ARCON Privileged Access Management Reviews

We use it to access all the servers.

From the administrative point of view, there are cases that I have automated. I used to have to log in to all the servers. Now, it's really simple to work.

For compliance, each change I do, in each of the servers, is clearly recorded. We recently faced an audit and this was an awesome feature. Even our auditor had praise for it saying, "This is really a good feature."

In terms of automation, there are a number of cases, ARCON-related, where we are automating. It could be user-creation or services-creation inside ARCON. There are wonderful features which have really helped me a lot to automate things.

Also, a helpful feature from the compliance perspective is the reporting. Suppose there is one server and I want to know what are all the types of access to it. Suppose there are some 10 users who are using that server. I can easily fetch a report showing, for example, that there are two users who have server admin access; there are three users who have read-only access; there are five users who have prompt-access.

The connectivity of the user interface is really awesome. It is segregated properly. I don't know exactly how ARCON looks out of the box but ours has a little bit of customization. The user interface, overall, is really good. If I have some 20 servers in my ID, I can easily see for which servers I have read-only access, for which servers I have prompt-access, and for which servers I have server admin access. 

There are no APIs readily available. There are hundreds of products available on the market. It could be many applications, not just the server gateway. For many applications, by default, we will get the API. Let's say I'm trying to integrate "XYZ" application with another application. When we do that, usually, we look for APIs. But ARCON does not have the APIs readily available. Having that, for a complete end-to-end solution, would really help. 

As I mentioned, I'm working on automation for ARCON so that whatever the ARCON administrator is doing will be automated, rather than having to do it manually. For that, I had to spend months to get the API developed myself. Having that handy out of the box, that would really help, because what I am doing is not limited or restricted to the three or four cases. I'm going to automate the complete end-to-end solution of ARCON administration in our organization. So having an API would really help me.

Performance-wise, we recently upgraded. Since that upgrade, the performance has been really good. Now, I truly don't see any issues. So far so good.

There were some small glitches earlier but they have been sorted out now. There was a little bit of slowness where, when I was trying to log in to a server it used to keep saying, "loading, loading," but that has been resolved. There was another issue where I would log in to a server, but the moment I logged in, I would get disconnected. That has also been resolved. There was one more issue where, when I tried to log in to a server and key in the credentials, the credentials were not entered into ARCON. And then, due to the multiple attempts, the ID would become blocked. But that has also been sorted.

The product team, the support team is readily available, 24/7. We have direct contact. If there are any issues, I get direct support. I don't see any issue there. Overall, the tech support is very good. They are very supportive, and we are getting immediate support.

I don't recall the name of the product, but we switched because of a lot of performance issues. With that product, we used to get a lot of customer complaints as well as user complaints saying that they would be in the middle of some production activity and the performance would be very slow, causing the production activity to be delayed.

I cannot comment on the initial setup because it was done by our system admin team along with support from the ARCON team. 

We recently upgraded. There were no issues during that implementation. Our own support team was readily available, on-site, to implement it.

Although I'm not involved with this side of it, I assume pricing would have been reasonable, that is why we went for it. I would say definitely say it gives value for the money.

It has really helped us a lot. It's a wonderful platform.

We are using it for privileged identity management. We are an ARCON partner and nowadays, in the industry, every customer is asking about a PAM product.

We are using all the features. My favorite is Passive Mode.

When the ARCON product was not on the mark - we got this account six years back - we gave all the requirements to them and they took our requirements as a positive, and built all the features we wanted, because we are supporting multiple customers. Now I see the product is ready, it has all the features, it meets all the requirements.

We have given them a few more requirements like SSH keys, or to have the risk factors. They are working on those, they are in the development stage.

Also, they they should focus on support. The support needs to be very strong. Since the product is becoming stronger, their support team also should be equally strong. They should respond to open queries within the time limit they have set. Their support team should be more technical, to understand the issue or the set up.

It is a very stable product.

It is scalable.

I would rate tech support about five or six out of 10.

It is straightforward.

ARCON will give you all the features in a very cost-effective solution.

Pricing and licensing is very good compared to other players in the market. This product is from an India-based company. I feel it is also very effective.

I have evaluated other players: CyberArk, CA, Unisys, but they are all complex and costly.

Arcon fits the requirements, at a small cost.

In terms of advice, I would first check with you what your requirements are and what budget you're looking at. Budget varies but requirements are the most important. If your requirements match this product... Whenever any customer comes to us, we first check if ARCON meets their requirements. If ARCON doesn't meet their requirements then we recommend another product.

I would rate this product at eight out of 10. There are still a lot of improvements which we have suggested to them, they will probably be available within the next three or four months.

The primary use case is we want to control the access of the administrator. 

