CA Privileged Access Manager Server Control [EOL] Reviews

The most valuable features are:

• The access control on the agent
• Being able to manage what a user can do
• The password check-in/check-out process

It gives us the ability to track who is using what ID and for what purpose.

I would like to see some improvements, specifically in terms of some set-up items. We have spoken to CA quite a bit about the ability to have 'always-on', or 'active/active' status options, so if the infrastructure goes down, we don't lose transactions. This is very important for the environment and for the users so we cannot really afford any downtime with the solution. We have had problems with deployment, and we are concerned with the possibility for outages and how they can have a negative impact on the environment.

The stability is pretty good, but there is some room for improvement. We've already discussed these areas of improvement with CA. Some of the problems we ran into were with installation, but the agent seems to be stable. Some of the connection with the infrastructure is a little bit difficult to maintain sometimes. Overall, I would say it's pretty solid.

It seems to scale well. Since we are a large enterprise, we will be putting that to the test pretty soon.

I have used a lot of technical support and I would say that the technical support folks are very good. They are very proficient, professional, and knowledgeable.

We didn’t have a previous solution. This is a brand new thing for us. We knew we needed identity management so we compared several products and this is the one we ended up implementing. I think CyberArk was one of the shortlisted alternatives, but I don't remember the others. In terms of selecting this product, I guess the perception of being ready for enterprise, installation, and operations are probably the main things. We need to perceive that it's going to save us time and provide more security than we already have.

I was involved in the set up and it was not straightforward. It was a difficult installation. As an example, if you don't want to use the standard C:\ drive, it requires a number of workarounds to get it to work on a different drive. The firewall port requirements were not well documented. I've got a pretty long list of things that were challenging. It took us quite a while to install this product to get it to the point where we can repeat it every time.

I would have to warn somebody to basically either have the adequate manpower or plenty of time to deploy it and test it in their labs before they roll it to production. This is necessary because there will probably be some surprises along the way.

This is a small thing, but what I find pretty valuable is that default access is denied and you have to apply for and be granted access in order to gain access. This helps us make sure that access is not undeliberately granted.

We're happy to see it working so well with our IBM solution, saving us time and costs.

The manuals for this product used to be good. We could find in one place answers to pretty much every question or situation we had. However, it's now in piece-meal fashion. You have to piece the information together. So the user documentation has become poor.

We've had no problems deploying it.

It's stable. I don’t think we have had any downtime.

It’s very good in terms of scalability.

For the most part, technical support is great. There have been times when I haven't gotten the best technician, but that's with all tech support. If I deal with someone who's worked there a long time, the expertise is excellent and I do end up getting great support.

The initial setup was straightforward as they give you detailed instructions. User documentation is poor, however.

We have had very successful implementations, mainly due to the great support from CA.

Work with CA. Have a solid installation development plan and strategy. A lot of companies would put things in warm mode before implementing, which I recommend. Also, read the implementation guide as it is well written.

• Privileged User Password Management aka Shared Account Management
• UNIX Authentication Broker
• KBL
• Reports
• Session Recording
• Integration with SIEM tools like Splunk, UARM and etc.
• Ticketing tool integrations like BMC Remedy, CA Service Desk and etc and
  lot more.

The product been used by different vendors for protecting their key resources and sensitive information and for accountability.

Six and a half years.

No issues encountered.

No, the product been stable and robust, and boasts with new additional features.

No issue with scalability.

7/10.

7/10.

The most important feature is the admin password management.

This product has improved the security of the corporate network and made compliance with the safety regulations of our country.

Security

I have used it for two years.

Yes, I encountered lots of issues.

No issues encountered.

No issues encountered.

Medium.

Medium.

No previous solution used.

Not all the steps were explained well.

Buy a professional service for installation and first use so they can help you to resolve the various bugs.

The security level for servers.

We have been able to exceed our audit requirements for security.

Automated deployment did not work as expected, had to go to a manual deployment.

Over five years.

Automated process did not function as required.

No issues at all totally transparent to the end user.

