No more typing reviews! Try our Samantha, our new voice AI agent.

IBM Tivoli Access Manager [EOL] vs Idira Endpoint Privilege Manager comparison

The compared IBM and Idira by Palo Alto Networks solutions aren't in the same category. Idira by Palo Alto Networks is ranked #5 in PAM , with an average rating of 8.7, and holds a 2.3% mindshare. Additionally, 93% of IBM users are willing to recommend the solution, compared to 86% of Idira by Palo Alto Networks users who would recommend it.
Idira Endpoint Privilege Ma...
Read 38 Idira Endpoint Privilege Manager reviews
  • 5,857 Views
  • 1,757 Comparison Views
86% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between IBM Tivoli Access Manager [EOL] and Idira Endpoint Privilege Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Single Sign-On (SSO) Report (Updated: June 2026).
Buyer's Guide
Single Sign-On (SSO)
June 2026
Download the complete report
Helped 900,644 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

IBM Tivoli Access Manager [...
Average Rating
8.0
Reviews Sentiment
3.8
Number of Reviews
29
Ranking in other categories
No ranking in other categories
Idira Endpoint Privilege Ma...
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
38
Ranking in other categories
Endpoint Compliance (5th), Privileged Access Management (PAM) (5th), Anti-Malware Tools (11th), Application Control (5th), Ransomware Protection (6th)
 

Featured Reviews

it_user711612 - PeerSpot reviewer
it_user711612
Senior Consultant at a insurance company with 1,001-5,000 employees
Reverse proxy provides central control over authentication and authorization.
It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…
Read full review
Sumit Chavan - PeerSpot reviewer
Sumit Chavan
Lead Consultant at a tech vendor with 501-1,000 employees
Helps secure the infrastructure and control users with admin rights
There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the primary function of this product allowing the administration of user/network accounts with a fair amount of ease."
"Centralized policy management and reverse proxy-based architecture make it very flexible in terms of deployment, adoption, and implementation."
"Flexibility to connect with different environments and product stability are the best features."
"It is a good solution for anyone to take to their enterprise and get a buy in."
"It is one of the best products in the present market in the area of access management."
"The SSO, URL-based access control, OAuth 2 and OIDC are the most valuable features."
"Several SSO methods are supported out of box, federation based SSO (SAML / Oauth / OpenID etc) setup is easy, performance and scalability are very good, and the internal STS token service can be used for custom SSO tokens."
"The Verify feature: A push method which customers are going for."
More IBM Tivoli Access Manager [EOL] pros
"Our setup process is moving to the cloud, which is very good. It reduces complexity."
"The feature called PTA, which stands for Privileged Threat Analytics keeps track of what admins are doing and works with Centimeters. If something fishy is going on with a user's credentials, it alerts the security team so they can act fast. Plus, it automates stuff like resetting credentials or blocking users. So, if there's a potential hack, CyberArk can change passwords and lock out users in a snap. It also gives you a heads-up if anything unusual is going on with server activities, like someone creating new users with uncontrolled credentials."
"The most valuable features of CyberArk Endpoint Privilege Manager are password management, session management, onboarding rules, platform customization, and safety management."
"The tool is an endpoint management system. It monitors everything a standard user does and helps elevate privileges when necessary for advanced users. It keeps an auditable trail of all activities. Practically, it stops and blocks potentially hazardous user behavior, whether intentional or unintentional. Certain companies must use endpoint management software because of national or international rules or ISO norms."
"It identifies the original source, and all instances of malicious applications in the environment."
"This is the number one product for privilege account security."
"Their customer support was excellent."
"CyberArk Endpoint Privilege Manager has significantly improved our security posture by preventing virus incidents and restricting users from downloading unwanted applications."
More Idira Endpoint Privilege Manager pros
 

