We performed a comparison between CyberArk Privileged Access Manager and Netgate pfSense based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"All of the features of CyberArk Privileged Access Manager are valuable."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"It is an extremely scalable solution."
"CyberArk has allowed us to get the credentials and passwords out of hard-coded property files."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"The automatic rotation of credentials is probably the most useful feature."
"A very stable product that lasts over time, easy to understand, and administer."
"The scalability is very good, where you can do an HA configuration and then bring in another box, if necessary."
"Technical support is perfect, excellent."
"It is a better firewall than others and it has better features."
"I am happy with the EPLS, the radius, and I am happy with the captive portal."
"I'm the expert when it comes to Linux systems, however, with the pfSense, due to the web interface, the rest of the staff can actually make changes to it as required without me worrying about whether they've opened up ports incorrectly or not. The ease of use for non-expert staff is very good."
"It is effective. We have not had any problems."
"My company mainly works in the health and educational domain, schools and universities. I prevent the improper use of content from schools and universities. I defend the medical records for the patients in our hospitals. That is the main use case for me for the firewall."
"It is web-based, but other competitors have apps. We need to get there. It is just smoother to have an app. You don't have all the bugs from having a browser, and people like them better, since you can get to them via mobile."
"Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."
"The turnaround time for technical support is lengthy."
"I would like easier integrations for creating an online dashboard that executives would look at or are able to run reports from the tool."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."
"The initial setup has room for improvement to be more straightforward."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"I would like to see SD1 integration into the software. That would be fantastic."
"Perhaps the documentation is not clear and because it is supported in the community there is no basic documentation."
"The solution could use better reporting. They need to offer more of it in general. Right now, the graphics aren't the best. If you need to provide a report to a manager, for example, it doesn't look great. They need to make it easier to understand and give users the ability to customize them."
"Could be simplified for new users."
"The solution’s interface must be improved."
"It should integrate with LDAP, Active Directory, etc, to improve the way in which the traces and connections of each IP, or user connected through the firewall, are shown."
"I'd like to find something in pfSense that is more specific to URL filtering. We have customers who would like to filter their web traffic. They would like to be able to say to their employees, "You can surf the web, but you cannot get access to Facebook or other social media," or "You can surf the web, but you're not allowed to gamble or watch porn on the web." My technicians say that doing this kind of stuff with pfSense nowadays is not easy. They can implement some filters using IP addresses but not by using the names of the domains and categories. So, we are not able to exclude some categories from the allowed traffic, such as porn, gambling, etc. To do that, we have to use another product and another web filter that uses DNS. I know that there are some third-party products that could work with pfSense, but I'd like the native pfSense solution to do that."
"Improve analysis of logs and dashboards (control panel) with improved alert functionality."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Netgate pfSense is ranked 1st in Firewalls with 128 reviews. CyberArk Privileged Access Manager is rated 8.8, while Netgate pfSense is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Netgate pfSense writes "User-friendly, easy to manage the firewall, rule-wise and interface-wise". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Netgate pfSense is most compared with OPNsense, Fortinet FortiGate, Sophos XG, KerioControl and Sophos UTM.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.