Please share with the community what you think needs improvement with ARCON Privileged Access Management.
What are its weaknesses? What would you like to see changed in a future version?
* Security * Access management * Illegal activity finding.
Currently, we can manage only the SSH or RDP connections, but there are many more devices that are present, apart from our SSH and RDP. We want all this to be part of the ARCON solution. For the password management, they should increase the pool of supported devices, they should have more connectors. They have to work on their tech support. In addition, they have to consider that upgrades should be easy for the administrators. Currently, along with the upgrade of the ARCON solution, we have to consider the desktops and the endpoints from where the solution will have to be accessed. We have to upgrade those endpoints and desktops as well. So upgrades are not smooth. They also have to work on a cloud solution, because most things are going towards the cloud. A cloud integration should be considered in ARCON. We have not seen one up until now.
There are a few improvements that could be made. One is that it should be browser-agnostic and, frankly, it is working well on Internet Explorer. It should work on popular browsers like Mozilla and Firefox. Also, I would like to see a "wild card" kind of a feature or something that would enable us to search the video. Finally, it would be helpful to have a "Favorites" list. For example, if I have 100 servers but I only go to 10 servers frequently, a Favorites list would allow me to go through those 10 servers only.
There are no APIs readily available. There are hundreds of products available on the market. It could be many applications, not just the server gateway. For many applications, by default, we will get the API. Let's say I'm trying to integrate "XYZ" application with another application. When we do that, usually, we look for APIs. But ARCON does not have the APIs readily available. Having that, for a complete end-to-end solution, would really help. As I mentioned, I'm working on automation for ARCON so that whatever the ARCON administrator is doing will be automated, rather than having to do it manually. For that, I had to spend months to get the API developed myself. Having that handy out of the box, that would really help, because what I am doing is not limited or restricted to the three or four cases. I'm going to automate the complete end-to-end solution of ARCON administration in our organization. So having an API would really help me.
This product is lacking in terms of dashboarding analytics and should have user behavior analytics. It should also have better dashboarding for executive management and security managers, which this product is missing. Another important feature where this product is lacking, in terms of the managing the accounts, is in the active directory (provisioning and non-provisioning), or bridging it with the active directory. Thus, it needs anti-bridging. ARCON needs three important things: * The user behavior analytics should be there. * The dashboarding should be improved. * Anti-bridging should be built into product. This would make the product a comprehensive privileged R&D product. In the future, I would like to have a type of functionality for the product with the mobile application. This would be helpful for some of our approvers, so they can approve at any point of time, sitting anywhere in the world when requests come in through the mobile application. Using the app, they can upload requests of the administrator or users. We would like to see this type functionality go on the product roadmap.
For the in-house built applications, they need to provide good, solid access through their portal.
The auto-password change feature which was recently added. It is supposed to change the password. However, in some cases, while changing the password, it has caused me to lose to connection due to network-related issues or something similar. What we need to have is a type of log for failure of password change. We would like to have something that somebody can act upon, then rectified the problem.
The product is good but a lot of things can be changed, the way the system has been designed. All the access levels have currently been provisioned so a little more effort could be put into it to have a more friendly environment and user experience. The management portal could be a more friendly environment wherein I could deploy with fewer management resources from my side. We have been requesting from the ARCON team to have fewer management activities.