We have a lot of the administrators in our organization who have privileged access on the infrastructure, devices, servers, and network devices. We want to control this access, and at the same time, monitor this access. We use it to control privileged access of administrators on infrastructure and security devices, then monitor them from time to time.

It gives us a lot of control functions, which we were lacking in our organization. The privileged users, who are mostly administrators, are configured on the endpoints. We were not previously able to monitor, review, or control this. Therefore, it gives us a lot of comfort in terms of security level. Now, our infrastructure devices and servers are secured and nobody can have unauthorized access to them. Only the authorized users, whom we provide and approve access during any point of time, can access critical devices and mission critical systems. This is the benefit that we receive from this tool.

The best part of this product is the administrator convenience. The portal is very user-friendly. An administrator can use it very easily. This is the most important part of any privileged or anti-management solution. If it is not user-friendly an administrator will not want to use it. It has to be very user friendly and easy to use. 

What is a good feature here, just insert whatever target that you want access, then click next, and you will be in the system. I would suggest this should be the most prominent feature for any of the privileged or anti-management system.

What I like on this product: It is very easy, user-friendly, and an administrator can access it at any point in time without any hassle.

This product is lacking in terms of dashboarding analytics and should have user behavior analytics. It should also have better dashboarding for executive management and security managers, which this product is missing. 

Another important feature where this product is lacking, in terms of the managing the accounts, is in the active directory (provisioning and non-provisioning), or bridging it with the active directory. Thus, it needs anti-bridging.

ARCON needs three important things:

• The user behavior analytics should be there. 
• The dashboarding should be improved.
• Anti-bridging should be built into product.

This would make the product a comprehensive privileged R&D product.

In the future, I would like to have a type of functionality for the product with the mobile application. This would be helpful for some of our approvers, so they can approve at any point of time, sitting anywhere in the world when requests come in through the mobile application. Using the app, they can upload requests of the administrator or users. We would like to see this type functionality go on the product roadmap.

This product's performance is good, especially in terms of user access and approval metrics.

We have never faced any issues with scalability. This product is scalable enough. There are:

• Any number of services that you can add.
• Any number of users who can use it.
• Any number of infrastructure devices which can be added.
  

There are no issues in terms of support for this product.

Whenever we have had an issue, we raise a tech support ticket and immediately their tech support engineers come on a call. They do their best to try to resolve the issue. If they fail, sometimes to resolve the issue, then they work with their product team and come up with a solution immediately. The technical staff are good, and they are not facing hard issues in terms of support, because their technical skills are quite good.

We were not using another solution prior to ARCON.

It is not complicated; a very straightforward setup. Whenever they have to upgrade it, it is a 10 minute job. They upgrade the entire thing at one time. We have a two-tier architecture with a Gateway and a back-end application. Everything is deployed on the application, and the Gateway is only to connect to the end system. 

It is not multiple servers. It is not jump server technology. It is a very easy setup. You can have two servers and run it at any point of time.

The implementation is very simple. Whenever we have faced any issues, the vendor team can easily come and troubleshoot it, because of the simple setup which they have.

It is good value for our business. According to me, their competitors are more costly. Therefore, it is quite affordable. I find the ARCON to be much cheaper than the other products in the market.

Their licensing model is very simple, as it is based on the number of endpoints which you want to manage along with the number of users and administrators which you want to use. In terms of licensing, they are very flexible, because it is not a hard license. The licensing is simple, and there are only two types licensing: device licensing and user-based licensing.

We evaluated many other solutions along with the ARCON. We identified this solution as the best in terms of its accessibility. That is a main point. If an administrator can accept this, and it is very easy to use, it will be a successful product. 

We evaluated other products in the market, besides CyberArk. Ultimately, we decided to stick with this product. The cost is also a technical factor apart from the user convenience, which was the prime factor along with user acceptability. These were the two factors that we considered. Then we went ahead with ARCON.

While I have seen other products, and they are very good with dashboarding, reporting, etc. However, the analytics are so complex that the user is not able to use the product. There is a restriction in connection and containerization. You cannot take sessions, because others have taken sessions. Those are the constraints and challenges with other tools. 

Those challenges were there with the other tools, which I do not find in this tool. This tool is very simple and straightforward. If you have access, you can access the end system. From the moment our administrator accepted this tool, we did the PoC for this tool and they liked it.

The product is really a good product and a good value for the money, in terms of costs, user convenience, and functionality that they offer. It is a comprehensive, apart from a few things. The dashboarding and analytics are not very good, so they have to work on these two parts. Apart from those, they should have an anti-bridging functionality too. They are lacking only with these few things. I am sure they will be working on these points very soon, and they will be add to the roadmap to bridge the gap.

