CyberArk Endpoint Privilege Manager OverviewUNIXBusinessApplication

CyberArk Endpoint Privilege Manager is the #8 ranked solution in top Privileged Access Management (PAM) tools. PeerSpot users give CyberArk Endpoint Privilege Manager an average rating of 7.6 out of 10. CyberArk Endpoint Privilege Manager is most commonly compared to Microsoft Defender for Endpoint: CyberArk Endpoint Privilege Manager vs Microsoft Defender for Endpoint. CyberArk Endpoint Privilege Manager is popular among the large enterprise segment, accounting for 71% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.
CyberArk Endpoint Privilege Manager Buyer's Guide

Download the CyberArk Endpoint Privilege Manager Buyer's Guide including reviews and more. Updated: December 2022

What is CyberArk Endpoint Privilege Manager?

What is CyberArk Endpoint Privilege Manager?

CyberArk Endpoint Privilege Manager enables organizations to enforce least privilege policies for business and administrative users, as well as control applications to reduce the attack surface on Windows, Mac and Linux platforms. The solution helps organizations revoke everyday local administrator privileges from business users while seamlessly elevating privileges when required by trusted applications. CyberArk Endpoint Privilege Manager also enables security teams to enforce granular least privilege policies for IT administrators, helping organizations effectively segregate duties on Windows and Linux servers. Complementing these privilege controls, the solution also delivers comprehensive protection from credential theft, actively defending operating system, browser and management application credential stores and defusing critical TTPs that routinely enable large-impact breaches. Easy-to-configure anti-ransomware policy prevents malicious data encryption and exfiltration.

CyberArk Endpoint Privilege Manager is 100% SaaS solution. It offers out-of-the-box configurations that can be applied with a single click, instantly closing security gaps and delivering value. It also offers integrations with third-party security solutions, such as SIEMs, identity providers, threat intelligence providers and others.

CyberArk Endpoint Privilege Manager was previously known as Viewfinity.

CyberArk Endpoint Privilege Manager Customers


CyberArk Endpoint Privilege Manager Video

CyberArk Endpoint Privilege Manager Pricing Advice

What users are saying about CyberArk Endpoint Privilege Manager pricing:
  • "Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."
  • "The price of CyberArk Endpoint Privilege Manager is expensive. The solution is priced based on the number of accounts onboarded and the number of concurrent sessions. Everyone else is included in the price, such as support."
  • "We pay about $17 per user."
  • "The price of CyberArk Endpoint Privilege Manager is expensive."
  • CyberArk Endpoint Privilege Manager Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    IT Security Service Specialist at a manufacturing company with 10,001+ employees
    Real User
    Top 20
    An endpoint security solution with a useful admin rights management feature, but performance could be better
    Pros and Cons
    • "I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."
    • "Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond. If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources."

    What is our primary use case?

    We use CyberArk Endpoint Privilege Manager mainly for privilege management.

    How has it helped my organization?

    It's helped us manage our security processes. Our main goal is to have more specified permissions for the users and to take back control of the environment. Because local admins are used globally, there isn't much control in the environment. But with this, we can know what's going on and report it properly.

    What is most valuable?

    I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them.

    What needs improvement?

    Performance could be better. We have a couple of problems with CyberArk right now. One of the problems is performance in our environment. Support also takes a long time to respond.

    If the user already has local admin rights, then I can't collect any events in the console from this device. There are also some options in CyberArk that are not working properly, and are not helpful in this case. 

    I can't collect any information to create a proper policy for the device. I have to investigate everything manually, or even disable the local admin from the device. I can collect the events only after this, and it's very time consuming. In my case, it's a waste of resources.

    Buyer's Guide
    CyberArk Endpoint Privilege Manager
    December 2022
    Learn what your peers think about CyberArk Endpoint Privilege Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been dealing CyberArk Endpoint Privilege Manager for about one year.

    What do I think about the stability of the solution?

    It's not a stable solution because you have to restart the server once a week. However, we didn't experience any problems on the end-user computers, only with the servers. 

    What do I think about the scalability of the solution?

