CyberArk Enterprise Password Vault OverviewUNIXBusinessApplication

CyberArk Enterprise Password Vault is the #3 ranked solution in top Enterprise Password Managers. PeerSpot users give CyberArk Enterprise Password Vault an average rating of 8.4 out of 10. CyberArk Enterprise Password Vault is most commonly compared to Azure Key Vault: CyberArk Enterprise Password Vault vs Azure Key Vault. CyberArk Enterprise Password Vault is popular among the large enterprise segment, accounting for 76% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 21% of all views.
CyberArk Enterprise Password Vault Buyer's Guide

Download the CyberArk Enterprise Password Vault Buyer's Guide including reviews and more. Updated: December 2022

What is CyberArk Enterprise Password Vault?

CyberArk Enterprise Password Vault, a vital component of the CyberArk Privileged Access Manager Solution (PAM), is designed to create, secure, rotate, and control access to privileged accounts and credentials used to access systems throughout an enterprise IT ecosystem. CyberArk Enterprise Password Vault enables enterprise organizations to better understand the scope of their privileged account risks and put controls in place to prevent malicious or inappropriate account or credential access.

CyberArk Enterprise Password Vault uses a Central Policy Manager protocol (CPM) to perform the basic password management functions.

  • Verify Password Task - The CPM will pull the password from the vault and use it to log into the application or device to verify that the password is indeed correct and satisfies all the password safety protocols.
  • Change Password Task - The CPM will pull the password from the vault and create a new password that meets all preset protocols. It will send it to the device or application and then begin the process of changing it, using the same method that might be performed manually. The CPM will then update the password in the vault.
  • Reconcile Password Task - This task is utilized when there is a failure in either the Verify Password Task or the Change Password Task. Using a pre-established reconcile account from the vault, the CPM will use the reconcile account credentials to reset or fix problematic password issues due to changed passwords not being updated properly, new accounts being established, or any other failure with the above tasks.

Enterprise organizations can utilize the easily adaptable policies and protocols to enforce granular privileged access controls, automate workflows, and rotate passwords at prescribed regular intervals without requiring any manual IT effort. Additionally, to satisfy compliance regulations, organizations can easily generate reports to prove that passwords are being changed regularly according to guidelines, meet strict password safety protocols, and report on which users accessed what privileged accounts, when, why, and what device they were using. Enterprise organizations can know at all times that data has remained secure at all times. CyberArk Password Vault will have enterprise organizations audit-ready at all times, keeping them safe and secure from risks while maximizing productivity and profitability.

Reviews from Real Users

Irma S., a program manager at a HR/Recruiting firm, said, "I love how easily we could operate within Password Vault and get things done. It was almost effortless."

Another user, who is a security delivery analyst at a computer software company, relates that CyberArk Password Vault offers, “Good policy configuration and tech support.”



CyberArk Enterprise Password Vault Customers

AstraZeneca, Time, DBS, Novartis, Motorola, BT, pwc, Braun, Deloitte, Williams, Revlon, Belgacom, Barclays

CyberArk Enterprise Password Vault Pricing Advice

What users are saying about CyberArk Enterprise Password Vault pricing:
  • "The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others."
  • "It costs us around $200 per user."
  • "It's an affordable platform."
  • "There are no additional costs other than the standard licensing fees."
  • CyberArk Enterprise Password Vault Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Aakash Chakraborty - PeerSpot reviewer
    IEM Consultant at IC Consult
    Real User
    Top 5
    Great password storage, very reliable, and pretty much issue-free
    Pros and Cons
    • "In terms of stability, there are no complaints."
    • "The initial setup can get complex."

    What is our primary use case?

    We use the solution as a vault for whatever passwords we use for connecting to an API or job services. The admin passwords we store in Password Vault. Via CyberArk, we have made a use case where we can track the session, keep a record, and log it, to whoever is logging into the servers.

    How has it helped my organization?

    CyberArk is basically used for privilege access management. It used to be hard to control security from internal employees. For products, and production servers, tracking used to be very difficult. 

    Although One Identity Manager also provides similar services that CyberArk provides, they are no match to CyberArk basically. The amount of details and logging that CyberArk provides is command level. That really streamlines the process of tracking those internal servers. That's one significant advantage, I would say.

    What is most valuable?