If any customer is looking for this product, and comparing it with another product in the market, I would suggest that they do a proper PoC. Do not go with marketing and branding terms. They should do proper business cases and give it to their administrators, then ask them to use it for at least a week or 10 days time. Afterwards, they should decide whether they want to ahead with this product or another product in the market.

It was much more challenging to support Arabic language and some legacy IE9 supported applications integration. But Professional Services solved the issues very well.

Session recording, as it covers compliance and it also covers our in-house applications.

It should support the SQL Always On platform with FQDN name instead of IP, so where all the databases are managed centrally.

In our company, we are not managing single-single SQL Servers, we are putting in a technology called Always On, where all the databases are managed centrally.

Whatever solutions or tools we have, we need one SQL instance or something that we can provide from that Always On system so that way, from the database side, there is high availability, it is in two or three different physical locations. If tomorrow something bad were to happen, and your main site was down, you wouldn't need to worry because all the same data would be available on the other site.

For this database, ARCON first said, "We do support Always On." Then we started migrating this database to the Always On database and slowly we came to see that they have two different databases, which are keeping recording logs or something - the sessions become very high. As soon as it is replicating, it is not shrinking the database. They told us, "Okay, keep our database separate from your Always On. Give us a standalone." 

So the reason that's not going to benefit our organization is because, single-handed, we were managing from one platform. Now we have to manage two, three, four, five different, single-single, standalone databases, which will create more overhead for our admin staff.

One time, due to database connectivity issues.

Not yet, although a couple of our requirements were solved with the next patch release.

Five out of five. No doubt they are good.

We did not have a previous solution. We evaluated some solutions and then started using ARCON. We found the potential was there in ARCON because it was supporting the applications which are only OS-based. That means, if you have Linux OS or Windows OS, it is supporting you. But from the application point of view, no one was supporting it, so that was a plus-point which contributed to ARCON being selected.

Initially, there were some issues with .NET applications in Windows 10 systems, but with the help of our internal IT support we overcame the issues.

Pricing is low and licensing is flexible.

We evaluated TPAM, Centrify, CA, CyberArk and InspectView and, of course, ARCON. 

There were a couple of other products which were causing us pain points, like Tripwire IP360. Then Tripwire, they also have something called CCM, Configuration Compliance Manager.

Definitely go for user training before full deployment.

This solution is used by system administrators that need to access critical servers. They need to log in using this product, and it then logs their activities.

The only advantage this product has over competitors is the price. It's cheaper than competing solutions.

That dashboard is okay.

The password vaulting is robust.

This product has only a basic set of features. There is nothing really special about it.

The support services need to be improved.

The interface should be easier to use. One thing that would help is better documentation.

Managing users is difficult, so that is something that can be improved.

I have been working with ARCON Privileged Access Management for more than three years.

This product is relatively stable.

This is a highly scalable solution.

This product can be good in a small enterprise but when the environment is too big, it will be difficult to implement. It is only good for banks. For certain environments, it is very bad.

The support is very bad. This is an area that needs improvement.

I have experience with several similar products across different organizations. These include SIEM solutions, as well as Micro Focus ArcSight and IBM QRadar.

The initial setup is relatively easy. I would not say that it is overly easy or overly complex. However, the end-to-end implementation process is very complex. This is something that needs to be better.

The cost of this product is very cheap, comparatively in the global market.

Indian products are cheaper than American products, and they penetrate the market easily because of the price. There are no eye-catching activities or support. Rather, the advantage they gain is because of the price.

I would rate this solution a four out of ten.

I'll provide feedback on additional features after the project is completed. I think it would be better to comment on that after the implementation is finished.

I have been testing this solution for the past month. 

The deployment is not finished yet. To assess performance and stability, the project needs completion. Currently, our professional service is actively involved, managing tasks related to services and users in the ongoing termination process.

Currently, I'm in constant communication with them. They are professional, helpful, and highly experienced.

Positive

They need to simplify the implementation process. I've observed that sometimes the professional service is focused on the database, especially around log shipping, and it can be challenging.

I'm actively involved in the deployment process, but it's carried out by our professional service. Our plans are implemented through this service, acting as intermediaries between our clients and the professionals. The implementation typically takes around a month, but various issues, such as management, resources, and other challenges, may arise during the deployment.

One notable difficulty we face is the lack of exceptional resources for deploying the solution in our plans. Despite encountering challenges, our satisfaction with the professional service remains high. They are dedicated to implementing the solution effectively.

I'm uncertain about the licensing, specifically the pricing. This falls under the purview of other teams, particularly the sales teams. I am not informed about the pricing details.

I would rate it a ten out of ten overall. It's scalable and easy to deploy. However, I have some concerns. I noticed there are no instructional videos or guides on the network portal for initial configurations. There is limited information available, and this is a concern for me. I would like to see more resources and guides to address these issues.

