IBM Tivoli Access Manager [EOL] vs Idira Endpoint Privilege Manager comparison

The compared IBM and Idira by Palo Alto Networks solutions aren't in the same category. Idira by Palo Alto Networks is ranked #5 in PAM , with an average rating of 8.7, and holds a 2.3% mindshare. Additionally, 93% of IBM users are willing to recommend the solution, compared to 86% of Idira by Palo Alto Networks users who would recommend it.

IBM Tivoli Access Manager [...

Read 29 IBM Tivoli Access Manager [EOL] reviews

93% willing to recommend

Idira Endpoint Privilege Ma...

Read 38 Idira Endpoint Privilege Manager reviews

5,857 Views
1,757 Comparison Views

86% willing to recommend

IBM Tivoli Access Manager [...

Idira Endpoint Privilege Ma...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between IBM Tivoli Access Manager [EOL] and Idira Endpoint Privilege Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO).

To learn more, read our detailed Single Sign-On (SSO) Report (Updated: June 2026).

Buyer's Guide

Single Sign-On (SSO)

June 2026

Download the complete report

Helped 900,644 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

IBM Tivoli Access Manager [...

Average Rating

8.0

Reviews Sentiment

3.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Idira Endpoint Privilege Ma...

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Compliance (5th), Privileged Access Management (PAM) (5th), Anti-Malware Tools (11th), Application Control (5th), Ransomware Protection (6th)

Featured Reviews

it_user711612

Senior Consultant at a insurance company with 1,001-5,000 employees

Reverse proxy provides central control over authentication and authorization.

It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…

Read full review

Sumit Chavan

Lead Consultant at a tech vendor with 501-1,000 employees

Helps secure the infrastructure and control users with admin rights

There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Flexibility to connect with different environments and product stability are the best features."

"The Verify feature: A push method which customers are going for."

"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."

"It is a good solution for anyone to take to their enterprise and get a buy in."

"Tivoli Access Manger lets you separate security from applications and manage at one place."

"The SSO, URL-based access control, OAuth 2 and OIDC are the most valuable features."

"Since its birth it is an unbelievable stable product."

"SAML 2.0."

More IBM Tivoli Access Manager [EOL] pros

"We have not had issues with CyberArk. It works very smoothly. We can do many things with CyberArk. It helps us to see exactly what is happening."

"The tool is an endpoint management system. It monitors everything a standard user does and helps elevate privileges when necessary for advanced users. It keeps an auditable trail of all activities. Practically, it stops and blocks potentially hazardous user behavior, whether intentional or unintentional. Certain companies must use endpoint management software because of national or international rules or ISO norms."

"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."

"Product-wise we don't face that many issues, and basic integration of users and assigning them the rules and other stuff like that is, compared to other options, very straightforward."

"We like that you can distribute the applications and decide how you want to run those applications based on their criticality, and that division was really, really helpful as it has actually reduced almost 30% of calls to the IT help desk."

"It identifies the original source, and all instances of malicious applications in the environment."

"The most valuable feature is the ability to control users with admin rights. Even if developers and senior folks maintain their admin rights, we can still manage their activities."

"We were able to reduce the number of privileged accounts by 50%, which helped to simplify our privileged access management environment."

More Idira Endpoint Privilege Manager pros

Cons

"The pricing is always costly."

"There were endless issues with stability in version 8.0.1."

"Redundant Policy servers had to be manually configured using LB."

"I would rate the technical support a 6/10."

"The user interface looks like it was designed for technical personnel only."

"You must be skilled to use Tivoli Access Manager."

"Yes, because there are so many moving parts it can often be difficult getting it right first time."

"The initial set-up is a bit complex for a novice as the Linux version of it needs you to be somewhat good with Linux."

More IBM Tivoli Access Manager [EOL] cons

"Compared to other tools like Linux, this solution isn't as user-friendly."

"Without knowledge, you are not able to find some items as they are really hidden within the UI."

"What I would really like to see improved is the AIM (Application Identity Manager). I think that it could be simpler to use, and much more straight forward."

"CyberArk meets clients' need very spot-on. It covers everything customers ask for. As for improvements, honestly, the feedback's been really positive. I haven't heard any specific areas that need work."

"Technical support is slow to respond when we run into issues."

"I'm not satisfied with the EPM, and I'm just looking to see if there's any other solution that we can get."

"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."

"We have had some major issues with the tool, but we have worked with the R&D teams and we have worked with support. There is room for improvement, especially on response times. But they're working on it and they're doing the best they can."

More Idira Endpoint Privilege Manager cons

Pricing and Cost Advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."

"The cost for CyberArk is very high."

"CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive."

"Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."

"The solution's pricing is reasonable compared to other vendors' products."

"I feel that the price of the product is nominal. It must be around 10 to 15 USD per installation. I rate the product price an eight to nine out of ten, where one is high price, and ten is low price."

"We pay about $17 per user."

"I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing to pay this money."

"I rate the solution's pricing an eight out of ten since the price can be too high for smaller businesses."

More Idira Endpoint Privilege Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.

See recommendations

900,644 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

15%

Construction Company

14%

Marketing Services Firm

13%

Outsourcing Company

13%

Financial Services Firm

15%

Manufacturing Company

12%

Computer Software Company

Construction Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	2
Large Enterprise	18

By reviewers
Company Size	Count
Small Business	18
Midsize Enterprise	9
Large Enterprise	19

Questions from the Community

Ask a question

Earn 20 points

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?

I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...

See all answers

What needs improvement with CyberArk Endpoint Privilege Manager?

While CyberArk Endpoint Privilege Manager is a great tool, I believe the functionality could be wider. If it could work not only with permissions but also involve pure EDR tasks or User and Entity ...

See all answers

Comparisons

Symantec Siteminder vs IBM Tivoli Access Manager [EOL]

Compared 13% of the time

Idira Privileged Access Manager vs IBM Tivoli Access Manager [EOL]

Compared 9% of the time

SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL]

Compared 8% of the time

Okta Platform vs IBM Tivoli Access Manager [EOL]

Compared 7% of the time

Symantec Identity Governance and Administration vs IBM Tivoli Access Manager [EOL]

Compared 3% of the time

More IBM Tivoli Access Manager [EOL] Competitors

BeyondTrust Endpoint Privilege Management vs Idira Endpoint Privilege Manager

Compared 6% of the time

Idira Privileged Access Manager vs Idira Endpoint Privilege Manager

Compared 5% of the time

Microsoft Defender for Endpoint vs Idira Endpoint Privilege Manager

Compared 5% of the time

Ivanti Endpoint Security for Endpoint Manager vs Idira Endpoint Privilege Manager

Compared 4% of the time

CrowdStrike Falcon vs Idira Endpoint Privilege Manager

Compared 4% of the time

More Idira Endpoint Privilege Manager Competitors

Product Reports

Buyer's Guide

IBM Tivoli Access Manager [EOL]

June 2026

Download IBM Tivoli Access Manager [EOL] product report

Buyer's Guide

Idira Endpoint Privilege Manager

June 2026

Download Idira Endpoint Privilege Manager product report

Also Known As

Tivoli Access Manager, IBM Security Access Manager

Viewfinity

Overview

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.

IBM

CyberArk Endpoint Privilege Manager enhances security by controlling access, removing admin rights, and managing privileges. It supports diverse environments with simple integration, focusing on credential detection, threat protection, and compliance.

CyberArk Endpoint Privilege Manager secures enterprise passwords, monitors session connections, and enhances cybersecurity by controlling privileged access. It blocks unauthorized applications, monitors user activities, and secures credentials across platforms. Key areas include Just-In-Time Access, privilege separation, and local administrator password rotation. While robust, challenges exist with performance, complexity, and setup. Integration with Linux and Unix needs improvement, requiring advanced reporting tools and easier policy management. Pricing concerns and maintenance issues with Windows servers persist, as well as database issues in the on-prem version.

What are the key features of CyberArk Endpoint Privilege Manager?

Admin Rights Removal: Eliminates unnecessary permissions to enhance security.
Privilege Management: Offers detailed control over user access rights.
Password Rotation: Automatically updates passwords to protect sensitive data.
Threat Protection: Blocks malicious applications and threats proactively.
Audit Capabilities: Provides comprehensive security and compliance tracking.
Application Control: Confines access to authorized applications only.
Automatic Updates: Ensures security protocols and software remain current.

What benefits should organizations expect from CyberArk Endpoint Privilege Manager?

Enhanced Security: Reduces risks by controlling credential and application access.
Compliance Assurance: Meets industry standards through thorough tracking and reporting.
Scalable Integration: Adapts to different environments smoothly.
Reduced Management Efforts: Automates credential and policy management.

Organizations deploying CyberArk Endpoint Privilege Manager in industries such as finance, healthcare, and technology benefit from secure credential management across Unix, AWS, and GCP. By implementing privilege separation and monitoring user activities, they achieve effective risk mitigation and compliance across multiple platforms.

Idira by Palo Alto Networks

Sample Customers

Essex Technology Group Inc.

Information Not Available

Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO). Updated: June 2026.

DOWNLOAD NOW

900,644 professionals have used our research since 2012.

We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.