    The solution is scalable, but it requires a lot of work. We have tens of thousands of devices. Overall, it's nearly applied on every device. But when we're talking about something like 30,000 devices, it's hard to manage. 

    When it comes to the global configuration, we are right now in the deployment stage, and it will take a lot of time. It also takes a lot of work from our side to implement it appropriately. It's not as easy as just installing it, and it works. It has to be done step by step.

    How are customer service and support?

    I'm not satisfied with technical support. In my previous experience, we were waiting a couple of days for their response. We're having this problem for a couple of months now, and the problem is still not solved. You also need some training to create a support ticket, and I have to pay for this. From my perspective, this is like stealing.

    How was the initial setup?

    The initial setup depends on the configuration you want. CyberArk is pretty flexible, so you can do it around multiple configurations. If you want to get your environment in a pretty simple setup, then it's quite easy. If you want to do much more, then there's a lot to work on. But overall, it's pretty easy to manage.

    What's my experience with pricing, setup cost, and licensing?

    Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly.

    What other advice do I have?

    I would advise poential users to instantly look for a solution in the cloud if they want to go with CyberArk. Don't get the on-premise version.

    I'm not satisfied with the EPM, and I'm just looking to see if there's any other solution that we can get. This is also because CyberArk is ending support for on-premise solutions in 2023. So, in our case, we will have to move to the cloud, and the cloud is much more expensive than just using the solution we have right now.

    On a scale from one to ten, I would give CyberArk Endpoint Privilege Manager a six.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Anish R - PeerSpot reviewer
    Digital Architect - IAM at a manufacturing company with 10,001+ employees
    Real User
    Foolproof and good for controlling access but can be expensive
    Pros and Cons
    • "I have always found that CyberArk is a very tight, foolproof product compared to most other products available."
    • "CyberArk is a pretty heavy solution."

    What is our primary use case?

    We primarily use the solution on our endpoints. 

    We are using pretty much everything there. Basically, what we are trying to do, is when the end user connects to machines, the actual Window servers, Linux servers, et cetera, everything is run through CyberArk. We haven't got into the Application Identity Management part yet, using CyberArk APIs. 

    That said, we are using CyberArk whenever somebody wants to access a remote server or any server, for that matter. Our infrastructure is basically set up so that access is given through CyberArk.

    What is most valuable?

    The solution is good for controlling access. 

    I have always found that CyberArk is a very tight, foolproof product compared to most other products available.

    It is quite stable. 

    What needs improvement?

    CyberArk is a pretty heavy solution. There are a lot of moving components and a lot of things involved. The architecture itself is pretty heavy. When you look at products like BeyondTrust, it's not as heavy as CyberArk. That's the only thing. 

    The setup can be somewhat complex. 

    Most of it runs on Windows servers. Maintenance of those Windows servers and all that stuff is what is a little bit challenging.

    Technical support could be better.

    For how long have I used the solution?

    I've been working with the solution for about five or six years already with CyberArk. 

    I have implemented CyberArk for quite a few UK clients before. I've been in London and I've worked with some customers there. 

    I've been part of the Identity Access Management domain for almost 12 years already and Privilege Access Management for maybe four or five years.

    What do I think about the stability of the solution?

    The solution is stable and reliable. I'd rate the stability at a nine out of ten. There are no bugs or glitches, and it doesn't crash or freeze. 

    That said, it depends on the architecture. We have high availability and we have a disaster recovery site. We have a pretty big implementation of CyberArk here. It's foolproof in that way. It's designed to be as stable as possible.

    What do I think about the scalability of the solution?

    While my understanding is there are opportunities for scaling, I've never really attempted to scale anything. 

    We have 5,000 to 10,000 users using the solution at this time. 

    How are customer service and support?

    We do get a lot of support from them. We have taken professional services also in my previous engagement, where we had to deploy specific complex solutions. Technical support is always available, and they are helpful. 

    That said, not everyone has the same level of expertise. There are people who are very knowledgeable and there are people who are not as good as well.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    I've worked in BeyondTrust, also. They have Asian-based solutions, and it's not as heavy as CyberArk.

