Symantec Privileged Access Manager Archived Reviews (More than two years old)

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Asif Shaikh
Consultant
Security Consultant at a tech services company with 10,001+ employees
Jun 03 2018

What is most valuable?

Privileged account management for Windows (domain and local) and Unix.

How has it helped my organization?

* Earlier admins used to access critical system from their desktop, which was a security threat considering the wide variety of compromises happening on endpoint. Now, all… more »

What needs improvement?

Service account management is a key area where the product needs to develop. Currently, the product supports service account discovery, but only if the host name of the… more »

What's my experience with pricing, setup cost, and licensing?

Pricing is fair compared to other top vendors, like CyberArk. The licensing is simple and scalable.

Which solution did I use previously and why did I switch?

No previous solution was used.

What other advice do I have?

Go for it if your key areas are password/session management of Windows/Unix/database. Be careful if you want to use this for service account management. There are some… more »

Which other solutions did I evaluate?

We did not evaluate any other solutions.
Real User
Architect at a comms service provider with 10,001+ employees
Feb 02 2018

What is most valuable?

One of the key things for us about the product is around its simplicity. Being able to put in the technology that allows the business to remove complexity and also allow the security improvements. This is high on our agenda.

How has it helped my organization?

The key benefits are we improve our governance. We ensure we can build more trust in the way we run and operate our environment, and most of all is the accountability. Where things do go wrong from time to time, we are in a good position to ensure that we can recover quickly.

What needs improvement?

As with most things CA, once we are bringing more technology into the portfolio and being able to collapse those products into a much more integrated way, that will definitely come over the time. In terms of improvement, keep listening to customers and their challenges and make sure the roadmap is… more »

What other advice do I have?

It is fairly mature in the world of what it have known as a vault. When you look in a wider context of how to bring it into an organization, it is not necessarily just the technology side. I would rate it from the technology side between a seven and an eight. Actually, how it becomes too much of an… more »
Find out what your peers are saying about Broadcom, CyberArk, BeyondTrust and others in Privileged Access Management. Updated: September 2020.
438,246 professionals have used our research since 2012.
Real User
Information Security Manager at United Parcel Service
Feb 01 2018

What is most valuable?

I have been in the security business for almost 30 years. We have never had a solution in place where we could really manage and control privileged accounts in the company. This solution really makes a big difference. We started rolling it out for our Linux base. It has been invaluable to us already, and it has only been a year.

What needs improvement?

We are a multiplatform shop, so we have Windows, Linux, mainframe. The mainframe piece of it is coming along, but we would like to see a little bit more integration with the non-CA mainframe component, such as RACF. That is what we use, but they have more features which are coming out in the next month or so, which is a huge. They are listening to their customers. I think that is great, but they… more »

What other advice do I have?

Right out of the box, right now, I would say it is a solid eight. I think 10 is doable, and they are very close. We are still only a year out. We have only really done one platform, so I am kind of saving the nine and 10 for once we are fully deployed. Most important criteria when selecting a vendor: Support is a big deal. Reputation is great, but the support is what we use most. After the sale is… more »
Real User
Information Security at ITG
Jan 10 2018

What is most valuable?

Whoever built it from the ground up, they understand how an organization is laid out. You can tell. When a user comes in, it automatically picks up their information. It is very easy to use. The interface is very friendly, colorful, and bold. I really like that. It is friendly to the users.

What needs improvement?

What PAM does is when a user signs in, or when a user gets prompted to an organization, they are classified based on what teams, job titles, and roles that they have. One feature I would like to see is instead of just giving passwords to the user based on job function, from auditing perspective… more »

What other advice do I have?

If your company has Windows, Unix, and Linux, and has accounts all over the place and you need to management it, look into CA now. I feel like I have to learn more about CA PAM, because there are a lot of questions I still have for the product and I do not know them yet. Most important criteria when… more »

Which other solutions did I evaluate?

After doing a little bit of research in the PAM market, there are not too many PAM players out there. Obviously, there is CyberArk but the other big player is CA PAM. I took a look at CA PAM. CA's rep gave me every reason to pick CA PAM over CyberArk. CyberArk is harder to set up. You need a stand… more »
Real User
Program Manager at a financial services firm with 10,001+ employees
Jan 01 2018

What is most valuable?

The session recording is useful. We can capture what each of our users are doing. It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we… more »

How has it helped my organization?

It will provide us with more security. Anybody who has access can only get it. It makes admin access more critical. People are not building service accounts. It will provide more security and… more »

What needs improvement?

We are going to work on Trade Analytics, so we wanted to see how Trade Analytics work and all. They need to work on some of the enhancements, which we have already given to them. They need to have… more »

What's my experience with pricing, setup cost, and licensing?

Cost-wise, CA was better compared to others in the market.

What other advice do I have?

