We performed a comparison between CyberArk Privileged Access Manager, NetIQ Identity Manager, and PingID based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"The regulation of accounts is by far the most needed and valuable part of the application."
"It is very simple to use."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"It enables us to secure accounts and make sure they are compliant."
"We also use CyberArk’s Secrets Manager. Because AWS is the biggest area for us, we have accounts in AWS that are being rotated by CyberArk. We also have a manual process for the most sensitive of our AWS accounts, like root accounts. We've used Secrets Manager on those and that has resulted in a significant risk reduction, as well."
"I really like the PTA (Privileged Threat Analytics). I find this the best feature."
"If any intruder gets inside, they would not be able to move around nor do lateral movements. It minimize any attack problems within our network."
"The most valuable features of NetIQ Identity Manager are the synchronization of different directories, such as Active Directory. We have many Active Directory systems, not only one."
"The access request management has improved significantly in terms of its user interface. What sets it apart from competitors like SailPoint is that it's an event-based solution rather than schedule-based. That's a key differentiator."
"It's a very flexible tool, so you can synchronize multiple sources of data and you have multiple connections to various kinds of systems."
"I like the eDirectory feature."
"The most valuable feature of NetIQ Identity Manager for identity synchronization is the ability to provide users with all necessary access on day one through automated provisioning, facilitated by approval workflows."
"The main value lies in the simplicity of implementation, as well as its customized look and feel."
"The most valuable features are Password Reset Alerts, Password Sync, and SQL connectors."
"The most valuable feature of this solution has been the ability for us to integrate a lot of external systems, and the automatic transfer of a lot of identity information. Additionally, the customization is very good."
"I find the auto-discovery feature the most valuable. It helps us automate a lot of things using a single password across applications."
"The only feature we were looking for in PingID was SSO integration with our existing web app."
"I like the self-service feature. The 502 and UBP systems are also excellent. PingID's ability to authenticate with SSH, RDP, and Windows login is pretty handy. It covers the entire spectrum of use."
"It provides ease of connecting all our devices."
"The mobile biometric authentication option improved user experience. It's always about security because, with two-factor authentication, it's always a separate device verifying the actual user logging in."
"This is a user-friendly solution."
"The soundness of the solution is its most valuable feature. For example, if you are in our corporate network, you can log on without any traffic interfering."
"It's pretty stable as a product."
"Tech support staff can be more proactive."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"The solution needs better features for end users to manage their own whitelisting for API retrieval."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"Areas for improvement are further enhancing the access granting process to reduce time and improve accuracy."
"It needs some modern features. They should improve and modernize their management interface. It has been created over years and by different persons. You can see different applications, different management consoles for different things. There should be an integrated interface."
"We have another system that is using the SAML system, and we also integrate with Active Directory only. If NetIQ Identity Manager can integrate directly, we would not need to use the Active Directory directory."
"The solution architecture is somewhat complex. For some components, the necessary resilience is not inherent."
"There's no huge thing missing, because it's already comprehensive. Now and then, however, there might be a minor issue."
"If it could be operated in such a way that anybody could use it, with just the user interface, and there's no need for programming, then that would be a great improvement."
"NetIQ Identity Manager could improve by updating the user portal, it is out of date."
"The integrations must be made easier."
"I think that the connection with like Microsoft Word, especially for Office 365, is a weak point that could be improved."
"We have encountered instances where it is not easy to do authentication."
"In the beginning, the initial setup was very complex."
"PingID should put a little more effort into making a pretty self-explanatory deck about their tech features and the services they offer."
"It has a long way to go until it is a cloud-based solution."
"They could use some bio-certification. It's just more user-friendly and more convenient than entering the one time passes. That would be an improvement."
"PingID classifies the type of environment into internal and external, which is an area for improvement because you need to take additional steps to trust internal and external users."
"PingID's device management portal should be more easily accessible via a link. They provide no link to the portal like they do for the service. The passwordless functionality could be more comprehensive. You can't filter based on hardware devices. Having that filtering option would be great. Device authentication would be a great feature."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
