IBM Tivoli Access Manager [EOL] vs Idira Privileged Access Manager comparison

The compared IBM and Idira by Palo Alto Networks solutions aren't in the same category. Idira by Palo Alto Networks is ranked #1 in PAM , with an average rating of 8.6, and holds a 9.8% mindshare. Additionally, 93% of IBM users are willing to recommend the solution, compared to 95% of Idira by Palo Alto Networks users who would recommend it.

IBM Tivoli Access Manager [...

Read 29 IBM Tivoli Access Manager [EOL] reviews

93% willing to recommend

Idira Privileged Access Man...

Read 230 Idira Privileged Access Manager reviews

20,873 Views
8,767 Comparison Views

95% willing to recommend

IBM Tivoli Access Manager [...

Idira Privileged Access Man...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between IBM Tivoli Access Manager [EOL] and Idira Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO).

To learn more, read our detailed Single Sign-On (SSO) Report (Updated: May 2026).

Buyer's Guide

Single Sign-On (SSO)

May 2026

Download the complete report

Helped 899,258 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

IBM Tivoli Access Manager [...

Average Rating

8.0

Reviews Sentiment

3.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Idira Privileged Access Man...

Average Rating

8.6

Reviews Sentiment

6.8

Number of Reviews

230

Ranking in other categories

User Activity Monitoring (1st), Enterprise Password Managers (3rd), Privileged Access Management (PAM) (1st), Mainframe Security (1st), Operational Technology (OT) Security (3rd)

Featured Reviews

it_user711612

Senior Consultant at a insurance company with 1,001-5,000 employees

Reverse proxy provides central control over authentication and authorization.

It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…

Read full review

Atul-Gujar

CyberArk manager at a comms service provider with 10,001+ employees

Secures critical infrastructures with essential user session audit records

A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Provided more secure computing."

"Centralized policy management and reverse proxy-based architecture make it very flexible in terms of deployment, adoption, and implementation."

"Before the solution was implemented it took around 2-3 weeks to get all the necessary account information for a new employee in my organization, and since implementation this now only takes a few minutes."

"It is a totally secure way of accessing clients through various application portals for more than ten EU countries, just by using single sign-on."

"It has helped them to improve and control web and mobile application security."

"Tivoli Access Manger lets you separate security from applications and manage at one place."

"It provided a secure and robust end to end security solution."

"It provides good scalability and reliability, not to mention the overall availability of the service."

More IBM Tivoli Access Manager [EOL] pros

"CyberArk PAS provides isolated and recorded sessions for third-party/outsourced admin access."

"It's been a fantastic product and it's been easy to use."

"Every aspect of the solution is very well integrated, and that gives comfort because it is a fail-safe kind of environment."

"BeyondTrust and ARCOS were introduced in market at that time; these tools are good but do not seem to be as user friendly as CyberArk PAM, which is more convenient in installing and deployment and easier to customize as per client requirement."

"I find the discovery feature, which includes credential management, session management, monitoring, and remediation within a session, to be very valuable."

"If you want more security, get CyberArk."

"The solution is very good for protecting full levels of data privacy."

"It is good, it fits our needs, and there is not anything else out in the market that can match it."

More Idira Privileged Access Manager pros

Cons

"The product has not been updated with emerging technologies over the years specifically around AJAX, REST and Mobile app integration."

"The license model is pretty complex."

"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."

"The TAMeB policy server is not scalable."

"Sometimes, there are long running support tickets (for 6-8 months) and that is unacceptable from the customer's point of view."

"Multi-factor authentication with social integration needs to improve."

"It was complex for us as we have multiple domains."

"The self-service portal needs improvement."

More IBM Tivoli Access Manager [EOL] cons

"Some of the additional features that we are looking at are in the Conjur product. I am specifically discussing key management, API Keys, and things for connecting applications in the CI/CD pipelines."

"It's not a cheap application. It's very expensive."

"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."

"The architecture needs to be improved."

"They need to provide better training for the System Integrator."

"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."

"The initial setup can get complex."

"For least privilege management, we need a different level of certification from privileged management."

More Idira Privileged Access Manager cons

Pricing and Cost Advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."

"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."

"The price of the solution is reasonable."

"CyberArk Privileged Access Manager is perceived to be somewhat overpriced compared to similar market products. It is a little bit overvalued. It could come down a little bit for my liking. However, the industry-leading reputation and the quality of service justify the high price point to some extent."