Depending on your requirements, you can compare different products and decide what you want. This product so far seems good to us. Most important criteria when selecting a vendor: Our use cases, all… more »

Which other solutions did I evaluate?

One of the goals for one of our projects this year was to implement Privileged Access Management. We tried different products in the market: Xceedium, CyberArk, etc. This is when we decided on… more »
Real User
Information Security Manager at United Parcel Service
Aug 09 2017

What is most valuable?

Transparent login for users of privileged IDs (Linux, Windows). This prevents sharing of the password because it is never seen.

How has it helped my organization?

Once we implemented the solution, we found that support groups were sharing the Root password with some application teams to facilitate implementations and upgrades. The… more »

What needs improvement?

Reporting. It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking. I have already spoken to… more »

What's my experience with pricing, setup cost, and licensing?

Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload. Definitely make… more »

Which solution did I use previously and why did I switch?

We have been trying to get approved for a solution (this or others) for 15 years. We finally have a CIO who understands the need for and benefit of this product and it was… more »

What other advice do I have?

Definitely do your homework. CA PAM was the best product for us but if you are strictly a mainframe shop you might like a different solution and similarly for a Windows… more »

Which other solutions did I evaluate?

We had a project to review eight vendors and their PAM products: IBM, Hitachi, CyberArk, BeyondTrust, CA, Enforcive, Centrify, and Lieberman.
Vendor
Citrix / Windows Administrator/PM at a government with 10,001+ employees
Aug 03 2017

What is most valuable?

The tool helps us manage local, domain, and service accounts. It helps us meet compliance standards.

How has it helped my organization?

The fact the password is changed after each checkout beats changing passwords manually every few months.

What needs improvement?

I would definitely like to see improvements in the documentation. It is very plain and doesn't provide details. They are no screenshots either.

What's my experience with pricing, setup cost, and licensing?

I'm the admin and do not know anything about pricing and licensing.

Which solution did I use previously and why did I switch?

I don't think DSS used any other solution prior to this.

What other advice do I have?

Be prepared to call tech support a lot because the documentation is almost worthless.

Which other solutions did I evaluate?

I personally have used RPM and think it is more user-friendly.
Vendor
Business Coach & Consultant
Jul 31 2017

What is most valuable?

If I remember correctly, it was the two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us.

How has it helped my organization?

Our organization does and uses cloud-based solutions. Those have to be very secure. Specifically, administrative access needs to be highly secure. When people are accessing the production environment… more »

What needs improvement?

Trouble free installation and configuration and not even noticing that it's installed. There's too many steps involved in accessing the production network. Too many things you have to do to get on… more »

Which solution did I use previously and why did I switch?

Yeah, we were using OpenVPN. We were using OpenVPN, and the biggest single reason was dual-factor authentication with PIV and CAC. That was the biggest single reason.

What other advice do I have?

I would say, test it out in your environment, make sure it works out well. If it configures well, and then, assuming it works out fine, you're in good shape.

Which other solutions did I evaluate?

We looked at about a half a dozen, and this one came out to be the best one. We filtered down.
Consultant
Senior Engineer at a tech services company with 1,001-5,000 employees
Jul 25 2017

What do you think of Symantec Privileged Access Manager?

What is most valuable?

Access management and security compliance.

How has it helped my organization?

It started with the basic features, and gradually they added SCP, FTP, and also the API calls that helped us to meet the Automation at our end.

What needs improvement?

Role mapping, high availability, coverage of more important AWS data centers in Frankfurt.

For how long have I used the solution?

I've used this solution for three years

What do I think about the stability of the solution?

It has been reliable down the line with new features and updates.

What do I think about the scalability of the solution?

Yeah, it still does not support HA in Multi AZ subnets.

How are customer service and technical support?

Yeah, it's great. I would give it a nine out of 10. …
Real User
Pre-Sales Engineer at a tech services company with 51-200 employees
Jul 25 2017

What is most valuable?

Password Management and Session Recording. The simplicity and ease that it is to be up and running out-of-the-box is very much appreciated. The recording feature uses a… more »

How has it helped my organization?

We are now able to record all technical support requests that require a remote control session, therefore accountability has risen reducing the amount of mistakes or… more »

What needs improvement?

The support for other remote assistance tools would be excellent. Free included tools in Windows (Remote Assist) and Microsoft SCCM Configuration Manager (ConMgr Remote… more »

What's my experience with pricing, setup cost, and licensing?

Can’t say much. The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution.

Which solution did I use previously and why did I switch?

No, I have looked at CyberArk, but never used it as a customer.

What other advice do I have?

If looking for a solution with privileged session management, great recording features with an integrated password vault and Single Sign-On that is pretty straightforward… more »

Which other solutions did I evaluate?

Yes, CyberArk. We found it too complex and with more features than one would probably need.
Vendor
Tech Lead at a financial services firm with 5,001-10,000 employees
Jul 23 2017

What is most valuable?