Regrettably, this product remains incomplete, and the interim phase is still pending. It is challenging to determine its effectiveness due to some significant initial license issues.

We're using it for managing the access to our devices; privileged administrative access to the devices is handled through ARCON.

Previously, we had to go through some effort to change the credentials of our devices. The process was subject to human error. For example, if someone missed the schedule, the password would not be changed. For things like managing credentials, some kind of register had to be maintained.

With the Password Vault of ARCON, all these processes are automated. The credentials are changed, as per the schedule. The information is encrypted, kept in our vault, and sent to all the email addresses within the ARCON solution itself.

It has helped us in automating all the work we do. For instance, it helps us in forensic analysis. It helps us find out who has done what; what was done by the user. Also, managing the accounts on the devices has become easier.

The most valuable features are the password management and the logs that are captured. We use both extensively.

Currently, we can manage only the SSH or RDP connections, but there are many more devices that are present, apart from our SSH and RDP. We want all this to be part of the ARCON solution. For the password management, they should increase the pool of supported devices, they should have more connectors.

They have to work on their tech support. 

In addition, they have to consider that upgrades should be easy for the administrators. Currently, along with the upgrade of the ARCON solution, we have to consider the desktops and the endpoints from where the solution will have to be accessed. We have to upgrade those endpoints and desktops as well. So upgrades are not smooth.

They also have to work on a cloud solution, because most things are going towards the cloud. A cloud integration should be considered in ARCON. We have not seen one up until now.

We have not encountered any major problems with the product. We are able to use it without any problem.

We haven't had any scalability issues.

They need to improve on technical support, because ARCON has become a critical application. They should provide 24-hour support. But we've observed, in many scenarios, we don't get the support we need until the managers are involved. So they have to improve on the tech support.

We started with ARCON because a few of our projects were using it and, when we were thinking in the direction of adopting a PAM solution, we got recommendations from the projects that we should consider it.

The initial setup was straightforward. We had a team that helped us in deploying the solution. While deploying the solution, they planned the architecture and the information they would be needing. They provided that to us beforehand and, post-deployment, they arranged training for the team on two occasions.

The product's pricing is a good value. It's appropriately priced. The product has all the required features. It doesn't work in some of the areas but, overall, it's pretty good.

We considered CyberArk and CA PAM.

My advice would depend on how your administrators are placed, because it depends a lot on the desktop that they're using. It has dependencies on the .NET framework the ActiveX version. So, if you have a uniform environment, and it's very easy to upgrade the endpoints, then ARCON could be considered. Because, for any upgrade of the ARCON solution, an upgrade of the endpoints is required, for the desktops. It's from there that the administrator will be accessing the ARCON solution. It is a little complex. But if you have a uniform environment, you should consider ARCON.

It has all the capabilities and the customization is easy, but there are the problems with tech support and upgrading the solution which has a lot of dependencies. Because of those dependencies, we cannot consider deploying the upgrade quickly.

It has positive and negative points.

The primary use of the solution is to give privileged access to critical resources, including monitoring and auditability.

Whatever my scope was, it was covered by the application.

I recently was having an issue with the Office 365 web browser. Therefore, I reported this problem to the ARCON team, and they brought in developers. They made it compatible with the new browser station of Office 365. 

The locks, which can be features. You can group various departments to obtain the approval records for workflows. Therefore, it creates a type of automation, and I do not have to manually do everything or configure things.

Video and audio logs are there for any activities that the privileged admin carries out.

For the in-house built applications, they need to provide good, solid access through their portal.

It has been very stable. I have not had an issue with this product.

It is a scalable product.

A year ago, our infrastructure was on-premise. Then, we moved to the cloud infrastructure. Even during that time, it was very easy for us to move this application and database from on-premise to cloud, as well as configure new things, such as load balancing. The product is very compatible.

When we transitioned from our on-premise to the cloud environment, and even during the transition period, we did not face any challenges or any problems with this product. There was just minor tweaking that we had to do with the new features on the cloud, like failover, as well as autoscaling.

Tech support is quite good. They have been right there to help me out. 

Their support details are good. 

We did not use a previous access management tool. This product seems to appropriately meet our scope financially, as well as technically, which is why we went for it.

Implementation was very straightforward. 

Implementation may take about half a day, then you have to create your environment. However, this depends upon how many resources that you need to configure through it. If you want to give access and resources to people, then you should have a clear plan for your implementation. For example, which groups should you give access to. These things take about half a day to implement. Then, configuration is about a day. 

Product pricing is based on users and connections. We did not have to pay more for additional features.

They do have some licenses, which are required for things like Linux servers. However, in my environment, we do not have Linux servers. 

We also evaluated Densify.

I am satisfied with the application. The scope and specs that we had are met by this product. It is a very good product which is scalable.