Symantec Privileged Access Manager Reviews

One of the most valuable items is the load balancing feature.

The live session recording is still not in the features.

We have used this solution for over a year.

There were no issues with stability.

There were no issues with scalability.

I would give technical support a rating of 7/10.

This is the first solution.

The setup is one of the advantages of CA PAM, as compared with the other solutions.

We evaluated CyberArk, BeyondTrust, and Dell.

The implementation of this product is not a problem and is simple.

The solution has the capability to address hybrid eco-systems, both on-premises and cloud services. Most of the high privileges now include tenant administrator credentials.

Integration with the AD RBAC model is also a great feature, as we can tie it to the central repository.

The FIPS-140-2 certification is really a nice option with every governmental response.

The solution allows us to ease the risks and headaches with administrators turning to our IT team.

I would like the ability to provision through a real REST API. Perhaps this could be SCIM-PAM, once it is certified.

We have used this solution for more than a year for training, PoC, and laboratory use cases.

Some rollover credentials often do not work or you need a more complex configuration.

There were no issues with scalability.

Technical support has yet to be included completely in the CA Support.

Some rollover scenarios can complex to achieve.

We evaluated Sudo-AD and CyberArk.

Have a good view of their role model and critical assets.

It offers access control of privileged accounts.

It has simplified and unified the access of the users to a single point of access. It grants access identity to privileged accounts.

I would like to see improvements in branding customization and multi-tenancy.

We have been using this solution for six months

The solution is not implemented for end users, so we haven't had any problems so far.

There were no issues with scalability.

Technical support is very good.

We did not use a different solution before.

The initial was setup straightforward and simple. The solution does not need any complex customization to deploy and start using it.

Just measure all the necessities before starting and all will be okay.

Keep in mind that the product can be implemented quickly, but it depends on how fast you can provide information.

The most valuable element is the keystroke tracking feature.

We use the tool in our FedRAMP data centers. Whenever an employee does some work at the command line in the servers, app servers or database servers, we need to track what they do.

We use the tool to do just that. We bought it for that purpose. That is why this is the most important feature for us.

The product has not improved our organization. It is an intentionally limiting product. That’s why we have it.

It limits the number of CIs. Why not have unlimited CIs?

As I understand the licensing, we purchase the PAM product and pay for it based on the number of CIs. (A “CI” is a “configuration item”. It’s an ITIL term.)

That means the number of servers, routers, switches, etc. for which PAM controls access and tracks activity. Why not charge us a flat fee and give us unlimited CIs?

We have been using the solution for around four years.

We did not encounter any issues with stability.

We had scalability issues, particularly in regards to the limit of CIs.

The technical support is very good. They are very helpful. They are knowledgeable and follow-up when we have issues.

We did not use a previous solution.

I don’t know about the initial setup. I was not involved in the initial setup.

I am not involved in pricing and licensing.

I don’t know about the evaluation of other products. I was not involved in that part of the process.

Make sure you can track enough CIs and have room for growth.

Manager user/admin’s password, so it’s more secure and password will be changed on time.

When there’s new patches or upgrades, please test the new release well, so it won’t break the functional parts.

It’s very stable, unless we do some patches or upgrade, then it’ll break some functional parts.

So far, no.

So far, it's fair. Because sometimes, it takes me a few days/weeks to get attention.

No.

I didn’t get involved in the initial setup.

I don’t handle that.

I didn't get involved in that evaluation, either.

Have a test environment for testing any upgrades/patches first, before pushing it to production.

• Password management (Linux/Windows) and session recording.
• Platform to access any (RDP, Telnet, SSH device in Datacenter).

• Centralized
• Secure
• Monitored access to any (RDP, Telnet, and SSH device in Datacenter).

Still Exploring.

The product is matured now after new patches and versions.

Easy to scale with clusters.

10 out of 10.

No.

Straightforward. We recently migrated from Physical to Virtual Appliance.

Based on features e.g., access management and password management, the price is suitable.

I don't remember now, but we did a PoC for a few, but chose CA PPM (formally known as Xceedium).

It is the best product for monitoring the recorded session of your IT admins and external consultants. RDP is best for Telnet and SSH devices password management.

So far, we’re using the RDP-gateway and the “published application” features.

• The RDP-gateway: For limiting which server an operator can access.
• The “published applications” feature: To minimize the exposure of sensitive usernames and passwords.

The exposure of sensitive usernames and passwords has been limited in a massive way. This allows us to give much needed access to LDAP servers and databases without the operator knowing the username and/or password. They just have a link to click on after logging into the PAM virtual appliance.

I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using. Have nothing further right now due to limited exposure to the more technical parts of the product.

We’ve had it running for approximately six months so far.

No issues so far, except the typical Java/web-browser problems that all Java-based products have.

Do not know as of right now, as we only have one instance in production at the moment.

So far, I would rate it high. I have gotten fast and accurate answers to my questions and any issues have been resolved in a timely manner.

We used the now discontinued Shared Account Management component of CA Privileged Identity Manager.

The initial setup is really easy. The only thing to worry about is to add all needed networks to your virtual appliance prior to the initial boot. This is a pain and should be fixed in my opinion.

I do not know as I only work with the technical parts of the product, I do not worry about pricing and licensing.

Make sure you have all your network needs mapped out prior to installation, as you have to add all needed networks to the virtual appliance prior to the first boot.

The possibility to control the remote activity and establish different policies, because it depends on the position of workers, how much access they needed, and in what platforms they connect. The possibility to separate this in an easy way is very useful.

We administrate the platform in some clients and the results are very useful to control the access to privileged servers.

The Java problem for web access to the platform, add more useful information in the logs; solve the Javascript problem to access to some Google services on the web.

For over a year.

Yes, at first the cluster desynchronizes often.

No, but the answer is not always clear or satisfactory. In some cases, the answer result is vague.

On a scale from 1 to 10, I give it a 7. I hope to know the SLA of the technical support.

No, but I've heard about CyberArk.

Very straightforward.

I don’t have any comment

No, I’m not from the sales department.

Well, that I recommend the product. It has a good interface and it’s easy to administrate.