    Since I have been working with CyberArk for some time, I feel a little bit more comfortable with CyberArk. BeyondTrust is also not that bad. However, they did not have all the capabilities that CyberArk was offering at that time. That said, this was maybe four or five years ago. I haven't explored anything after that. I'm sure a lot of things have changed.

    There used to be IBM Privilege Identity Manager as well, but it's not there anymore. 

    Saviynt has its own solution as well.

    Basically, there are multiple solutions there, however, CyberArk was definitely been our choice for Privilege Identity Manager.

    How was the initial setup?

    Every product has its own way of working. With CyberArk, the only challenge is there are a lot of components. That's the only thing. 

    When you have CyberArk architecture and if you have a hybrid environment specifically or you have multiple data centers that you want to use CyberArk in, the thing is there are a lot of components that need to be deployed. They have a lot of architectural components out there.

    We do require quite a few people to cover maintenance tasks. 

    What's my experience with pricing, setup cost, and licensing?

    The solution is expensive. 

    What other advice do I have?

    I'm an end-user. I have worked for companies that have had partnerships with this solution in the past.

    The solution is pretty mature and can accommodate our use cases quite well. 

    I'd rate the solution seven out of ten.

    I would recommend the solution to others. We have in the past recommended it to our customers as well. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    CyberArk Endpoint Privilege Manager
    December 2022
    Learn what your peers think about CyberArk Endpoint Privilege Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.
    Network Security & Data Management Admin at Digitaltrack
    Reseller
    Top 10
    Review about CyberArk Endpoint Privilege Manager
    Pros and Cons
    • "The department management aspect of the solution is the most valuable aspect."
    • "Technical support is slow to respond when we run into issues."

    What is our primary use case?

    We are implementing this product to control the Privilege account. For example, from a Cyber Privilege account, we just want to know what the user is doing and how to control it. We use it for security and monitoring.

    What is most valuable?

    The department management aspect of the solution is the most valuable aspect. 

    The screen the color options are very good. 

    The solution does a good job of assisting with the monitoring of users. 

    Basic integrations of users are very straightforward. It's easy to assign them the rules, et cetera.

    What needs improvement?

    Technical support is slow to respond when we run into issues.

    We haven't really faced too many issues so far. There are some small issues here and there, however, it hasn't been anything major.

    We've faced some delays in tax reporting.

    When you're trying to integrate the other products, there are some workarounds which we have to do. We'd like the integration of security to be easier. 

    We expected it to be very easy for the people who are deploying and managing the product, however, that isn't necessarily the case.

    For how long have I used the solution?

    We've only been dealing with the solution for about a year or so. It's a somewhat recent addition to the company.

    What do I think about the stability of the solution?

    The product has a very stable history. I've not heard of any issues. There doesn't seem to be problems with bugs or glitches. It doesn't crash or freeze. Any issue we've had has been extremely minor. It's reliable.

    What do I think about the scalability of the solution?

    The solution is scalable, even though we have had some difficulties here and there. We had a client who purchased an extra 50 licenses and we faced some complications around that, however, it did end up working out just fine in the end. 

    How are customer service and technical support?

    Technical support does not cause us issues. They are supporting us just fine. Presently, they are very good. 

    That said, reaching them is a bit of a problem. It's complicated. It can take a lot of time. I don't know where the delay is happening, or why, yet, often, when we reach out, we have trouble. 

    Otherwise, they are very good and very capable. We are mostly satisfied with their level of support.

    How was the initial setup?

    I did not handle the installation myself. I have done one recently, however, I did it with the assistance of our distributor. As I've only ever done one implementation personally, it's hard to comment on the process. I'm still quite new to it. 

    What about the implementation team?

    We can implement the solution for our clients. I myself have recently handled my first implementation, and I did that with the help of our distributor.

    What's my experience with pricing, setup cost, and licensing?

    I'm more on the technical side. I don't typically deal with the pricing of products. I can't speak to the licensing, how it works, or how much it costs. That's handled by a different team. 

    Which other solutions did I evaluate?

    We have tried other products. We have tried, for example, BeyondTrust, and the MicroFocus Time Solution. However, neither was what we expected and therefore we need up coming back to CyberArk. 

    What other advice do I have?

