Enterprise Solutions & Services Head at a tech services company with 11-50 employees
Real User
Top 20
2024-10-09T15:09:00Z
Oct 9, 2024
Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM. The product has not kept up with market demands or introduced new features to compete with other solutions. A basic feature like multiple levels of approval in PAM is missing. It is essential for Broadcom to innovate and develop new features to compete effectively.
There should be some training platform similar to Microsoft and IBM. We can't find useful documentation or YouTube videos to learn about the process. They should include some assignments in the test environment to explore the product's features.
We have to do a lot of manual work to automate features. The initial phase is simple, but it is difficult to configure our requirements. In addition, the integration between Symantec Privileged Access Manager and identity governance has to be better.
The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment. This solution is out of support now, so we are moving to BeyondTrust. With BeyondTrust, we have a dedicated team working on those products that is specialized and easily understands our environment. It should have cloud features. One of the reasons we are using BeyondTrust is that we are going away from the VPNs. BeyondTrust doesn't require a VPN.
I think the management console could be improved. I have just watched a demo video for the management console and I think it may need to be simplified. I haven't yet had hands-on experience with the solution so it's difficult to comment on possible additional features.
Learn what your peers think about Symantec Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Solution Architect at a tech consulting company with 501-1,000 employees
Real User
Top 5
2018-10-29T15:46:00Z
Oct 29, 2018
An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username. Also, it would be nice to have a single sign-on, but that particular portal doesn't allow any copy/paste. In addition, I have an additional suggestion. I will give you a scenario. In regards to the licensing, I have some concerns. The NAS team, they want to have 24/7 support. The NAS team is the one actually using this CA PAM. So, the total count is some hundred members. But at other times, the login is 23 members. So it's like a batch. Every 7 hours there is a batch change, so every 7 hours 23 members will change. But when I ask for a licensing part, they are saying we have to take 100 license, not 23 license. Each time I have to ask for 100 licenses, even though I have only 23 members at a time using the solution. If there were any options for concurrent usage of a license, that would be a better option.
Service account management is a key area where the product needs to develop. Currently, the product supports service account discovery, but only if the host name of the server is known. For unknown host names, it is still a dark area. In comparison with Thycotic and CyberArk, the service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc.
CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources. It includes CA PAM Server Control (previously CA Privileged Identity...
Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM. The product has not kept up with market demands or introduced new features to compete with other solutions. A basic feature like multiple levels of approval in PAM is missing. It is essential for Broadcom to innovate and develop new features to compete effectively.
There should be some training platform similar to Microsoft and IBM. We can't find useful documentation or YouTube videos to learn about the process. They should include some assignments in the test environment to explore the product's features.
We have to do a lot of manual work to automate features. The initial phase is simple, but it is difficult to configure our requirements. In addition, the integration between Symantec Privileged Access Manager and identity governance has to be better.
The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment. This solution is out of support now, so we are moving to BeyondTrust. With BeyondTrust, we have a dedicated team working on those products that is specialized and easily understands our environment. It should have cloud features. One of the reasons we are using BeyondTrust is that we are going away from the VPNs. BeyondTrust doesn't require a VPN.
I think the management console could be improved. I have just watched a demo video for the management console and I think it may need to be simplified. I haven't yet had hands-on experience with the solution so it's difficult to comment on possible additional features.
I would like this solution to be simpler. It should have a one-click access that works together with AWS.
An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username. Also, it would be nice to have a single sign-on, but that particular portal doesn't allow any copy/paste. In addition, I have an additional suggestion. I will give you a scenario. In regards to the licensing, I have some concerns. The NAS team, they want to have 24/7 support. The NAS team is the one actually using this CA PAM. So, the total count is some hundred members. But at other times, the login is 23 members. So it's like a batch. Every 7 hours there is a batch change, so every 7 hours 23 members will change. But when I ask for a licensing part, they are saying we have to take 100 license, not 23 license. Each time I have to ask for 100 licenses, even though I have only 23 members at a time using the solution. If there were any options for concurrent usage of a license, that would be a better option.
Service account management is a key area where the product needs to develop. Currently, the product supports service account discovery, but only if the host name of the server is known. For unknown host names, it is still a dark area. In comparison with Thycotic and CyberArk, the service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc.