for improvement, but I guess this is one of the better ones in the IT field.

View full review »
it_user497118 - PeerSpot reviewer
Senior Executive Information Security at a manufacturing company with 10,001+ employees

Straightforward, easy-to-install setup.

View full review »
Volodymir Kolisnyk - PeerSpot reviewer
Security specialist at Kavitech

The initial setup takes a few days to complete.

I rate the initial setup a six out of ten, where one is difficult and ten is easy.

View full review »
AT
Managing Director at FOX DATA

CyberArk PAS setup needs expertise and experience. Based on my experience, a small deployment of 10 or 20 PAM users takes one week to set up the PAM infrastructure and another one week to go live with basic modules and standard out of box integrations. The rest of the rollout has customer dependencies.  Ideally, the PAM system needs 3-6 months to get mature in an organisation.

View full review »
it_user585702 - PeerSpot reviewer
Senior Consultant at a tech services company with 5,001-10,000 employees

Complex. Lots of architecture, lots of planning, and lots of education and training are needed. Technically, roll-out isn’t bad. It’s the support, training, education, philosophy, and integration within existing ways of doing things that are challenging.

View full review »
AM
Senior Security Manager at SMU

The initial setup is pretty easy. It is not complex.

View full review »
BA
Cyber Security Manager at a hospitality company with 10,001+ employees

When we originally implemented CyberArk, we did so incorrectly. With the help of CyberArk Professional Services, we were able to reorganize, reinstall, and upgrade within a week, then apply best practices to the implementation of CyberArk. So, I would say that it took us about a week to get setup correctly.

At first, the integration of CyberArk into our IT environment was a bit rough. People didn't want to give up the rights and privileges that they had. But, we were able to show them how easy it was for them. We even layered in multi-factor authentication to access the accounts that they needed, which were privileges for appropriate functions. Once we were able to show them how they could quickly and smoothly get the access that they needed, it was not a bad thing, as they found out.

View full review »
MS
Technical consultant at a healthcare company with 1,001-5,000 employees

I was involved in the initial setup and I actually used CyberArk's Professional Services. It was straightforward. We didn't have any hurdles during the setup.

View full review »
MV
CyberArk PAS Solution Professional | Project Manager at a tech services company with 10,001+ employees

The initial installation was straightforward. The configuration or integration can be complex depending on the requirements, design, and infrastructure of the organization.

View full review »
it_user674049 - PeerSpot reviewer
Head of Technical Services at a tech services company with 51-200 employees

The manual reads like a step-by-step guide. The installation, although complex, can be achieved by following the installation guide.

View full review »
Mammad BNB - PeerSpot reviewer
Director Of Technical Operations at BNB Security Alliance

The initial setup CyberArk Privileged Access Manager is easy.

View full review »
KL
Team Lead Information Security Control at a financial services firm with 5,001-10,000 employees

The initial setup of CyberArk Privileged Access Manager was straightforward.

View full review »
reviewer990912 - PeerSpot reviewer
Senior Manager - Privileged Access Management at a tech services company with 10,001+ employees

Initial setup was complex and time-consuming but the later versions are a lot faster to implement.

View full review »
MW
Senior server administrator at a financial services firm with 1,001-5,000 employees

I wasn't involved in the initial setup but I am involved in upgrade processing. Now, it is very straightforward. When we did the first major upgrade, it was very complex and required Professional Services for two weeks. Since we made it to version 9, the upgrades have been as simple as you could possibly hope for.

View full review »
DD
Information Security Engineer at a international affairs institute with 1,001-5,000 employees

The initial setup was straightforward because its entire complexity was hidden by the CyberArk expert who guided the whole process.

View full review »
it_user507834 - PeerSpot reviewer
Senior Consultant at a consultancy with 10,001+ employees

I would rate initial setup as a medium complexity. They have good documentation, as well.

View full review »
it_user512235 - PeerSpot reviewer
Sr. Technical Consultant at a tech company with 51-200 employees

The initial setup is not so complex, but CyberArk does require more servers for a full-fledged installation.

