Cyber-Ark's product was sent to us in pre-configured VMware-format virtual machines. While it's Cyber-Ark's policy to install 100% of its products, we requested this optional product delivery mode that allowed us to install the product ourselves.

Enterprise Password Vault (EPV) stunned us with the breadth of server operating systems, devices and applications for which it can supply privileged password system support.

EPV, because of its comparatively deep LDAP support, could work with virtually everything in our lab, ranging from virtualized Windows, Linux, FreeBSD, and MacOS servers to Microsoft SQL Server and Cisco IOS devices. The examples of how to connect to these devices and customize EPV 'Vaults' and 'Safes' gave us templates to use that didn't mandate becoming experts in how this privilege account manager works. EPV's infrastructure 'intelligence' and its integration level are a cut above the competition.

Click to see: Cyber-Ark EPV holds passwords in managed 'safes' that can be verified and reconciled automatically.

Everything we used in our test bed was covered. Linux? Check. Solaris? Check. MacOS? Check. FreeBSD? Check. If LDAP (this includes Windows LDAP) is correctly configured, the integration is very fast. If you've got a quirky LDAP deployment, then the user interface helps you configure generic privileged password objects to be used across the network. EPV also created vaults and safes for secure data storage, as well as secure network directories under LDAP, with ease.

There are four components to the EPV system, its Enterprise Password Vault (the password and access storage system), its Central Password Manager (CPM -- the core privileged account management application), its Password Vault Web Access System (PVWA – which provides the method by which users request passwords and high-level administrators approve the requests), and EPV's Application Identity Management component (AIM -- which performs application-to-application password management.)

EPV uses a vault -- and safes within the vault where passwords are kept for specific resources on the network – a metaphor to allow administrators to aggregate access groups by like-type.

Inside each vault are groups that use a common methodology to gain access to a resource requiring privileged access. For instance, we tapped recommended vaults provided by Cyber-Ark and used them to create access to our test Windows 2003, Linux, and BSD servers with relative ease, as the settings are understandable and rapidly replicated.

Whitepapers

• Boost Productivity While Cutting Costs with Next-generation Collaboration
• Deploying Virtualized NetWare on Linux Whitepaper
• Driving Business Success Through Workgroup Choice and Flexibility
• Toward More Flexible, Next-Generation Collaboration Solutions
• Collaboration Tools and Organizational Success Whitepaper
• The ROI and TCO Benefits of Data Deduplication for Data Protection in the Enterprise

View more SECURITY whitepapers

Webcasts

• Creating a high performance workplace with wireless networking
• Harnessing the power of communications to increase workplace performance
• Making data centers the IT strategic focus
• Protecting assets and employees with IP Video Surveillance
• Stay out of the headlines: Detecting and preventing network intrusions
• Transforming the Enterprise WAN Edge: Video from Cisco

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• IP address management in 2008 - six things to know
• The self-managed network

View more SECURITY special reports