We performed a comparison between CyberArk Privileged Access Manager, One Identity Manager, and UserLock based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It allows users to self-provision access to the accounts that they need."
"The Vault offers great capabilities for structuring and accessing data."
"The automatic rotation of credentials is probably the most useful feature."
"CyberArk has resulted in a massive increase in our security footprint."
"We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application."
"Password rotation, session recording & isolation and on-demand privileges."
"CyberArk has allowed us to get the credentials and passwords out of hard-coded property files."
"I appreciate the ease of use for support analysts."
"It is easy to use and handle."
"One Identity Manager connects SAP accounts to employee identities under governance. The connector from One Identity for SAP is the most powerful one in the market. This connector can touch all the levels of the objects in SAP. It can not only be connected to SAP ERP but also to SAP HANA, GRC, etc. One of the strengths of One Identity Manager is the SAP connector. You can touch a lot of the SAP environment and also have deep granularity."
"I like the customer-facing portal because it is simple to use for end users."
"The solution is a typical, conventional IGA but the tool itself offers many options for customization."
"The self-service functionality of One Identity Manager is arguably the most valuable feature."
"The product is flexible. For example, it offers cloud features."
"In terms of what the most valuable feature of One Identity Manager is, that would be hard to say because the tool is great overall. There's not really one feature you'd prefer over other features, but what's really great, in my opinion, is the fact that the provisioning is really stable and accurate, and it's a process my company trusts. This means that without a lot of maintenance, I can be pretty sure that as soon as my alternative source gives a new identity or gives new information about a particular identity, everything will be transformed and executed the right way. My company has tried other solutions and there's always a struggle with the provisioning system in terms of knowing what systems work, but with One Identity Manager, this issue doesn't happen. It's also a stable system which I like."
"Workflow management is an important feature. With other identity management products, there was no workflow management so we had to build it ourselves."
"We mainly implemented UserLock for multi-factor authentication, but the user login insights are also nice."
"The most valuable features are two-factor authentication and real-time logon monitoring."
"We would, of course, always prefer it if the pricing was cheaper."
"I would like easier integrations for creating an online dashboard that executives would look at or are able to run reports from the tool."
"It's hard to find competent resellers/support."
"The web interface has come a long way, but the PrivateArk client seems clunky and not intuitive. It could use an update to be brought up to speed with the usability of PVWA."
"The turnaround time for technical support is lengthy."
"Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."
"The initial setup has room for improvement to be more straightforward."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"Their technical support's attitude is a bit strange. Quite often, we have to prove that there is a problem with the product rather than having them prove that there is not a problem with the product."
"The UI and user experience side of things needs improvement."
"With technical support, it is always an issue to get the right person. They do have good technical people in support, but it is sometimes not so easy to get them."
"The product's GUI could be more user-friendly."
"Having new features for web developers in the One Identity Manager shop is an area for improvement. Another area for improvement in the tool is its ServiceNow connection as ServiceNow is a major ITSM system player, but the current out-of-the-box feature proposed by One Identity Manager can only make simple incident requests to the system. My company is now in full ICL design, so it prefers for all concerns or requests to be sent properly to ServiceNow, so my company can have better control over the incident requests and be able to sort those out. The tool fits all my needs today, except for the ServiceNow connector. That's the only additional feature I'd like to see in the next release of One Identity Manager."
"End-user UI customization is difficult and requires some knowledge of proprietary Angular technology. Every time a customer asks us: "Hey, can we modify this form in the UI?" or "Can we integrate a new form?" it's difficult to do. It's possible and we usually do it, but coding form changes typically takes two to four weeks, depending on the changes."
"Improvements in documentation would be beneficial."
"The policy and role management features are a bit hard to scale. The whole model for who can do what and how to set it up is not so well-governed for a larger organization. The demos are always shown for a 100 or a 1000 people, but when it is a large number, it is quite difficult to maintain."
"The product and service are already great as it is but if I could add one feature, I guess it would be nice to have another factor of authentication (two additional factors) like your phone and a token for example, for when people forget their phone at home."
"I would like to see UserLock add the ability to automatically create a group policy in Active Directory. That might streamline the setup process."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Earn 20 points