Coming October 25: PeerSpot Awards will be announced! Learn more

CyberArk Privileged Access Manager vs VMware Identity Manager comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CyberArk Privileged Access Manager and VMware Identity Manager based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed CyberArk Privileged Access Manager vs. VMware Identity Manager report (Updated: September 2022).
634,550 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization.""It supports lots of requirements in the privileged access management area.""All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information.""The technical support for this solution is very good. If I was to rate it on a scale of one to five, I would give it a five.""It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password.""It is a robust product.""The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach.""I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."

More CyberArk Privileged Access Manager Pros →

"Its value is when you use it with a Workspace ONE UEM solution as it is part of the ecosystem for VMware Workspace ONE.""One of the features that I enjoyed most was the integration with Azure AD because I could use VMware Identity Manager to standardize the User Principal Name coming from Active Directory. You have Azure AD Connect to do that. In between, if you have vIDM handling it, you can easily get the synchronization of users into your VM and standardize the User Principal Name. If you require quality assurance for handling it, you can actually count on the vIDM to do so. That was one of the main things I enjoyed about the product.""Zero Trust implementation is a great feature."

More VMware Identity Manager Pros →

Cons
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments.""The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.""If you are an administrator or architect, then the solution is kind of complicated, as it is mostly focused on the end user. So, they need to also focus on the people who are implementing it.""More than the product itself, there is room for improvement in the documentation. The documentation should be very detailed and very structured. It has a lot of good information, on one level, but I feel that it could be more elaborate and more structured.""The turnaround time for technical support is lengthy.""It is very complex and difficult to set up the solution.""There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries.""The solution could improve by adding more connectors."

More CyberArk Privileged Access Manager Cons →

"The license could be better.""The mobile SSO doesn't work as well on Android.""vIDM could be improved with the multi-tenant capabilities that VMware tends to offer—features like customization branding and the integration of the app catalog based on the branding. Since the integration has been at top-level OGs, you were not able to then do rebranding if you were required to use specific user groups to highlight specific applications. At the time, I was personally opening feature requests for these things. I haven't worked with the latest release, so I don't know if these features were already deployed or not."

More VMware Identity Manager Cons →

Pricing and Cost Advice
  • "I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
  • "Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
  • "The price of this solution is quite reasonable."
  • "The solution is very expensive and requires a license. We pay for an enterprise license."
  • "Pricing is quite high and it could be improved."
  • "They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
  • "The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."
  • "Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
  • More CyberArk Privileged Access Manager Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    634,550 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the… more »
    Top Answer:Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.
    Top Answer:The most valuable feature is the User Experience Designer, which has been very helpful for our project.
    Top Answer:I would like to have better support for multi-cloud sessions. The cost of this solution should be lower.
    Ranking
    Views
    29,761
    Comparisons
    19,166
    Reviews
    26
    Average Words per Review
    965
    Rating
    8.3
    Views
    1,983
    Comparisons
    1,582
    Reviews
    3
    Average Words per Review
    731
    Rating
    9.0
    Comparisons
    Also Known As
    CyberArk Privileged Access Security
    Learn More
    CyberArk
    Video Not Available
    Overview

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    VMware Identity Manager is an Identity as a Service (IDaaS) offering, providing application provisioning, self-service catalog, conditional access controls and Single Sign-On (SSO) for SaaS, web, cloud and native mobile applications. It simplifies business mobility with one touch from any device, empowers employees with a self-service app store, optimizes user experience & security with AirWatch and was designed for the mobile cloud world for AirWatch enrolled devices providing a seamless consumer-grade user experience.
    Offer
    Learn more about CyberArk Privileged Access Manager
    Learn more about VMware Identity Manager
    Sample Customers
    Rockwell Automation
    Seventy Seven Energy, The Hut Group, SAIC
    Top Industries
    REVIEWERS
    Financial Services Firm26%
    Insurance Company14%
    Computer Software Company8%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider14%
    Financial Services Firm14%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Comms Service Provider11%
    Government10%
    Financial Services Firm8%
    Company Size
    REVIEWERS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise68%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise15%
    Large Enterprise68%
    REVIEWERS
    Small Business75%
    Midsize Enterprise13%
    Large Enterprise13%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise63%
    Buyer's Guide
    Privileged Access Management (PAM)
    September 2022
    Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM). Updated: September 2022.
    634,550 professionals have used our research since 2012.

    CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 35 reviews while VMware Identity Manager is ranked 10th in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 3 reviews. CyberArk Privileged Access Manager is rated 8.2, while VMware Identity Manager is rated 9.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of VMware Identity Manager writes "Great integration and end user experience ". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Azure Active Directory (Azure AD), WALLIX Bastion, Delinea Secret Server and Okta Workforce Identity, whereas VMware Identity Manager is most compared with Cisco ISE (Identity Services Engine), Azure Active Directory (Azure AD), Fortinet FortiAuthenticator, Fortinet FortiToken and Okta Workforce Identity.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.