    We are resellers and an implementor of the solution.

    I'd rate the solution at a nine out of ten.

    Product-wise we don't face that many issues, and basic integration of users and assigning them the rules and other stuff like that is, compared to other options, very straightforward. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
    PeerSpot user
    IkeEkweruo - PeerSpot reviewer
    Sr. PAM Consultant at a tech vendor with 11-50 employees
    Consultant
    Helps us secure our endpoints and prevent attacks, but it can be improved by allowing computers to be excluded from policies.
    Pros and Cons
    • "You can use it to strip users of their local admin rights and, at the same time, elevate applications for them."
    • "Can be improved by allowing computers to be excluded from policies."

    How has it helped my organization?

    By securing our endpoints, we are preventing attackers from using the domain accounts we have that are administrative accounts. For example, your credentials are cached when you log into a Windows computer, so attackers look out for those, and if it's an admin account, it will be what they need. Another good thing about this product is that even if you have a local account, you can provision that account so that the password is unique on all computers. So if you have their account credentials on a single computer, it doesn't mean you can use that same account and password to log into another computer or workstation. It also prevents using any accounts to jump from one host to another or move laterally, which is another important one for us.

    What is most valuable?

    All of the features are valuable. They control applications for users, like preventing users from elevating applications. You can use it to strip users of their local admin rights and, at the same time, elevate applications for them and give them access to elevated applications. Hence, administrative rights are unavailable for domain accounts which are the juicy ones for attackers because they can use them to move laterally from one host to another. Therefore, attackers can no longer strip a user's near right, but at the same time, they can elevate the user from access to the application and do their jobs without having issues elevating applications.

    What needs improvement?

    The solution can be improved by allowing computers or users to be excluded from policies because we currently can't do that. If you roll out an approach, you can target computers and users and can't exclude end users when targeting computers. So, for example, say you want to exclude administrators from a policy it will apply to everybody.

    For how long have I used the solution?

    We have been using this solution for approximately one year and are currently using the latest version.

    What do I think about the stability of the solution?

    The solution is stable and reliable, depending on the client's use case.

    What do I think about the scalability of the solution?

    The solution is scalable.

    How are customer service and support?

    I rate customer service and support seven out of ten.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The implementation would be complex for someone who doesn't understand how to implement it overall. Additionally, the use case determines the complexity. I rate the complexity an eight out of ten, with ten being the easiest.

    The time involved in deployment depends on the use cases, the size of the organization and the number of workstations and users they have. For smaller organizations, if you have less than a hundred computers, it depends on your use cases. If the use cases are few, they can be deployed in a day or two, and policies can be rolled out to the workstations. On the other hand, organizations could take up to six months or a year to deploy.

    What other advice do I have?

    I rate the solution seven out of ten. The solution is good but can be improved by allowing computers to be excluded from policies. I advise customers considering this solution to asses their use cases and try to talk to the three leading vendors at Delinea, CyberArk and Beyond Trust and find out if they can meet the requirements of their use cases before deciding.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Senior Consultant at a tech services company with 11-50 employees
    Consultant
    Top 20
    Highly scalable, excellent interface, and helpful documentation
    Pros and Cons
    • "The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management."
    • "The price of the solution should improve."

    What is our primary use case?

    CyberArk Endpoint Privilege Manager can be deployed across all platforms, such as AWS, GCP, and Ali Baba. 

    The solution is used for management, multi-site failover, satellite vaulting, distributed architecture, custom CPM, PSM deployment, custom CCP, and CCP deployment.

    What is most valuable?

    The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management.

    CyberArk Endpoint Privilege Manager was presently revised, which included a new interface, rebranding, improve documentation, and an excellent user panel that supports multiple integrations.

    What needs improvement?

    The price of the solution should improve.

    For how long have I used the solution?

    I have been using CyberArk Endpoint Privilege Manager for approximately three years.

    What do I think about the stability of the solution?

    The stability of CyberArk Endpoint Privilege Manager is excellent. It has an uptime of 99.99 percent.

    What do I think about the scalability of the solution?

    My clients have scaled CyberArk Endpoint Privilege Manager. They have a distributed architecture and satellite vaulting, which allows scalability to be flexible.

