My company uses CyberArk Enterprise Password Vault for privileged access management, a domain that the product fits under. CyberArk Enterprise Password Vault involves password rotations, recording of sessions, keystrokes, and securing sessions, which all come under the same category in the solution.
The most valuable feature of the solution stems from the fact that it's the best in the market. I haven't seen any other PAM solutions better than CyberArk Enterprise Password Vault.
CyberArk Enterprise Password Vault's GUI has certain shortcomings that need improvement.
I have been using CyberArk Enterprise Password Vault for two years. I use the solution's latest version.
It is a stable solution, but sometimes its GUI lags if the load gets too much. If you try to click some buttons, responding will take five seconds instead of just responding immediately.
It is a highly scalable solution.
My company has around 500 uses of the solution and 3,000 to 4,000 accounts, which can be scaled up to 10,000 or 15,000 accounts.
My company does not have plans to increase the usage of the solution.
I am not an admirer of the product's technical support team. The product's technical support team doesn't know the product well enough to give customers suggestions, so they need to work on that part.
BeyondTrust and LastPass were the two solutions I had used in the past.
The initial setup of CyberArk Enterprise Password Vault is quite complicated, but if you follow the documentation, I don't think you should have any issues. The issues are only with the solution's support team and the GUI.
The initial deployment just takes about five days to a week if you have got all the network architecture right.
If you don't get the network architecture right, then the deployment could take two or three weeks.
For the deployment process, you should ensure you have some open IP ranges because CyberArk needs to talk to the cloud at its end, so you need to allow certain IPs to make certain connections, after which you need infrastructure and servers in place.
There is a Zip file for your environment, like an image you download from their website, which CyberArk's partners can access. Once you download the Zip file, there are a few scripts to run, and if the scripts run properly, your environment will be set up properly, after which you deploy the connector.
There is a need for an architect who is an expert in CyberArk and networking for the deployment and maintenance, along with one senior engineer.
The ROI for the solution is good because if you deploy the product, then you will not face any issues for five to ten years, especially if you manage it well.
Payments have to be made on a yearly basis toward the licensing costs of the solution.
I would say that the solution is expensive because it's only preferred by the top-tier companies involved in banking or insurance who have no problem with budgets for their cybersecurity. A medium or small-sized company would prefer to use some other solution over CyberArk Enterprise Password Vault.
was not part of the evaluation process in my company. I wouldn't know why my company chose CyberArk Enterprise Password Vault over other products. I can say that I am comfortable with CyberArk Enterprise Password Vault.
I recommend the solution to those planning to use it. I suggest that CyberArk's potential users invest in getting their own IT environments working perfectly before involving a team of CyberArk-certified engineers since it makes the process a lot easier. If you don't follow the aforementioned steps, then you will find yourself going back and forth to the product's support team, which will take you ages because they take time to respond.
I rate the overall solution a seven out of ten.