"CyberArk Privileged Access Manager is on the expensive side. It is very expensive."

"The pricing is slightly higher compared to other solutions, but it is reasonable because there are better security features."

"I would rate the tool’s pricing a six out of ten."

"My company always complains about the cost of CyberArk Privileged Access Manager because it's too high."

"The solution is very expensive and requires a license. We pay for an enterprise license."

More Idira Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.

See recommendations

899,258 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Construction Company

14%

Marketing Services Firm

13%

Outsourcing Company

10%

Financial Services Firm

13%

Manufacturing Company

11%

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	2
Large Enterprise	18

By reviewers
Company Size	Count
Small Business	59
Midsize Enterprise	42
Large Enterprise	175

Questions from the Community

Ask a question

Earn 20 points

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

See all answers

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

My thoughts on the pricing of CyberArk Privileged Access Manager depend entirely on the vendors' requirements. If they want their things to be secure, they have to spend accordingly. We have four t...

See all answers

What needs improvement with CyberArk Privileged Access Manager?

I believe account discovery and rolling support need to be improved. Account discovery is important when integrating with other systems, as other PAM solutions can perform account discovery and onb...

See all answers

Comparisons

Symantec Siteminder vs IBM Tivoli Access Manager [EOL]

Compared 14% of the time

SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL]

Compared 8% of the time

Okta Platform vs IBM Tivoli Access Manager [EOL]

Compared 8% of the time

Idira Identity vs IBM Tivoli Access Manager [EOL]

Compared 5% of the time

Keeper Enterprise Password Manager vs IBM Tivoli Access Manager [EOL]

Compared 5% of the time

More IBM Tivoli Access Manager [EOL] Competitors

One Identity Safeguard vs Idira Privileged Access Manager

Compared 4% of the time

Teleport vs Idira Privileged Access Manager

Compared 3% of the time

Delinea Secret Server vs Idira Privileged Access Manager

Compared 3% of the time

Keeper Enterprise Password Manager vs Idira Privileged Access Manager

Compared 3% of the time

Saviynt Identity Cloud vs Idira Privileged Access Manager

Compared 3% of the time

More Idira Privileged Access Manager Competitors

Product Reports

Buyer's Guide

IBM Tivoli Access Manager [EOL]

May 2026

Download IBM Tivoli Access Manager [EOL] product report

Buyer's Guide

Idira Privileged Access Manager

May 2026

Download Idira Privileged Access Manager product report

Also Known As

Tivoli Access Manager, IBM Security Access Manager

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

Overview

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.

IBM

CyberArk Privileged Access Manager safeguards privileged accounts through password management, credential rotation, and session recording. With seamless integration and real-time monitoring, it ensures robust security across platforms.

CyberArk Privileged Access Manager is recognized for its extensive capabilities in managing and securing privileged accounts. It offers vital functionalities such as automatic password rotation, real-time session monitoring, and cross-platform integration through APIs and custom connectors. Users find the flexibility in workflows and granular access controls beneficial, particularly in protecting access across cloud and on-prem infrastructures. However, improvements in its interface, installation process, plugin support, and integration with third-party tools are often suggested. Pricing is a concern for many, along with the need for better dashboard reporting, user provisioning, and enhanced documentation. Organizations leverage this tool for encrypting and monitoring critical account activities and automating password management to bolster security.

What are the key features of CyberArk Privileged Access Manager?

Enterprise Password Vault: Provides secure storage and management of enterprise credentials.
Privilege Session Manager: Offers comprehensive session recording and monitoring.
Privileged Threat Analytics: Detects and alerts on potential credential threats.
Integration Capabilities: Easily integrates with multiple systems using APIs and custom connectors.

What benefits or ROI should users expect?

Enhanced Security: Automates and centralizes password management, reducing risk of account misuse.
Compliance Support: Ensures alignment with compliance policies through automated processes.
Operational Efficiency: Streamlines security operations with real-time monitoring and integration.
Adaptability: Protects privileged access across diverse infrastructure setups including cloud and on-prem.

CyberArk Privileged Access Manager finds substantial use in industries such as finance, healthcare, and technology, where the protection of privileged accounts is critical. These sectors rely on its capabilities to manage application credentials securely and provide safe access for developers, administrators, and vendors across various infrastructures.

Idira by Palo Alto Networks

Sample Customers

Essex Technology Group Inc.

Rockwell Automation

Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO). Updated: May 2026.

DOWNLOAD NOW

899,258 professionals have used our research since 2012.

We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.