    I rate the scalability of CyberArk Endpoint Privilege Manager five out of five.

    We have approximately 30 people using the solution.

    How are customer service and support?

    The support from CyberArk Endpoint Privilege Manager is excellent. We have good support in our SLAs, it is for five days.

    Which solution did I use previously and why did I switch?

    I work with the competitor of CyberArk Endpoint Privilege Manager, Beyond Trust. If I was to change something it wouldn't be CyberArk Endpoint Privilege Manager, it would just be Beyond Trust. There's a reason why there are features in CyberArk Endpoint Privilege Manager, it works in CyberArk Endpoint Privilege Manager. The same goes with Beyond Trust, there are features that only work in Beyond Trust and wouldn't work in CyberArk Endpoint Privilege Manager. For example, the introduction of smart rules, wouldn't make sense because CyberArk Endpoint Privilege Manager,  doesn't work with smart rules.

    How was the initial setup?

    I rate the initial setup of CyberArk Endpoint Privilege Manager as straightforward. However, I use the solution every day. The process of implementation took approximately one day.

    The implementation strategy was reviewing architecture, deploying architecture, installing components, deploying components, configuring components, onboarding accounts, managing accounts, configuring platforms, managing platforms, configuring safes, and onboarding safes. 

    We had a company-wide deployment of this solution.

    What about the implementation team?

    We did the implementation of the solution in-house, but the SaaS-based part of the solution is done by the vendor. We had approximately five people who did the implementation.

    What's my experience with pricing, setup cost, and licensing?

    The price of CyberArk Endpoint Privilege Manager is expensive. The solution is priced based on the number of accounts onboarded and the number of concurrent sessions. Everyone else is included in the price, such as support.

    I rate the price of CyberArk Endpoint Privilege Manager a one out of five.

    What other advice do I have?

    I rate CyberArk Endpoint Privilege Manager an eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Omar_Jaimes - PeerSpot reviewer
    Cybersecurity Architecture Manager at Data Warden
    Real User
    Top 5
    Easy to deploy and great for blacklisting and whitelisting
    Pros and Cons
    • "Users can scale the solution."
    • "It is hard to deal with technical support if you are not certified."

    What is our primary use case?

    Inside we have a lot of applications, including three or four critical applications. With this application, remote users cannot run another application if you do not grant access to these applications. For example, if you want users to use Word or PowerPoint, you can allow usage of those and block usage of other things. If you want to run one application and you need to get permission, you send a ticket to ask for authorization to use it. That way, the company can control the access of every user.

    What is most valuable?

    I like that we have the power to blacklist, whitelist, and greylist applications.

    It is really easy to deploy.

    The solution is mostly stable. 

    Users can scale the solution. 

    What needs improvement?

    We'd like the solution to work with AIX operating systems and custom distributions like Linux. 

    We would prefer increased stability.

    It is hard to deal with technical support if you are not certified. 

    For how long have I used the solution?

    I've been using the solution for one year.

    What do I think about the stability of the solution?

    More or less, the solution is stable. About three weeks ago, we witnessed latency with the solution. It could be a bit more stable. 

    What do I think about the scalability of the solution?

    If you want to deploy some agents, you can buy more licenses for the solution. It's a service only. You can add another agent. With ease and scale as you like.

    We have about 100 users on the product right now.  

    At this time, we will not increase usage. 

    How are customer service and support?

    If you do not have certification, you cannot send a ticket. This makes dealing with technical support difficult. 

    Which solution did I use previously and why did I switch?

    I did not previously use a different solution. 

    How was the initial setup?

    You can implement this product on-premise. With the next-generation versions, you can just download an agent and deploy it on your machines. It really is easy to deploy.

    We have three people on staff that are capable of managing the solution as needed. 

    What about the implementation team?

    We had a consultant assist us with the implementation process. 

    What was our ROI?

    We have seen an ROI of around $10,000 so far.

    What's my experience with pricing, setup cost, and licensing?

    We pay about $17 per user.

    Which other solutions did I evaluate?

    I'm not aware of any other similar solutions and did not evaluate any others. 

