Submitted by admin on December 12, 2016
CyberArk vs Lieberman vs Ekran System
With privileged identity management being one of the most representative and important part of an enterprise cyber security policy, we decided to look closer to three products: Cyberark vs Lieberman vs Ekran System. We compare their features and effectiveness from the insider threat detection and prevention point of view and give some recommendations to help you decide which one better suits your company profile and needs.
|
Ekran System |
Lieberman Enterprise Random Password Manager |
Cyberark Privileged Account Security Solution |
Overview |
User activity monitoring solution for insider threat prevention |
Privileged credentials management platform with related activity audit and reporting features |
Privileged Identity Management platform with user action audit and analysis features |
Target audience |
SMB and large enterprises |
Large companies with the need for extensive privilege access management |
Large companies with the need for extensive privilege access management |
Price |
* |
*** |
**** |
Architecture |
Agent-based solution |
Jump server solution |
Jump server solution |
Feature set |
|
|
|
Additional benefits |
|
|
|
Product Review Summary
Cyberak and Lieberman vendors are direct competitors in the PIM market. Both provide solutions with broad privileged account discovery and credentials management capabilities, while including session recording as an additional feature. Action audit of Lieberman ERPM and security intelligence of Cyberark are focused first of all on the credentials compromise and password management operations.
In terms of the client profile, both solutions target large enterprises with extensive infrastructures and compliance regulations on the agenda. Generally, Lieberman ERPM is more affordable and easier in use, while Cyberark Privileged Account Security Solution provides expandable reach feature platform and advanced security intelligence.
At the same time, Ekran System’s primary focus is user activity monitoring with catching all details of any performed action, from login to configuration changes to USB device connections. Together with non-intrusive deployment, floating licensing, and easy ones-to-thousands scalability, it makes Ekran System a perfect choice for incident investigation and continuous insider threat detection tasks. This product would also be a good choice for SME users due to its cost-effective licensing schemes and in-built basic server access control tools.
Covering any existent infrastructure architecture, including already set up jump servers, Ekran System can be considered not only as an alternative but also as an additional solution for Lieberman or Cyberark to provide extended monitoring and session analysis capabilities.
Architecture and Deployment
When you choose Lieberman vs Cyberark, you must accept that any of this deployments will require some time and some changes in your existent infrastructure access and interaction schemes. Both solution use agentless approach based on the jump server architecture with any privileged session first accessing a privilege access management jump server and then destination end-point.
Ekran System uses a different approach. It has a traditional server-agent architecture with agents being installed on the target servers – to record all concurrent sessions there – and, if required, workstations – to record all local and remote sessions on them. Ekran System agent can be also installed on a jump server thus recording all sessions redirected from it. Agent deployment options include remote agent installationand installation by means of a third-party server with automated agent provisioning available for virtual environments.
While agent-based architecture is traditionally considered riskier in terms of performance problems, the practice shows that a single access point of a jump server type can frequently become a performance bottle-neck and thus require access scheme re-design. Being less architecture-intrusive, agent-based Ekran System has in-built performance optimization features and transparently balances loading.
Agent-based deployment generally does not have “threshold” limitations and is easily scalable as new controlled end-points can be added in several clicks.
User Activity Monitoring
While Lieberman vs Cyberark both focus first of all on the credentials management and privilege automation capabilities, having session recording and activity audit as additional features, Ekran System in this comparison is first of all user activity monitoring solution, delivering some in-built access management tools.
Thus, both Cyberark and Lieberman focus attention on the identity-related, access-related and credentials-related operations they assist with. Lieberman ERPM delivers a set of specific event alerts and compliance-focused reports around privileged account credentials and account management. Cyberark Privileged Account Security Solution includes in-built set of self-learning algorithms – security intelligence – that continuously monitors infrastructure and network traffic to detect compromised accounts and other threats.
Ekran System equally monitors any user activity during the working session, whether it is configuration changes, data access, web activity, or work with devices. The solution creates a multi-layer activity index to accompany session video-recording to facilitate search and analysis. Ekran System includes a collection of inbuilt alerts on events, which can be signed of a malicious activity, as well as a set of tools to create and customize specific user-defined alerts with associated risk rating.
All three solutions have broad reporting capabilities. While Cyberark or Lieberman deliver more formalized reports for compliance audits, Ekran System provides a range of universal reports aimed first of all on the pressing security issue investigation and continuous user-based threats monitoring.
Access Management
Being specialized solutions, both Cyberark and Lieberman tools provide a rich set of industry-recognized privileged identity management tools and technologies, from the automated least privilege enforcement to the embedded application credentials.
Both Cyberark and Lieberman deliver comprehensive privileged account discovery for various infrastructure components, from endpoints to business software to cloud services. At the same time, CyberArk provides broader set of account control tools, while Lieberman solution is easier to work to with and has a comprehensive set of out-of-the-box compatibility features.
Ekran System has several basic in-built access management capabilities such as secondary authentication for shared logins and one-time passwords with manual supervisor approve for accessing critical end-points.