    CyberArk's best aspect is it lets you store the password, and it allows you to connect to those connected systems' passwords. For example, there is an AD in your organization, and you have stored the AD password. Say you want to change the AD password; you just have to change it in CyberArk. CyberArk itself will change the password in the connected system. That's one nice feature they have introduced in the latest features. 

    What needs improvement?

    CyberArk is not friendly in terms of having a Community Edition. It's enterprise software. They could maybe give a Community Edition that you can just play around with and see how the software is. It's a very, very costly app. 

    Therefore, they can definitely give a demo version or some sort of a Community Edition with partial features at least to help potential users understand its capabilities. 

    The initial setup can get complex. 

    Buyer's Guide
    CyberArk Enterprise Password Vault
    December 2022
    Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.

    For how long have I used the solution?

    I've used the solution for about four and a half years.

    What do I think about the stability of the solution?

    In terms of stability, there are no complaints. CyberArk, I would say, is an industry leader in this portfolio, especially in Privileged Access Management. There are so many identity access management tools, and almost all of them say that they are both IAM and PAM service providers. However, CyberArk is the only one that is specifically for Privileged Access Management, and they really do mean it. With CyberArk, the PAM is really too good.

    What do I think about the scalability of the solution?

    We have 5,000 users at least on the solution. 

    For Privileged Access Management, it's been used extensively.

    How are customer service and support?

    I've never dealt with technical support. I'm more of an end user in this case. We rarely have to literally dig down into the implementation. There is a different team that exclusively works on CyberArk, and that's the team that basically deals with day-to-day CyberArk operations.

    Which solution did I use previously and why did I switch?

    In both organizations I have worked, they've used identity access management as Dell One Identity Manager, and for Privileged Access Management, CyberArk.

    We basically used to have a separate Password Vault that was KeePass. 

    With KeePass, there was a security incident in our organization where a few of the passwords got leaked, and then it was challenging to track how the leak happened. With all that considered, G-PAM or CyberArk Password Vault was considered the next solution to prevent these sorts of things from happening again.

    How was the initial setup?

    The implementation process is a bit complex. If you know this software or the product very well, then setting it up is not that big a deal. However, if you're a newcomer, then of course, it's not a piece of cake. As a new user, I'd rate it 2.5 out of five in terms of ease of setup.

    We started from the development stage, where the maximum amount of time was spent. In a live environment, you can't have that much downtime. Roughly you are allowed for one and half hours, or a maximum of three to four hours for downtime. In a live environment, once we could identify the clicks and hacks of the software in the lower environment, it was pretty easy to do. There, it took roughly one to one and a half hours to do, and that part was pretty smooth.

    CyberArk is such a stable product that either they launch a new version, which you have to latch onto very quickly as they censored the support for older versions, and with these security products, you can't really stay along with the older versions. Usually, the products are very stable. They don't need multiple patches or updates. One version itself is self-sufficient. At least in my four and a half years of experience with this product, I have seen fewer intermittent updates. Once they launch a new version, that's a different thing. However, from a maintenance point of view, it's very user-friendly and lightweight. Even usage of the tool is very speedy. It doesn't lag one bit.

    What about the implementation team?

    We handled the initial setup completely in-house.

    What's my experience with pricing, setup cost, and licensing?

    This is very costly software. However, I haven't really dug into the licensing. My organization gives all its employees a free license and therefore I don't have to worry about pricing. My organization is a partner with CyberArk also. Even so, we just have one instance as a practice instance. 

    Which other solutions did I evaluate?

    I did not choose this solution, and I'm unsure if other options were considered. 

    The hired architect chose it. I just had the opportunity to implement it. If he evaluated other options first, I have no knowledge of them. 

    What other advice do I have?

    My company has various levels of partnership with CyberArk.

    I'm typically using the latest version of the solution. CyberArk sunsets their older versions very quickly. They won't let you use the old versions.

    CyberArk has many components. Password Vault is one of the components. Then there is the CyberArk for server monitoring and logging. These are the two components that we have used extensively. However, apart from that, there are many more applications for CyberArk also, which I haven't used at the moment.

    To those considering the solution, I would say when you do the installation, to get on a call with technical support. Keep them on hold. If you are really doing it for the first time and are not aware of the software, you may run into issues.  The public forum of CyberArk is not that good. Their documentation is not that great, and it's not that well maintained. The problems that you may face are seldom covered. Therefore, when you are paying that much money for high-quality software, you can at least ask for better help from them.