Cons

"Initial setup was complicated because TAM was implemented as a part of the IDM solution."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"There is only a single step-up authentication path, but I have sometimes seen the need for several steps or a divergent path."
"Web Portal Manager does not implement the full set of functions found in the command line"
"The license model is pretty complex."
"Yes, because there are so many moving parts it can often be difficult getting it right first time."
"Sometimes, there are long running support tickets (for 6-8 months) and that is unacceptable from the customer's point of view."
"The whole product could be made into one suite instead of multiple components which are essentially a part of the same infrastructure."
More IBM Tivoli Access Manager [EOL] cons
"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."
"CyberArk Endpoint Privilege Manager can improve its Identity Governance, which is already working effectively yet could continue to enhance its capabilities."
"It was complex to introduction the product to the end-users and the technical team."
"The product is expensive."
"CyberArk Endpoint Privilege Manager is a perfect solution, but CyberArk Endpoint Privilege Manager for Linux has many issues. Another area for improvement in CyberArk Endpoint Privilege Manager, specifically for Windows, is that there's no way for you to check credential theft from a text file, such as a notepad file."
"The management of Privilege Access is not satisfactory."
"A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good."
"Despite newer versions and functionalities, CyberArk Endpoint Privilege Manager lacks sufficient knowledgeable support staff, resulting in longer wait times for assistance."
More Idira Endpoint Privilege Manager cons
 

Pricing and Cost Advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."
"The price of CyberArk Endpoint Privilege Manager is expensive. The solution is priced based on the number of accounts onboarded and the number of concurrent sessions. Everyone else is included in the price, such as support."
"The solution's pricing is reasonable compared to other vendors' products."
"It's not at the lower end of the market. I think the price is reasonable considering the quality it delivers. It is a top-notch solution at a fair price point."
"Pricing depends on how many devices you use. Right now, on-premise, it costs us a little, but it's worth it. It seems like the cloud solution is much more expensive. We got this solution one year ago, and it's like we bought the solution, and now they are not going to support it on-premise anymore. We are in the implementation phase, and we missed this, and we already paid for the licenses. This is wasted time from my perspective, and CyberArk should be more customer-friendly."
"licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record."
"Although I do not deal directly with the pricing, CyberArk Endpoint Privilege Manager is costly compared to other solutions. However, it offers beneficial features."
"The price of CyberArk Endpoint Privilege Manager is expensive."
"The tool's pricing is reasonable for customers."
More Idira Endpoint Privilege Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Single Sign-On (SSO) solutions are best for your needs.
See recommendations
900,644 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Construction Company
14%
Marketing Services Firm
13%
Outsourcing Company
13%
Financial Services Firm
15%
Manufacturing Company
12%
Computer Software Company
7%
Construction Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise18
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise9
Large Enterprise19
 

Questions from the Community

Ask a question
Earn 20 points
Looking for recommendations and a pros/cons template for software to detect insider threats
This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...
See all answers
What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?
I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...
See all answers
What needs improvement with CyberArk Endpoint Privilege Manager?
While CyberArk Endpoint Privilege Manager is a great tool, I believe the functionality could be wider. If it could work not only with permissions but also involve pure EDR tasks or User and Entity ...
See all answers
 