For me, it is the robust API which is the most valuable feature. This allows for low maintenance costs and allows applications to automatically connect. This is great to… more »

How has it helped my organization?

Before we had a vaulting solution that had a manual provisioning of the DB and privileged accounts. Now, we can automate this provisioning through APIs which are easy to… more »

What needs improvement?

I wish it could create local accounts on desktops. But, what I really want to do with it is automatically manage DevOps pipelines through tools like Docker/Puppet/Chef. It… more »

What's my experience with pricing, setup cost, and licensing?

Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs… more »

Which solution did I use previously and why did I switch?

I have used ERPM, but it was difficult to upgrade the product. The structure of the vaulting policies was not conducive to Ally’s organization. Plus, it ran on Windows… more »

What other advice do I have?

If you truly want to secure a DevOps world that is constantly changing the architecture and number of boxes, then you need CA PAM.

Which other solutions did I evaluate?

We looked at CyberArk, BeyondTrust, ERPM and ObserveIT.
Vendor
IT Security & Compliance at a energy/utilities company with 1,001-5,000 employees
Jul 23 2017

What is most valuable?

The password vault and access to the systems are the most valuable features. It meets with the objective of password vault with controlled access to systems.

How has it helped my organization?

There are no improvements as it never went live.

What needs improvement?

It lacks good logging capabilities and the reports are not customized. Also, there are security issues with the 'super' account.

What's my experience with pricing, setup cost, and licensing?

It’s not a cheap solution. The increasing number of licenses are also expensive.

Which solution did I use previously and why did I switch?

We were not using any other product before, although now we have changed to another cheaper solution.

What other advice do I have?

There are other cheaper solutions available in the market.
Vendor
Project Coordinator at a logistics company with 10,001+ employees
Jul 23 2017

What is most valuable?

Gives us the ability to rotate passwords automatically in the vault, on in any interval, via a scheduled job or password view. This takes out the management of passwords… more »

How has it helped my organization?

Without getting too specific, we are able to manage root account passwords on 1600+ Linux servers. Our users can transparently login with those credentials when needed.

What needs improvement?

The OOTB reporting functionality is lacking. The ability to view a simple breakdown of the various data. They offer an all or nothing solution that does work for my… more »

What's my experience with pricing, setup cost, and licensing?

I was not involved in the negotiations of the product.

Which solution did I use previously and why did I switch?

We didn’t have a previous solution.

What other advice do I have?

My only advice is to make sure you perform a through PoC in your environment to make sure all aspects of the system work for you.

Which other solutions did I evaluate?

We started out with eight different products and wound up doing an RFP with four finalists, and CA PAM was one of them. The other three were BeyondTrust, CyberArk, and… more »
Vendor
Principal Consultant
Jul 23 2017

What is most valuable?

Some of the valuable features are safe access to company resources, quick, comprehensible, and intuitive management interface, and good integration capabilities. Control… more »

How has it helped my organization?

* Quick setup * Support for different types of existing user stores * Management automation through REST interface * Integration with Identity Management solutions easily… more »

What needs improvement?

I would like it to support more types of integration.

What's my experience with pricing, setup cost, and licensing?

Contact the sales department.

Which solution did I use previously and why did I switch?

Many customers switched to CA PAM, because the list of useful features quickly expands.

What other advice do I have?

Proceed!

Which other solutions did I evaluate?

We evaluated Hitachi ID PAM and IBM PIM.
Vendor
Presale Engineer with 51-200 employees
Jul 23 2017

What is most valuable?

Access control and Password Management, because almost every customer wants to protect and audit their server(s), as well as their credentials.

How has it helped my organization?

When a customer uses CA PAM, they can control who can access their server and what they do. So they feel more comfortable when using outsourced engineers to manage their assets.

What needs improvement?

Reporting, Logging, and support recording for Web App using Java. Now, the reporting feature on CA PAM only shows the basic information in white-black table format. If I’m a customer, I like to see… more »

Which solution did I use previously and why did I switch?

No, I didn’t.

What other advice do I have?

The CA PAM product can help companies/organizations who looking are for Privilege Access Management. CA PAM is an industry leader; a powerful, easy to use solution.

Which other solutions did I evaluate?

No, I didn’t.
Vendor
Security Consultant
Jul 23 2017

What do you think of Symantec Privileged Access Manager?

What is most valuable?

One of the most valuable items is the load balancing feature.

What needs improvement?

The live session recording is still not in the features.

For how long have I used the solution?

We have used this solution for over a year.

What do I think about the stability of the solution?

There were no issues with stability.

What do I think about the scalability of the solution?

There were no issues with scalability.

How are customer service and technical support?

I would give technical support a rating of 7/10.

Which solution did I use previously and why did I switch?

This is the first solution.

How was the initial setup?

The setup is one of the advantages of CA PAM, as compared with the other solutions.