    I'd rate the solution nine out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Information Security Engineer II at a healthcare company with 1,001-5,000 employees
    Real User
    Top 20
    Stable and solid solution for managing passwords, and comes with auto password recycling and PSM features
    Pros and Cons
    • "If properly set up, CyberArk Enterprise Password Vault has good stability, and is a very solid tool. It can run by itself. Its most valuable features are auto password recycling and PSM."
    • "What needs to be improved in CyberArk Enterprise Password Vault is their customer support, particularly in terms of responsiveness, willingness to help, and being more understanding. The initial setup and upgrade process for the solution is complex and can only be done by CyberArk, so this is another area for improvement."

    What is our primary use case?

    Our use case for CyberArk Enterprise Password Vault is managing privileged accounts. These are local accounts, e.g. local desktops, laptops, or servers. They have a built-in administration account, so part of the solution is to ensure that that account's username and password are stored in the vault and managed by CyberArk Enterprise Password Vault.

    What is most valuable?

    The most valuable feature of CyberArk Enterprise Password Vault is the auto password recycling feature, which works this way: previous accounts which are managed by this solution get their password reset every time, based on our given parameters, e.g. every two days, every five days, every week, etc. You give CyberArk Enterprise Password Vault the number of days that you want the passwords to be changed, so users won't need to have their passwords written somewhere. They can just log on to the solution and retrieve the password. They may even be able to remotely connect to the devices that they want to connect to via the PSM function of CyberArk Enterprise Password Vault.

    What needs improvement?

    What needs to be improved in CyberArk Enterprise Password Vault is their customer support, because as administrative engineers, since we're not experts in the solution, we have to rely on customer support.

    Their customer support needs improvement in terms of being responsive and being understanding. They are knowledgeable, but responding and willingness to come and help knowing that it's their tool, rather than relying on the engineers from the customer side, e.g. our side, to do all the technical things.

    The initial setup and upgrade process for CyberArk Enterprise Password Vault is complex and can only be done by CyberArk, so this is another area for improvement.

    For how long have I used the solution?

    My experience with CyberArk Enterprise Password Vault is almost three years.

    What do I think about the stability of the solution?

    CyberArk Enterprise Password Vault stability is good. If it's properly set up, it can just run by itself. It's a very solid tool, but it has to be properly set up because a simple misconfiguration can create a lot of pain. Once set up, it's really good.

    How are customer service and support?

    Customer support for this product still needs some improvement.

    How was the initial setup?

    The initial setup for CyberArk Enterprise Password Vault is another pain point, because the setup, including upgrading the solution, can only be done by CyberArk themselves. They have professional services involved to get an initial setup done, and to even do an upgrade, because of the complexity of the product itself.

    What's my experience with pricing, setup cost, and licensing?

    The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others. It's their SaaS solution that's expensive.

    What other advice do I have?

    We're using version 11.1 of CyberArk Enterprise Password Vault.

    It's probably not fair to judge CyberArk Enterprise Password Vault based on my overall experience with it, because the tool itself is brilliant, though it's a little bit complex in terms of how it is set up. The customer service could still be improved to meet the standards, but I'm giving CyberArk Enterprise Password Vault a score of seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    CyberArk Enterprise Password Vault
    December 2022
    Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.
    Omar_Jaimes - PeerSpot reviewer
    Cybersecurity Architecture Manager at Data Warden
    Real User
    Top 5
    An excellent product with immediate ROI and good password security
    Pros and Cons
    • "The password rotation and cyber gateway have been quite useful."
    • "The license is expensive."

    What is our primary use case?

    The most common use case is when you need to hide the management for the servers, switches, routers, et cetera. You can use privileged access for remote use cases.

    How has it helped my organization?

    In my company, we have a lot of servers, and the problem is when the users want to access these platforms. You can access all the architecture and knowledge with this product. It provides more access and visibility.

    What is most valuable?

    The password rotation and cyber gateway have been quite useful. It's a solution that allows you to search for passwords for your servers and accounts. This is the most feature power.

    The solution is quite stable.

    It is scalable on the cloud. 

    What needs improvement?

    The implementation is hard. For example, the on-prem implementation specifically is really hard to deploy. 

    The solution does not scale well on-premises. 

    This is an expensive product.

