We performed a comparison between CyberArk Privileged Access Manager and Sophos UTM based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."Technical support is very helpful whenever we have any questions."
"I find value in notifications from CyberArk when passwords fail verification and have other issues."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"The biggest feature is the security of the overall solution. It's very secure. The vaulting technology and the number of security layers involved in the vault, where privileged accounts are actually stored, is the heart of the solution."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"It supports lots of requirements in the privileged access management area."
"What I like about the solution is the ease of use."
"The initial setup is pretty easy."
"Sophos UTM has improved the porting section. It has improved security by seeing the gaps. For example, when you discover that an entry has been using a certain application, with Sophos UTM acting as a Layer 7 firewall, you can block the application, not the port."
"The stability, overall, is excellent. I haven't had a problem in the last two years."
"They are all good, but most-used are Network Protection and Web Filtering."
"Sophos integrates seamlessly, and we don't even feel it is running in the background."
"It's a stable solution."
"Sophos UTM has a good user interface and granular security controls."
"The authentication port is available in CyberArk Alero but not Fortinet products."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights."
"CyberArk Privileged Access Manager could improve the integration docking, it should have more layers. For example, integration with OpenShift."
"The initial setup was somewhat complex."
"When we call support, we get put on hold for a long time."
"I would like some features that are available in other brands. For example, I sometimes a person is using too much bandwidth, and it isn't easy to find this information in Sophos. Also, we have to switch connections manually when we are using a VPN and lose the MPLS connection. It isn't automatic."
"We had some problems with the configuration. They had provided a CloudFormation template, and we had to go several rounds to make it work."
"The initial setup was straightforward. The full deployment takes approximately two days which could be simplified to reduce the time. The major part of the process is the configuration and the policy setup."
"I would like to see the SD-WAN feature improved."
"I didn't like it much. It suits only small businesses. It isn't scalable and reliable. There is a very critical issue with the power supply."
"The scalability of the product is an area with certain shortcomings where improvements are required."
"The solution needs to do better at covering mobile devices, although they may have an integrated solution for that purpose."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Sophos UTM is ranked 1st in Unified Threat Management (UTM) with 110 reviews. CyberArk Privileged Access Manager is rated 8.8, while Sophos UTM is rated 8.4. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Sophos UTM writes "It's a highly stable platform with very few hardware issues". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Sophos UTM is most compared with Netgate pfSense, Fortinet FortiGate, Sophos XG, OPNsense and Palo Alto Networks NG Firewalls.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.