Which other solutions did I

Real User
Security and Governance Manager (Principal Director) at a tech services company with 201-500 employees
Jul 23 2017

What is most valuable?

The solution has the capability to address hybrid eco-systems, both on-premises and cloud services. Most of the high privileges now include tenant administrator credentials. Integration with the AD RBAC model is also a great feature, as we… more »

How has it helped my organization?

The solution allows us to ease the risks and headaches with administrators turning to our IT team.

What needs improvement?

I would like the ability to provision through a real REST API. Perhaps this could be SCIM-PAM, once it is certified.

What other advice do I have?

Have a good view of their role model and critical assets.

Which other solutions did I evaluate?

We evaluated Sudo-AD and CyberArk.
Renê Souza
Real User
Especialista em CA at a tech services company with 5,001-10,000 employees
Jul 21 2017

What do you think of Symantec Privileged Access Manager?

What is most valuable?

It offers access control of privileged accounts.

How has it helped my organization?

It has simplified and unified the access of the users to a single point of access. It grants access identity to privileged accounts.

What needs improvement?

I would like to see improvements in branding customization and multi-tenancy.

For how long have I used the solution?

We have been using this solution for six months

What do I think about the stability of the solution?

The solution is not implemented for end users, so we haven't had any problems so far.

What do I think about the scalability of the solution?

There were no issues with scalability.

How are customer service and technical support?

Technical support is very good.

Which solution did I use

Vendor
Senior Systems Administrator at a tech company with 5,001-10,000 employees
Jul 20 2017

What is most valuable?

The most valuable element is the keystroke tracking feature. We use the tool in our FedRAMP data centers. Whenever an employee does some work at the command line in the… more »

How has it helped my organization?

The product has not improved our organization. It is an intentionally limiting product. That’s why we have it.

What needs improvement?

It limits the number of CIs. Why not have unlimited CIs? As I understand the licensing, we purchase the PAM product and pay for it based on the number of CIs. (A “CI” is a… more »

What's my experience with pricing, setup cost, and licensing?

I am not involved in pricing and licensing.

Which solution did I use previously and why did I switch?

We did not use a previous solution.

What other advice do I have?

Make sure you can track enough CIs and have room for growth.

Which other solutions did I evaluate?

I don’t know about the evaluation of other products. I was not involved in that part of the process.
Consultant
Finance at a tech services company with 10,001+ employees
Jul 20 2017

What do you think of Symantec Privileged Access Manager?

What is most valuable?

Manager user/admin’s password, so it’s more secure and password will be changed on time.

What needs improvement?

When there’s new patches or upgrades, please test the new release well, so it won’t break the functional parts.

What do I think about the stability of the solution?

It’s very stable, unless we do some patches or upgrade, then it’ll break some functional parts.

What do I think about the scalability of the solution?

So far, no.

How are customer service and technical support?

So far, it's fair. Because sometimes, it takes me a few days/weeks to get attention.

Which solution did I use previously and why did I switch?

No.

How was the initial setup?

I didn’t get involved in the initial setup.

What's my experience with pricing, setup

Vendor
IT Operations at a retailer with 10,001+ employees
Jul 20 2017

What is most valuable?

* Password management (Linux/Windows) and session recording. * Platform to access any (RDP, Telnet, SSH device in Datacenter).

How has it helped my organization?

* Centralized * Secure * Monitored access to any (RDP, Telnet, and SSH device in Datacenter).

What needs improvement?

Still Exploring.

What's my experience with pricing, setup cost, and licensing?

Based on features e.g., access management and password management, the price is suitable.

Which solution did I use previously and why did I switch?

No.

What other advice do I have?

It is the best product for monitoring the recorded session of your IT admins and external consultants. RDP is best for Telnet and SSH devices password management.

Which other solutions did I evaluate?

I don't remember now, but we did a PoC for a few, but chose CA PPM (formally known as Xceedium).
Real User
IAM Architect at a tech services company with 5,001-10,000 employees
Jul 20 2017

What is most valuable?

So far, we’re using the RDP-gateway and the “published application” features. * The RDP-gateway: For limiting which server an operator can access. * The “published applications” feature: To minimize… more »

How has it helped my organization?

The exposure of sensitive usernames and passwords has been limited in a massive way. This allows us to give much needed access to LDAP servers and databases without the operator knowing the username… more »

What needs improvement?

I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using. Have nothing further right now due to limited exposure to the more technical parts of… more »

What's my experience with pricing, setup cost, and licensing?

I do not know as I only work with the technical parts of the product, I do not worry about pricing and licensing.

Which solution did I use previously and why did I switch?

We used the now discontinued Shared Account Management component of CA Privileged Identity Manager.

What other advice do I have?

Make sure you have all your network needs mapped out prior to installation, as you have to add all needed networks to the virtual appliance prior to the first boot.
Consultant
Ingeniero de servicios at a tech services company with 51-200 employees
Jul 20 2017

What is most valuable?