View full review »
it_user185532 - PeerSpot reviewer
Security Expert at SecurIT

Our company has set up a ‘generic’ and fast implementation plan based on our experiences and best practices. This plan provides a straightforward approach, which can be customized into a complex solution to suit every customer's needs.

In general, the installation is quick, but the actual work is found in the process of onboarding new account(type)s as this requires a significant amount of communication and coordination.

View full review »
it_user186408 - PeerSpot reviewer
Senior Manager of System Security at a tech services company with 51-200 employees

The initial setup is really fast, simple and straightforward. It consist of a simple Windows installation (next-next type) for any component. The only requirement is to do the installation step by step following a list of components to do beforehand.

View full review »
it_user834369 - PeerSpot reviewer
Associate Vice President & Head of Apps Support at a tech services company with 10,001+ employees

AIM was a complex piece, but the install was straightforward. It took us around five months.

View full review »
HP
Lead Consultant at a tech services company with 10,001+ employees

It's straightforward, I mean probably who for 11 years of experience is quite straightforward, but maybe for a newbie, it could be complex.

View full review »
it_user514779 - PeerSpot reviewer
Project Manager at a tech services company with 10,001+ employees

The initial setup was somewhat complex, but we received help from the product support team with the installation.

View full review »
it_user512265 - PeerSpot reviewer
Consultant at a tech company with 1,001-5,000 employees

This question goes both ways; initial setup can be straightforward and it can become complex. The architecture in the network and installation of the software itself is pretty straightforward. Most of the modules/components are agentless. This makes it possible to install the solution in the datacenter without impacting any existing devices (no impact on running systems, and simplifying change and release management). Integrating the systems (privileged accounts) in the CyberArk solution can happen gradually.

The flexibility of the product, on the other hand, has as a consequence that there is a lot to configure. Depending on the existing infrastructure and functional demands at the different organizations, care has to be taken to have a correct implementation.

View full review »
it_user514596 - PeerSpot reviewer
Security Technical Consultant at a tech services company with 10,001+ employees

Initial configuration is quite complex and takes a considerable amount of time. However, this depends on the management requirements of the organisation. An example of this is connectors to mainframes, which might require a degree of customisation and knowledge of how the password manager functions (and relevant training). Setup regarding installation is straightforward, as the provided guides are quite expansive and include several installation possibilities (e.g., standalone, HA, DR, etc.)

View full review »
it_user234336 - PeerSpot reviewer
Technical Manager, System Division at a tech services company with 501-1,000 employees

Initial setup was actually easier.

View full review »
reviewer991878 - PeerSpot reviewer
Senior IT Security Engineer at a insurance company with 5,001-10,000 employees

Pretty straightforward, a lot of time will be spent on the initial engineering phase where you determine how you want to use the solution, naming requirements, admin accounts, etc.

View full review »
it_user574734 - PeerSpot reviewer
Technology Architect at a renewables & environment company with 51-200 employees

We were assisted for the initial setup by a CyberArk consultant for one week.

View full review »
it_user871449 - PeerSpot reviewer
IT Analyst at a tech services company with 10,001+ employees

It is necessary to use professional service for the setup of the solution. It is a challenge if you are not well-versed in CyberArk.

View full review »
BB
Master software engineer at a financial services firm with 10,001+ employees

I have been involved in the initial setup elsewhere. It's actually really straightforward, depending on what you're trying to do. If you have a simpler environment, to set up a PVWA and to set up a vault, is straightforward. It's all pretty much there in the guide. Sometimes the documentation gets a little bit out of sync, where things aren't exactly as they should be but it's always really close. Generally, the documentation is good and straightforward.

View full review »
it_user455391 - PeerSpot reviewer
IT Admin at a tech company with 10,001+ employees

The setup has a medium level of complexity.

View full review »
it_user121395 - PeerSpot reviewer
ITSM & AntiFraud Consultant with 51-200 employees

Straightforward when you have the use cases and a SoW. Usually you follow the Installation Manual, and perform the after-installation tests, and you are sure that everything is OK. The only issue I had was with the anti-virus that was left on the server and that deleted some PSM files. You must always double-check the prerequisites, as you can have some surprises with the GPO that overrides your settings.