    It's hard to get help from support if you are not certified. 

    For how long have I used the solution?

    I've been using the solution for five years. 

    What do I think about the stability of the solution?

    The product is really stable. You just need to deploy a higher viability solution. However, you need to do a lot of budgeting to deploy that higher viability solution. You need at least 12 servers. It's really, really difficult to have a budget for that.

    What do I think about the scalability of the solution?

    It is easy to scale on the cloud. It is difficult to expand it on-premises. 

    We have 30 people using the solution in my company.

    At this point, we do not have plans to increase usage. 

    How are customer service and support?

    The technical support is really excellent. However, if you don't have a certification, it is impossible for you to receive technical support.

    Which solution did I use previously and why did I switch?

    We previously used BeyondTrust and Centrify, among other solutions.

    How was the initial setup?

    The initial setup is pretty difficult and it takes a while to put into place. 

    You need at least six servers to deploy it and it's really difficult to have a budget for that - plus, the implementation itself is really hard. You likely have to dedicate one week to deploy the solution and another week or two to onboard all the accounts.

    Basically, it's pretty complex to implement. 

    What about the implementation team?

    We've used a consultant to assist us with the implementation. 

    What was our ROI?

    The ROI is really quick. If you have a compromised account, it can compromise your infrastructure, and the loss of the business is really high. With this product and the protection it offers, you can witness ROI immediately.

    What's my experience with pricing, setup cost, and licensing?

    You need a large number of servers, and therefore it gets expensive to deploy the product.

    The license is expensive. It costs us around $200 per user. 

    What other advice do I have?

    We are using a privileged cloud and an on-prem cloud, an on-prem APD. We have a hybrid setup.

    I'd advise potential new users to have very good scripting at the outset. If you don't, you'll have difficulties in the long run. 

    While the solution is expensive, it's excellent. I would rate it ten out of ten. You definitely get what you pay for. 

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Manager Engineering at a comms service provider with 1,001-5,000 employees
    Real User
    Top 5
    Once you complete the setup, you have everything at the click of a button.
    Pros and Cons
    • "The logs and reporting features are impressive."
    • "CyberArk's license is too expensive. I rate it seven out of 10 for affordability."

    What is our primary use case?

    We Enterprise Password Vault to manage privileged credentials as well as some server and activity logging.

    How has it helped my organization?

    Before we implemented CyberArk, we had no password vault, so it was challenging to keep a record of who made changes and had access. With CyberArk, everything is a click away for us. We don't need to worry about reporting and other things. We can on our server to check who had access and the changes they made. 

    What is most valuable?

    The logs and reporting features are impressive.

    For how long have I used the solution?

    We've been using CyberArk for about five years now.

    What do I think about the stability of the solution?

    CyberArk is stable, and the performance is awesome.

    What do I think about the scalability of the solution?

    CyberArk is highly scalable. You don't need to worry about being dependent on only one server because you can deploy to multiple ones and manage it with all of them. If one fails, you can still use your access, so I think it's scalable.

    We aren't using the solution extensively, but we plan to expand, and we'll definitely we'll continue with the same solution.

    How are customer service and support?

    I rate CyberArk support 10 out of 10. We have contacted tech support a few times for help with some of the cases, and the support was perfect.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We didn't have a password vault solution before CyberArk. 

    How was the initial setup?

    The initial setup was straightforward for us, but it depends on how you want to use it. It will become a little complex, and you need to gain some knowledge to customize it how you want. That applies to any product. I'll rate CyberArk 10 out of 10 for ease of setup. 

    It took us around five or six months to deploy because we were also testing out some other products at the same time. And after testing for a few months, we decided to go with CyberArk for the final production rollout. Once you complete the setup, you don't need much maintenance, but we have around 40 system administrators managing the CyberArk server. 

    What about the implementation team?

    We did the deployment with our in-house team.

    What's my experience with pricing, setup cost, and licensing?

    CyberArk's license is too expensive. I rate it seven out of 10 for affordability.

    Which other solutions did I evaluate?

    We tried a couple of solutions before selecting CyberArk. Some of them are highly secure, but the reporting functions were tricky. A few were highly scalable, but they required a lot of resources to manage. We preferred CybeArk because it's easy to use and set up. Once you complete the setup, you have everything at the click of a button.

    What other advice do I have?