The possibility to control the remote activity and establish different policies, because it depends on the position of workers, how much access they needed, and in what… more »

How has it helped my organization?

We administrate the platform in some clients and the results are very useful to control the access to privileged servers.

What needs improvement?

The Java problem for web access to the platform, add more useful information in the logs; solve the Javascript problem to access to some Google services on the web.

What's my experience with pricing, setup cost, and licensing?

I don’t have any comment

Which solution did I use previously and why did I switch?

No, but I've heard about CyberArk.

What other advice do I have?

Well, that I recommend the product. It has a good interface and it’s easy to administrate.

Which other solutions did I evaluate?

No, I’m not from the sales department.
Vendor
System Support Analyst at a financial services firm with 10,001+ employees
Jul 19 2017

What is most valuable?

I mostly do support for the product so I’m aware of all the features this product offers. I like the fact that passwords are checked-in automatically. In case you forget to release the account so that other people can use it, it keeps the… more »

How has it helped my organization?

PA is a global vault application which is essential in our day-to-day tasks is retrieving and using privileged accounts. Also provides a nice logging and notification to management as well as audit.

What needs improvement?

I think most people that use the product are concern with performance and they are also used to the user inference. We shouldn’t compromise a better looking UI with performance. It’s hard to say, because ever since I’ve started using the… more »

Which solution did I use previously and why did I switch?

I am not sure. When I joined the bank, this was what they were using.

What other advice do I have?

I think this product is no longer available. But if it is, I would recommend a full stress test before they even implement it. Make sure you can run it on the newest web or application servers.
Vendor
Systems/Software Engineer at a tech vendor with 10,001+ employees
Jul 19 2017

What is most valuable?

Used for securing privileged accounts. This is the why people choose this particular product: To manage credentials and record sessions.

How has it helped my organization?

DXC has created a managed service offering based on it.

What needs improvement?

* The user interface and dependence on applets and Windows could use some improvement. * Increased the compatibility with other browsers. * Remove the Java applet dependency (it is being depreciated).

Which solution did I use previously and why did I switch?

We haven’t switched from a previous solution, but rather added an additional option to our offering catalog.

What other advice do I have?

Make sure you are certified from the official CA course.

Which other solutions did I evaluate?

Before choosing this product, we evaluated CyberArk PAM.
Vendor
Sr. Oracle DBA at a government with 10,001+ employees
Jul 19 2017

What is most valuable?

One of the valuable features is the randomly generated password. It is a strong way to protect the security access to the network and servers in our department of Homeland Security Environmental Management System.

How has it helped my organization?

It has helped us with security.

What needs improvement?

Updates get difficult for the client. It needs to improve. I experienced difficulty in upgrading the software myself. With a tech engineer's help, I was able to manually delete some directories and was finally able to upgrade successfully… more »

Which solution did I use previously and why did I switch?

We did not use different solution before.

What other advice do I have?

Make it easier to upgrade the software.
Consultant
Consultor Senior TI y Seguridad de Datos at a tech services company
Jul 19 2017

What is most valuable?

Session Recording: This feature is very useful and powerful. This application is very easy, fast, and trustworthy!

How has it helped my organization?

This product allows the administrator of users control of the vault of passwords, in the sense that is known who are the privileged users and who has the power to close… more »

What needs improvement?

The integration with AS/400 Endpoint via Transparent Login could be better and useful for some users.

What's my experience with pricing, setup cost, and licensing?

They can request a trial, and if the results are positive, make a PoC.

Which solution did I use previously and why did I switch?

No.

What other advice do I have?

Try the product.

Which other solutions did I evaluate?

We are a partner of CA. The tests were only executed for this product (CA PAM).
Anton Purba
Consultant
IT Security Consultant at a tech services company with 51-200 employees
Jul 17 2017

What is most valuable?

* Session Management (Session Control and Recording) * Very good in reliability * Deployment Model: Available in both hardware and software appliance with one step installation only

How has it helped my organization?

Not applicable. I’m distributor of this product, not an end user.

What needs improvement?

Live session GUI command keystroke and filtering Session limitation Live Session is a common feature now on PAM technology. By having this feature, an Administrator can monitor on live session about a… more »

What's my experience with pricing, setup cost, and licensing?

There is a combination of user and target devices pricing/licensing. There is no point to charge on target device pricing for 1000+ target devices. I would suggest charging for user percentages.

Which solution did I use previously and why did I switch?

We did not use a solution before this one.

What other advice do I have?

I’m very satisfied with the product.
Vendor
Cloud SME
May 08 2017

What is most valuable?

When you look at the whole PAM itself, session manager is very important. It records what happens. Access manager and credential manager are very important as well. Those are the key things. Session… more »

How has it helped my organization?