Comparisons

Symantec Siteminder vs IBM Tivoli Access Manager [EOL] Logo
Symantec Siteminder vs IBM Tivoli Access Manager [EOL]
Compared 13% of the time
Idira Privileged Access Manager vs IBM Tivoli Access Manager [EOL] Logo
Idira Privileged Access Manager vs IBM Tivoli Access Manager [EOL]
Compared 9% of the time
SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL] Logo
SailPoint Identity Security Cloud vs IBM Tivoli Access Manager [EOL]
Compared 8% of the time
Okta Platform vs IBM Tivoli Access Manager [EOL] Logo
Okta Platform vs IBM Tivoli Access Manager [EOL]
Compared 7% of the time
Symantec Identity Governance and Administration vs IBM Tivoli Access Manager [EOL] Logo
Symantec Identity Governance and Administration vs IBM Tivoli Access Manager [EOL]
Compared 3% of the time
More IBM Tivoli Access Manager [EOL] Competitors
BeyondTrust Endpoint Privilege Management vs Idira Endpoint Privilege Manager Logo
BeyondTrust Endpoint Privilege Management vs Idira Endpoint Privilege Manager
Compared 6% of the time
Idira Privileged Access Manager vs Idira Endpoint Privilege Manager Logo
Idira Privileged Access Manager vs Idira Endpoint Privilege Manager
Compared 5% of the time
Microsoft Defender for Endpoint vs Idira Endpoint Privilege Manager Logo
Microsoft Defender for Endpoint vs Idira Endpoint Privilege Manager
Compared 5% of the time
Ivanti Endpoint Security for Endpoint Manager vs Idira Endpoint Privilege Manager Logo
Ivanti Endpoint Security for Endpoint Manager vs Idira Endpoint Privilege Manager
Compared 4% of the time
CrowdStrike Falcon vs Idira Endpoint Privilege Manager Logo
CrowdStrike Falcon vs Idira Endpoint Privilege Manager
Compared 4% of the time
More Idira Endpoint Privilege Manager Competitors
 

Product Reports

Buyer's Guide
IBM Tivoli Access Manager [EOL]
June 2026
IBM Tivoli Access Manager [EOL] reportDownload IBM Tivoli Access Manager [EOL] product report
Buyer's Guide
Idira Endpoint Privilege Manager
June 2026
Idira Endpoint Privilege Manager reportDownload Idira Endpoint Privilege Manager product report
 

Also Known As

Tivoli Access Manager, IBM Security Access Manager
Viewfinity
 

Overview

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.
IBM

CyberArk Endpoint Privilege Manager enhances security by controlling access, removing admin rights, and managing privileges. It supports diverse environments with simple integration, focusing on credential detection, threat protection, and compliance.

CyberArk Endpoint Privilege Manager secures enterprise passwords, monitors session connections, and enhances cybersecurity by controlling privileged access. It blocks unauthorized applications, monitors user activities, and secures credentials across platforms. Key areas include Just-In-Time Access, privilege separation, and local administrator password rotation. While robust, challenges exist with performance, complexity, and setup. Integration with Linux and Unix needs improvement, requiring advanced reporting tools and easier policy management. Pricing concerns and maintenance issues with Windows servers persist, as well as database issues in the on-prem version.

What are the key features of CyberArk Endpoint Privilege Manager?

  • Admin Rights Removal: Eliminates unnecessary permissions to enhance security.
  • Privilege Management: Offers detailed control over user access rights.
  • Password Rotation: Automatically updates passwords to protect sensitive data.
  • Threat Protection: Blocks malicious applications and threats proactively.
  • Audit Capabilities: Provides comprehensive security and compliance tracking.
  • Application Control: Confines access to authorized applications only.
  • Automatic Updates: Ensures security protocols and software remain current.

What benefits should organizations expect from CyberArk Endpoint Privilege Manager?

  • Enhanced Security: Reduces risks by controlling credential and application access.
  • Compliance Assurance: Meets industry standards through thorough tracking and reporting.
  • Scalable Integration: Adapts to different environments smoothly.
  • Reduced Management Efforts: Automates credential and policy management.

Organizations deploying CyberArk Endpoint Privilege Manager in industries such as finance, healthcare, and technology benefit from secure credential management across Unix, AWS, and GCP. By implementing privilege separation and monitoring user activities, they achieve effective risk mitigation and compliance across multiple platforms.

Idira by Palo Alto Networks
 

Sample Customers

Essex Technology Group Inc.
Information Not Available
Buyer's Guide
Single Sign-On (SSO)
June 2026
Download Free Report
Find out what your peers are saying about Microsoft, Okta, One Identity and others in Single Sign-On (SSO). Updated: June 2026.
DOWNLOAD NOW
900,644 professionals have used our research since 2012.

We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.