    I rate CyberArk Enterprise Password Vault nine out of 10. If you're worried about privileged ID management, security, and scalability, you should go with CyberArk.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Senior Presale - BU Information Security at a tech services company with 51-200 employees
    Real User
    Feature-rich, good performance, scalable, and has a user-friendly interface
    Pros and Cons
    • "It's a highly flexible solution that can adapt to each customer's needs."
    • "The initial setup could be simpler but it may not be as effective."

    What is our primary use case?

    We implement this solution for our customers. We are system integrators, not end-users.

    The main use case is for secure access, and monitoring the access by IT administrators.

    What is most valuable?

    I like the performance of CyberArk Enterprise Password Vault.

    Definitely, it's a reliable solution.

    It has a wide range of features. They are probably the widest range of features on the market. It is the main reason customers usually select this product.

    This solution works very well, and the feedback from our customers is very good.

    Integration is one of the strongest capabilities of this solution. There are hundreds of integrations that are ready to use. It is continuously growing, which is one of its strengths.

    The interface is really user-friendly.

    It's a highly flexible solution that can adapt to each customer's needs.

    Another strength, for both performance and the security levels, is the segregation of the different rules of the solution.

    What needs improvement?

    The initial setup could be simpler but it may not be as effective.

    For how long have I used the solution?

    I've been using CyberArk Enterprise Password Vault for three years, and the company began using it in 2003.

    This solution is used mainly on-premises, but the trend is to go with hybrid and cloud deployment for new projects.

    What do I think about the stability of the solution?

    CyberArk Enterprise Password Vault is a stable product.

    What do I think about the scalability of the solution?

    CyberArk Enterprise Password Vault is easy to scale.

    How are customer service and support?

    I have not contacted technical support. I deal in the presales department. I don't manage the technical aspects of delivery and support.

    How was the initial setup?

    We needed to build a specific project that is tailored for each customer. It requires a bit of design with the first part of the project, which is a benefit because the solution has high performance and is built on the needs of the customer. 

    There is a bit of a setup initially, but it provides them with a good result for the project.

    What's my experience with pricing, setup cost, and licensing?

    It's an affordable platform.

    It is not the cheapest solution available on the market, but if you want a good project, you need to have the value of the solution you are selecting. 

    In my opinion, it is a good compromise between the cost and the benefits. I think the price is fair.

    What other advice do I have?

    I would definitely recommend this solution to others who are interested in using it.

    I do not have visibility with other solutions that may be better or more up-to-date.

    I would rate CyberArk Enterprise Password Vault a ten out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Senior Leader at a financial services firm with 5,001-10,000 employees
    Real User
    Useful password vaulting, reliable, and simple deployment
    Pros and Cons
    • "The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use."
    • "CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."

    What is our primary use case?

    CyberArk Enterprise Password Vault can be used for password vaulting and purpose session management.

    What is most valuable?

    The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use.

    What needs improvement?

    CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve.

    For how long have I used the solution?

    I have been using CyberArk Enterprise Password Vault for approximately seven years.

    What do I think about the stability of the solution?

    The stability of CyberArk Enterprise Password Vault depends on what you use it for. It is very stable when using a single vault. I had the most problems using the distributive vault. They've worked through some of that, so it's more stable now.

    What do I think about the scalability of the solution?

    The scalability of CyberArk Enterprise Password Vault is okay. The distributive vault is what would affect the scalability and there were some issues with that that I've run into.

    We only have a small number of users in the current company I am working at, and the previous company I was working for had hundreds of users using the solution. 

    We do not plan to increase the usage of this solution.

    How are customer service and support?

    The support from CyberArk Enterprise Password Vault is good.

    I rate the support from CyberArk Enterprise Password Vault a four out of five.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I did not use a solution similar to CyberArk Enterprise Password Vault.

    How was the initial setup?

    The initial setup of CyberArk Enterprise Password Vault was straightforward. The time it took to implement was two months.

    What about the implementation team?

    We did the implementation of CyberArk Enterprise Password Vault in-house.

    We have approximately nine people for the deployment and maintenance of CyberArk Enterprise Password Vault.

    What was our ROI?

    We have seen a return on investment from using CyberArk Enterprise Password Vault.

    What's my experience with pricing, setup cost, and licensing?

    There are no additional costs other than the standard licensing fees.

    Which other solutions did I evaluate?