None whatsoever/

High.

Average.

We upgraded from eTrust 8.0.

The initial setup was straightforward.

Our in house support team deployed to over 2000 Unix and Linux servers.

This was done by our engineering team, and they looked at Oracle security and Symantec.

For financial systems this is recommended.

It depends on the client's requirements, but for me the most valuable one is the security access management with distributed architecture and centralized management.

Often, the software is installed based on security and audit requirements, for example, where the security processes of an organization need to be updated to match current security standards.

User Interface needs to be improved.

I have been designing systems based on the solution for the last four years.

Usually, the problems are similar to any enterprise software deployment. However, sometimes we would have problems adapting the enterprise security processes and software usage.

Yes, but nothing critical. Same as other software.

No issues with scalability.

Usually, CA does not provide direct customer service, so it normally depends on the quality of CA's partners.

As a partner of CA I can contact tech support directly and, in my opinion, it is at a good level.

No I didn't and I don't know of any other software with the same complexity of functionality.

CA Privileged Management software is very complex software and its setup needs a project manager, and trained personnel… etc.. it's not a "just installation".

You do not need this software for your direct processes but the current security standards force you to buy the product. For example, If your company manages finance it must satisfy the security standards requirements. I cannot calculate the ROI in this case as I would need to compare several projects with different solutions but I design only CA based systems.

Depends on the project and customer requirements.

There are some products with similar partial functionality, but I don’t know of another complex software with the same level of functionality.

Study the modern security standards (PCI, ISO/IEC 2700x etc.) before implementation.

• Auditing
• Reporting
• Access Control

It efficiently controls the access to the resources from the privileged user thus implementing the security aspects and this provides fine granular access.

UI for end point and management console.

15 months.

No, deployment wise, the functionality is good.

Sometimes we encounter issues whilst generating the reports.

No issues with the scalability.

7/10.

7/10.

No, this is the first product I got my hands on.

Pretty cool initial set-up.

In-house implementation.

It’s quite good in industry.

It’s pretty cool product for security domain with enhanced features for PIM

• Access control provides a secured environment through controlled user authentication and reliable password administration.
• It facilitate information scrambling by providing different methods which can be incorporated in business systems to make the information incomprehensible to unauthorized parties trying to hack the system.
• It helps the user determine which resources to use in granting, revoking and denying access to users and logins. I highly appreciate the ability of Access Control to track and documenting in the system the activities of unauthorized users thus protecting it against users with elevated privileges.

• I found the installation process of Access Control challenging due to the much networking work involved in order to grant access to authorized users.
• It is expensive to small businesses and developer in acquiring all authenticator components to maximally control access to all protected facilities of the system.

Access Control enhances the security of business systems through a secured authentication and validation of user`s credentials before accessing organization`s resources. It facilitates use of groups and logins thus extending its functionality to all types of applications and management systems. If you are looking for 24 hour monitored and support to your business system, you can consider using Access Control as it is reliable and friendly.

Access Control is used for the management of privileged identities and helps to improve security of information.
• Facilitates temporary access to all devices, programs, or applications, as well as servers and audits, monitors and controls only privileged users from a management console at a central location.
• Addresses all requirements that are important in managing privileged users or identities.
• Automated privileged user logins to avoid theft of passwords and all user activities are logged and tracked thereby controlling what can be done in the system.
• Provides a high level of security and complexity and it is therefore difficult to hack business systems.

I have faced a few challenges due to the system complexity, as it involves two integrated authentication systems that have to be purchased. Access control is also very expensive. It takes time to deploy an authenticator to every privileged user but these can be overlooked because access control provides immense security benefits.

New features that have been added to access control have immensely improved the management and access control of privileged users and therefore the safety of critical business information is guaranteed. Management of privileged users’ passwords for automated operations of application to databases and application to application, tracking and logging of privilege user sessions, integration that is advanced and automated, and PUPM logins, are the new features that have been added to access control. Access control has greatly prevented the misuse of administrator rights which is very rampant.