View full review »
KR
Technical Director at Unique Performance Techsoft Pvt Ltd

The setup is very straightforward.

View full review »
it_user620580 - PeerSpot reviewer
Security Engineer at a tech services company with 51-200 employees

The initial setup was simple. It is windows based and leverages installation wizards to perform installation. Also, sufficient documentation exists to guide the setup procedure.

View full review »
it_user620580 - PeerSpot reviewer
Security Engineer at a tech services company with 51-200 employees

The setup was simple. It is Windows based and leverages installation wizards to perform the installation. Also, sufficient documentation exists to guide you through the setup procedure.

View full review »
MV
Engineering Lead PAM with 10,001+ employees

The complexity of the initial setup depends on the organization's underlying infrastructure, on the environment in which the development is happening. Sometimes the environment on which the product is being installed is more of a challenge than the product. That plays a key role. And, as I mentioned, it's a bit of a challenge because of the documentation at the moment. It needs to be much more user-friendly

The time for deployment also depends on the environment in which the product is being deployed. The technology landscape is very complex. With an end-to-end implementation, it can vary depending on whether the environment is small or medium or complex, and what types of use cases are involved. If it is just a simple environment and minimal features need to be configured, it can be straightforward and take a few days. But if it's a really large-scale, complex environment, where multiple integrations are required, because the underlying requirement to deploy CyberArk with other applications is complex, it will definitely take longer.

View full review »
HT
CDO & Co-Founder at ELYTIK

The installation is not difficult for me because all the information is on the website.

View full review »
JL
Presales Engineer at a tech services company with 51-200 employees

The initial setup was straightforward. It can be carried out by a single person. 

View full review »
it_user685302 - PeerSpot reviewer
Technical Lead at a tech services company with 10,001+ employees

As this was new product, there were some small challenges in understanding but the setup was straightforward.

View full review »
RS
Principal Consultant, IAM Projects at a tech services company with 201-500 employees

The initial setup was OK. If I set up one box, one automation, one machine, within one program, it is O. But, if I have multiple locations in Japan, China, Asia, Singapore, and the like, I will have some trouble. I have faced this problem in the past. 

View full review »
it_user507363 - PeerSpot reviewer
IT Security Consultant at a tech services company with 10,001+ employees

Initial set up is super simple and if planned properly, can be installed within a couple of hours.

View full review »
it_user445038 - PeerSpot reviewer
Cyber Security Supervisor at a tech company with 1,001-5,000 employees

Initial setup was very easy. We started integrating systems and providing access to systems within few days.

View full review »
it_user635622 - PeerSpot reviewer
Vice President - Cyber Security at a tech services company with 10,001+ employees

It takes a while to adapt to the product.

View full review »
it_user665142 - PeerSpot reviewer
SD/Infr Coordinator at a computer software company with 201-500 employees

The most difficult part was convincing the technical teams to use it.

View full review »
RN
Product Manager at a tech services company with 11-50 employees

The initial setup is straightforward.

View full review »
it_user225765 - PeerSpot reviewer
IT Security Engineer at a tech services company with 51-200 employees

It was straightforward as the documentation was rather clear. This made the implementation simple.

View full review »
KN
Junior Product Consultant at a tech services company with 501-1,000 employees

We found the initial setup quite difficult. There were a lot of errors and we found the process to be a bit complex. I wouldn't describe the implementation as straightforward.

In total, the deployment took about one week from beginning to end.

View full review »
it_user685299 - PeerSpot reviewer
IT Security Specialist at a tech services company with 11-50 employees

Basic setup is pretty straightforward, but to fully utilise the product it can get complicated as it ties in with a lot of other products. Suggest a phased installation so staff can adjust to new processes.

View full review »
it_user674070 - PeerSpot reviewer
Senior Technical Trainer at a tech services company with 501-1,000 employees

The initial setup is a bit complex because it has lots of prerequisites and dependencies on Windows' features.

View full review »
Buyer's Guide
CyberArk Privileged Access Manager
March 2024
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.