    What other advice do I have?

    This is a SaaS solution. 

    If you don't have a solution that you can deploy a massive agent to, it isn't easy to implement individually. 

    I'd rate the solution nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    AslamImroze - PeerSpot reviewer
    Technical Manager at Gulf IT
    Reseller
    Top 5Leaderboard
    Great performance, good application distribution, and reduces help desk calls
    Pros and Cons
    • "It offers great performance."
    • "It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage."

    What is our primary use case?

    We primarily use the solution on our endpoints. 

    What is most valuable?

    We have found the solution quite impressive.

    Performance-wise, it's on par with BeyondTrust.

    We like that you can distribute the applications and decide how you want to run those applications based on their criticality. You can distribute them and decide which one needs any extra approval and which can run independently. That division was really, really helpful. It has actually reduced almost 30% of calls to the IT help desk.

    What needs improvement?

    It cannot be on-prem. It is only cloud-based. Sometimes, that's a restriction in terms of usage.

    I want to have the EPM platform on the same platform as PAM. I'd like not to have two different dashboards or two different consoles to manage the endpoint systems. Having a single platform for PAM and for EPM would actually help a lot.

    For how long have I used the solution?

    We've only been testing the solution. We haven't used it for that long. 

    What do I think about the stability of the solution?

    The solution is stable. It offers great performance. There are no bugs or glitches and it doesn't crash or freeze. 

    What do I think about the scalability of the solution?

    EPM is mostly for the endpoint end users. We have more than 500.

    Which solution did I use previously and why did I switch?

    We've also used BeyondTrust EPM. They are very similar. 

    What other advice do I have?

    Anyone who's trying to get the EPM implemented before purchasing the solution should have their internal policy sorted out. Make sure you have the right application groups and user groups defined and the policies for them defined. You cannot acquire the solution, purchase it, and then start building it. You will lose the license period, and sometimes not being ready means the implementation will fail.

    I'd rate the solution eight out of ten. It still leverages a lot of group policy manager features of Windows infrastructure, and the group policy manager is a little complicated. It's still a good solution, however.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    PeerSpot user
    TeguhBudyantara - PeerSpot reviewer
    Professional Services Manager at PT Korelasi Persada Indonesia
    Real User
    Top 5Leaderboard
    Useful password reset, suitable for large enterprises, and stable
    Pros and Cons
    • "The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically."
    • "CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."

    What is our primary use case?

    CyberArk Endpoint Privilege Manager is used for compliance with password policies.

    What is most valuable?

    The most valuable feature of CyberArk Endpoint Privilege Manager is its ability to reset passwords every time that it is needed or periodically.

    What needs improvement?

    CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link.

    For how long have I used the solution?

    I have been using CyberArk Endpoint Privilege Manager for approximately five years.

    What do I think about the stability of the solution?

    CyberArk Endpoint Privilege Manager is stable.

    What do I think about the scalability of the solution?

    The scalability of CyberArk Endpoint Privilege Manager is good. The capacity is not in high demand in the resources. When you set up a new server, you can use it for approximately 5,000 users of devices. When you buy the largest system, then you don't have to scale it anymore.

    Best suited for medium to large enterprises.

    How are customer service and support?

    I have not used the support from CyberArk Endpoint Privilege Manager.

    How was the initial setup?

    The initial setup of CyberArk Endpoint Privilege Manager is straightforward.

    What's my experience with pricing, setup cost, and licensing?

    The price of CyberArk Endpoint Privilege Manager is expensive.

    What other advice do I have?

    My advice to others is that CyberArk Endpoint Privilege Manager is not for small to medium enterprises. It is best suited for medium to large enterprises because it is not cheap. When you want to implement the password manager and your CyberArk Endpoint Privilege Manager, you have to know what you are doing and what kind of a policy you want to implement in detail, otherwise, you will have no leverage in using the solution.

    I rate CyberArk Endpoint Privilege Manager a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free CyberArk Endpoint Privilege Manager Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2022
    Buyer's Guide
    Download our free CyberArk Endpoint Privilege Manager Report and get advice and tips from experienced pros sharing their opinions.