On the access management side, our system administrators, under privileged management, don't have to use their local tools to log on to the production servers. They basically will log on, but they… more »

What needs improvement?

When we look at CA PAM, the multi-tenant deployment is definitely an improvement that we want to see. They don't offer multi-tenancy. If I have an enterprise, or if I am an MSP and I would like use an… more »

Which solution did I use previously and why did I switch?

There were no previous solutions. CA PAM is the new evolution of Privileged Management. We haven't used a PAM solution in the past, and this was our first generation PAM that we used. We didn't move… more »

What other advice do I have?

If you are going for a multi-tenant deployment as an MSP, I would work with CA to see when that feature will be available. If the local end points are logged down with the Java versions, I would… more »

Which other solutions did I evaluate?

We did evaluate other solutions. * We did a market research of Xceedium, before CA bought Xceedium Xsuite * CyberArk * Dell had a tool to do privileged identity management * There's another company… more »
Vendor
User at a tech vendor with 10,001+ employees
Apr 28 2017

What is most valuable?

The product is for privileged access for a jump server using a PIV card.

How has it helped my organization?

So far, with the functionality of what we had, there has not been much improvement at this point of time. I am not able to comment at this time.

What needs improvement?

I think it works just enough because it is a mandate from the customer to have the privileged access for the administrators to manage the servers using the PIV cards. We haven't used it long enough to… more »

Which solution did I use previously and why did I switch?

There was not a previous solution.

What other advice do I have?

I think it's a good solution for anybody who is looking for a single sign-on implementation for administration of the servers. It's a straightforward solution. It has been in the federal space for… more »

Which other solutions did I evaluate?

We did not evaluate different products. There was no choice for us. We didn't have a choice to evaluate other solutions because they mandated the use of this product.
Vendor
Security Engineer
Apr 28 2017

What is most valuable?

Transparent login and cluster synchronization. This is quite stable compared with other products. It is easy to manage for the administrator.

How has it helped my organization?

After the CA acquisition of Xceedium, I was able to see a lot of improvement in technical support.

What needs improvement?

There are a lot of gaps in the documentation. The documentation has to improve like anything else. There are a lot of things which are not covered in the documentation, and there are a few things… more »

What's my experience with pricing, setup cost, and licensing?

There are currently other tools on the market which are much cheaper than PAM. They can do almost all of what PAM does, and even do it better. CA can think of reducing the pricing for PAM.

Which solution did I use previously and why did I switch?

We did not use a previous solution.

Which other solutions did I evaluate?

We did not evaluate other solutions.
Consultant
Director, Managed Services - Analytics & Data Solutions at a tech services company with 51-200 employees
Mar 14 2017

What is most valuable?

* Consolidates access to all the systems * Easy to deploy/virtual * Records access for troubleshooting issues

How has it helped my organization?

One example of how it has improved the way my organization functions is that before, we had to deal with the firewall rules between domains to control access. With CA PAM… more »

What needs improvement?

They need to improve how it scales. We end up adding new “appliances” to scale for large or complex environments. I run a multi-tenant cloud environment so I cover… more »

What's my experience with pricing, setup cost, and licensing?

Negotiate well but more importantly, design your architecture and understand what you will need as you scale (build building blocks).

Which solution did I use previously and why did I switch?

I have used different systems in the past with other companies that I worked for, so I have been able to compare several of these. CA PAM is the least expensive option… more »

What other advice do I have?

Make sure you fully vet out what is needed for the complete process, and understand what you need up front for the initial set and what will be added at what trigger… more »

Which other solutions did I evaluate?

We also evaluated One Identity, Centrify and Microsoft PIM.
Vendor
User
Mar 07 2017

What is most valuable?

Monitoring privileged users’ actions is valuable because of the high level of trust and wide-ranging access insiders typically enjoy. The impact of an insider breach… more »

How has it helped my organization?

* Integrates your management

What needs improvement?

Customers want simultaneous monitoring of users’ actions, so a manager can block the session immediately in case of a user violation.

What's my experience with pricing, setup cost, and licensing?

Reduce the price by subdividing the license bundle.

Which solution did I use previously and why did I switch?

We did not previously use a different solution.

What other advice do I have?

It is the best solution for managing privileged users.

Which other solutions did I evaluate?

Before choosing this product, we did not evaluate other options.
Vendor
Sr. Security Analyst at a retailer with 1,001-5,000 employees
Feb 22 2017

What is most valuable?

* High availability/stability * Flexibility * Security * Excellent support We need a solution that is very reliable for our users. We need something that has the ability… more »

How has it helped my organization?

Centralized firewall rules (through the appliances) make it easier for users to access our secure environments from a variety of locations and devices. The release of the… more »

What needs improvement?

The areas of this product with room for improvement are mostly small annoyances like search fields that you cannot type a query and hit Enter (have to tab or click the… more »

What's my experience with pricing, setup cost, and licensing?