    We evaluated other solutions but we decided to choose CyberArk Enterprise Password Vault because they were a key player in the market who invented the space.

    What other advice do I have?

    CyberArk Enterprise Password Vault is great. It excels on-premise. If you were looking at the hybrid or other solutions, there are other solutions that were built in that environment. They're probably a little ahead of CyberArk Enterprise Password Vault at this point.

    I rate CyberArk Enterprise Password Vault an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Security at a tech services company with 201-500 employees
    Real User
    Top 5
    Its privileged session management is valuable for monitoring your inside threats, but it's a lot of work to set up
    Pros and Cons
    • "Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done."
    • "There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment."

    What is our primary use case?

    Companies often have an enormous amount of admin credentials out there. They want to find out how many they have, start cleaning them up, and ensure they're all kept in an encrypted vault. Password Vault is probably the top product in that space, and it's a monster to implement, but CyberArk is great at what they do.

    What is most valuable?

    Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done. So, for example, if an admin doesn't check out their password and fires up a session on a machine, you can see playback. Scalability and those particular features are pretty valuable for monitoring your insider threat.

    What do I think about the stability of the solution?

    Our customers haven't complained about any stability issues, and we've set Password Vault up for quite a few customers. However, the stability depends on the equipment unless they do it in the cloud. But if they're setting up on a bunch of VMs, and that VM store goes down, that's not necessarily a CyberArk problem. That's more of a problem with Windows or VMware, etc., or something like that. So I guess the stability's fine.

    How was the initial setup?

    There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment.

    What's my experience with pricing, setup cost, and licensing?

    On-prem CyberArk is pretty expensive. It's pricey and you get what you pay for. It's an incredible product for what it does, but it's significantly cheaper to go to the cloud.

    What other advice do I have?

    I would rate Password Vault seven out of 10. I'd only go that low because of how challenging the installation can be. I advise our customers to consider using CyberArk's cloud option because many people just reflexively lean toward the on-prem solution. The cloud solution is considerably less expensive. It's still complex to set up the different components and make it all work together, so I suggest you make sure you need all those components. Maybe you don't even want to use everything there, but consider the cloud version. It's the same product, but it's more straightforward and cost-effective. You're not losing any functionality.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    IkedeEbhole - PeerSpot reviewer
    Pre sales Engineer (West Africa) at StarLink - Trusted Security Advisor
    Real User
    Top 20
    A useful solution for privileged identity and application identity management
    Pros and Cons
    • "It's a good solution, it works, and the bank is happy with it."
    • "The architecture needs to be improved."

    What is our primary use case?

    Our primary use case for his solution is privileged identity and application identity management, and we deploy the solution on-premises.

    What is most valuable?

    We have found the core features of the product most valuable, such as password management, session recording and vaulting.

    What needs improvement?

    The architecture needs to be improved. For example, the whole solution can come within a single software bundle instead of the distributed components we have for the on-premise deployments. I think there's room for improvements in that area because the competitors within that space have appliances and software that are just a single software. You don't have to split functionality across several servers like the current deployment.

    For how long have I used the solution?

    We have been using this solution for approximately five years.

    What do I think about the scalability of the solution?

    The solution is scalable. At the point of implementation, 300 users in our organization were using it, but that number may have increased.

    How was the initial setup?

    The initial setup is not very complex because of my experience and skills. Still, the end users are only in charge of the administrative aspects, but I think the set up is a bit complex for those who are not very savvy with the solution. Implementation took approximately two weeks.

    What other advice do I have?

    I rate the solution nine out of ten. The solution is good, but the main feature to be improved is having the product in a consolidated software bundle. So the moment we have PSM, it's a dedicated server. We can also have a PVWA in another server, so having a singular bundle is just like the cloud offering. The infrastructure is abstracted from the end user. So if we can have something like that for on-premises, that would simplify implementation. Regardless it's a good solution, it works, and the bank is happy with it. My recommendation to people considering implementing this product is to get the scoping appropriately done. It comes down to scoping the initial deployment, so it doesn't take forever. Still, if you're not scoping correctly, you could have a situation where people keep adding new accounts continuously, and your project never ends. Hence, scoping is kind of important.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free CyberArk Enterprise Password Vault Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2022
    Buyer's Guide
    Download our free CyberArk Enterprise Password Vault Report and get advice and tips from experienced pros sharing their opinions.