We performed a comparison between CyberArk Privileged Access Manager, Palo Alto Networks WildFire, and SonicWall TZ based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"The threat analytics is an important feature."
"The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."
"The Vault offers great capabilities for structuring and accessing data."
"We utilize PTA, and we are now integrating that into our risk management program so we can identify the uses of the vault which are outside of the norm, e.g., people accessing after hours. It has reduced the amount of time that we are looking through logs and audit logs."
"We can make a policy that affects everybody instantly."
"The automatic rotation of credentials is probably the most useful feature."
"WildFire's application encryption is useful."
"The technical support is good."
"Stability is never a concern."
"Detailed reporting on analysis of content. The inspections are easily applied to security policy profiles and profile groups, and may be assigned on a per-rule basis."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"The most valuable features of the solution are user-friendliness, price, good security, and cloud-related options."
"Whole team can use the firewall and understand it."
"The most valuable feature is the cloud-based protection against zero-day malware attacks."
"The most valuable feature is content filtering and app control."
"The solution is stable."
"SonicWall TZ is a stable product."
"The solution's VPN is very good for stability and detecting threats."
"It lets me monitor in live time if someone is 'hogging' bandwidth."
"The stability is very nice."
"It protects against intrusion while allowing needed access."
"Once it's configured properly, the solution is unbreakable."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"The usual workload is sometimes delayed by the solution."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"Tech support staff can be more proactive."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."
"For users to access a system via CyberArk Privileged Session Manager, a universal connector needs to be coded in a language called AutoIT and its support for web browsers is so-so. Other products like Centrify have browser plugins that can help automate the process when using their products."
"The automation and responsiveness need improvement."
"The deployment model could be better."
"The cost of the solution is excessively high."
"I would like to see them continue on their developmental roadmap for the product."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"High availability features are lacking."
"As a firewall and 360 degrees of security, there needs to be more maturity."
"Other vendors have some sort of bandwidth management built into the firewall itself and Palo Alto is missing that."
"It could be made more user friendly."
"The stability could be a lot better."
"Support for SonicWall TZ needs improvement, particularly the time it takes before you're able to speak to a support person, e.g. you have to wait for at least 30 minutes on the phone."
"I currently have two of the issues from SonicWall. One issue is that the IP is not the public IP. Sometimes it moves to an alternate source and I have to refresh the new IP then we can go on."
"There can be an improvement in analysis and reporting. We need enhancement on the reporting side."
"I can't get the support that I need from SonicWall."
"SonicWall TZ can improve the UI application and when you create any net policies or any new policy, it will not sync or work properly."
"We would like to improve the rules configuration in SonicWall TZ. Sometimes the rules don't work."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