Licensing is by device and/or user depending on your functionality. We only use the Session Management, so it is by devices.

Which solution did I use previously and why did I switch?

We started with the Xceedium solution to protect remote access to our secure environments.

What other advice do I have?

Get enough appliances for redundancy so if you lose one due to hardware or software issues, there is no impact to users. We use a VIP that directs all users to whichever… more »

Which other solutions did I evaluate?

We looked at a few other solutions over the years but nothing was better than what we had. We are looking to the future to see if any new solutions might be as good or… more »
Consultant
IT Infrastructure Manager at a tech services company
Feb 19 2017

What is most valuable?

The most important feature is that we do not need to know the passwords any more; just having access to the end point; and that it’s easy to manage users and the account.

How has it helped my organization?

Since we implemented CA PAM in our company, we don't need to pass the passwords to every individual administrator. He just logs in using his own credentials and then searches for the end point he… more »

What needs improvement?

There are many improvements needed. We are always searching for new features and new ways to improve the solution, because I'm just the local administrator. I have a support company which implements… more »

Which solution did I use previously and why did I switch?

This is the only one. We got this implementation by bid, so we couldn't choose any company. It was the lowest price and a quicker time to implement.

What other advice do I have?

When they came for the proof of concept, we only had access to the system itself. I couldn't try to understand the complexity of implementation or support or all the features that the solution would… more »

Which other solutions did I evaluate?

We did a proof of concept with another solution.
Consultant
Cloud Solutions Architecture Manager at a tech services company with 501-1,000 employees
Feb 07 2017

What is most valuable?

I have found the automated authentication to be most valuable.

How has it helped my organization?

We do not have to authenticate users due to automatic authentication, so this allows us to be much more secure.

What needs improvement?

The demonstration and consideration portion does not work the best. It's not that intuitive. To define how it should work and what systems should be involved, requires extensive training to understand… more »

Which solution did I use previously and why did I switch?

We have not used a different solution. We started with CA PAM.

What other advice do I have?

Get as much training as possible.

Which other solutions did I evaluate?

Other options were evaluated but I was not involved in that.
Consultant
Co Founder & Chief Operating Officer at a tech services company with 51-200 employees
Jan 31 2017

What is most valuable?

The most valuable feature is the general concept of securing privileged passwords. Having worked in IT for a long time, I know how privileged passwords can float around. They pass from person to person and don’t get changed when they should… more »

How has it helped my organization?

Being able to have a centralized place to store the most critical username/password combinations that you have. These are the ones that access your key systems. PAM prevents some of the breaches that we've seen recently where one of those… more »

What needs improvement?

The product itself is solid. I haven't really seen any deficiencies. It’s more just getting the message out about why it's so important. That's what our organization is trying to do. We're also a reseller. We are trying to convince… more »

What's my experience with pricing, setup cost, and licensing?

I don't really know much on the pricing side. I'm more on the technical side. We do have an instructor that teaches the PAM enablement classes, and he's a big fan of the course materials. He thinks that they're very valuable and well worth… more »

What other advice do I have?

I would say definitely get professionals that can help out. My company is in this space, and this is what we do for a living, so I don't think that it's a product that you want to go and try to implement on your own. Getting professional… more »
Consultant
Security Engineer at EarthLink
Dec 16 2016

What is most valuable?

With CA PAM, it's mainly the vaulting of credentials that we're looking for, and then after that, probably the bastion functionality where we force all of our administrators through that to get to the… more »

How has it helped my organization?

It definitely helps with security. It also helps with how we audit which credentials are being used. When somebody actually logs in to CA PAM, they have to go in through second factor authentication… more »

What needs improvement?

A better discovery interface of accounts. It does do discovery of accounts for Windows servers, and you could do UNIX servers as well, but it's kind of clunky how it does it.

Which solution did I use previously and why did I switch?

Over time security has been becoming more prevalent, mainly because of the number of attacks out there. We found that just by looking at our whole portfolio of solutions that we already had in place… more »

What other advice do I have?

Rating: I would say probably a seven or an eight. As I said, the interface is not the easiest to navigate and it doesn't really have the discovery piece or fully baked discovery. Overall, the solution… more »

Which other solutions did I evaluate?

For us, we mainly wanted a solution that worked in the scenarios that we were looking for. We've demoed numerous products. After even just watching the demos we weeded some out. Then we actually… more »
Vendor
IT Infrastructure Director at a construction company with 1,001-5,000 employees
Dec 08 2016

What is most valuable?

CA PAM has session recording, which is a very valuable feature. Overall, it is generally easy to use. It's a relatively simple product to setup and configure. You're not looking at tons of… more »

How has it helped my organization?

Its primary benefits are the ability to regulate and control privileged access accounts, and their usage. Say for instance, that you have an administrator account for your Oracle EBS system: you… more »

What needs improvement?

They actually just announced adding features that I would have liked included in the release that we're using. These new features all revolve around reporting and analytics. The basic reporting that… more »

Which solution did I use previously and why did I switch?

We did not have a solution in place.

What other advice do I have?

The only advice that I would give is to also consider some of the new pure Cloud-based offerings that are out. They weren't necessarily strong enough for us to consider when we were looking.

Which other solutions did I evaluate?

My organization had a push to increase our security posture this year. One of the areas we're looking at concentrating on is the use and control of privileged accounts. We obviously looked at the… more »
Vendor
Director Of Information Security at a insurance company with 1,001-5,000 employees
Dec 01 2016

What is most valuable?

So far the best value is the centralized management of all administrative accounts. Before PAM, domain administrators, Unix administrators with root access, end-users with elevated desktop privileges… more »

How has it helped my organization?

It is very helpful with passing audits. It’s one thing to say you have a control; it’s another to show your control. This is very easy to show. It also simplifies the security team's role in that we… more »

What needs improvement?

I would like to see better integration with Security Incident Management solutions, a SIM, like a Splunk. The integration with IBM’s Guardian is useful, but it is not a specific plug-in or API. It is… more »

Which solution did I use previously and why did I switch?

We were not using anything else previously.

What other advice do I have?

I would say do your research. We did, and that's why I said there weren't any real competitors. There always; but in this space, I don't think so – not today.

Which other solutions did I evaluate?

We went with it because of internal customer needs, the regulatory and audit requirements, ease of installation, and auditor funding.
Vendor
CIO/Management Consultant at a tech company with 51-200 employees
Oct 10 2016

What is most valuable?

The CA PAM’s ability to seamlessly integrate and provide a demarcation between users and systems is the most attractive aspect. It: * Enables all control to start with… more »

How has it helped my organization?

In retrospect, we and our clients have seen a reduction in service-related issues for application server and mainframe environments, a reduction in the provisioning… more »

What needs improvement?

I believe continued expansion of integration to multiple systems including SSO and SAML technologies will provide a more-expansive, enterprise view of access… more »

What's my experience with pricing, setup cost, and licensing?

Product pricing and licensing is related to short-term or long-term business planning. In many cases, this solution should be looked at as a long-term solution. Therefore… more »

Which solution did I use previously and why did I switch?

Being in the technology sector for many years, we did not initially use products such as the CA PAM. We relied on common architecture, such as Microsoft and Oracle. As the… more »

What other advice do I have?

I am a proponent of the product in many ways but most importantly, I believe a solid, well-thought-out strategy and solid architectural plan for the future needs to be the… more »

Which other solutions did I evaluate?

No other options were evaluated because this PAM has made substantial gains in system integration, which outweigh industry choices.
Consultant
Senior Solutions Architect, at a tech services company with 10,001+ employees
Oct 07 2016

What is most valuable?

* Ease of use. * The way in which it can learn about the connectivity to systems, e.g., VMware vCenter Console; it can wrap that into its internal Java-based shell. Therefore, one does not need a… more »

How has it helped my organization?

We only did an evaluation of the product, but we do feel that it will improve our security and governance posture and shave time off our engineers having to connect to systems managed by the PAM… more »

What needs improvement?

* Reporting is very limited. * Online Help is not detailed enough. * Canned reports provided results for all targets and cannot simply be run for a particular customer when used in a service provider… more »

What's my experience with pricing, setup cost, and licensing?

* Take note that Session Recording is not included by default. * One would likely also have to invest in other infrastructure in a service provider environment when wanting to use the same solution… more »

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

Which other solutions did I evaluate?

We ran a PoC with CA and BeyondTrust at the same time.
Consultant
Technical Director at a tech services company with 51-200 employees
Dec 10 2015

What is most valuable?

It consists of three components that work well together: access controls, SIEM, and password recording capabilities.

How has it helped my organization?

The access control component is solid. It adds another layer of security from the basic OS security of Linux and Windows. A lot of customers use it. The segregation is difficult to achieve as different OS's require different skill sets, but… more »

What needs improvement?

The rule management portion and reporting is very weak on its own. Also, the login part and visibility are not user friendly, as is management of the policies. Moreover, I can't easily generate the metrics. Once the rules increase, if you… more »

What other advice do I have?

Definitely you have to go for a tested solution. This solution doesn’t have bugs, but you should follow CA’s messaging that it’s always good to deploy in small chunks. Applications have problems, and sometimes it’s a process. You just have… more »

Which other solutions did I evaluate?

There are not many players in this arena so there aren't many choices. IBM has a solution, but I don’t think they push it.

What is Symantec Privileged Access Manager?

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources.  It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Also known as
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
Symantec Privileged Access Manager customers

NEOVERA, Telesis, eSoft

BUYER'S GUIDE
Download our free Privileged Access Management Report and find out what your peers are saying about Broadcom, CyberArk, BeyondTrust, and more!