We performed a comparison between BeyondTrust Password Safe and BeyondTrust Privileged Remote Access based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Screen recording is valuable, and integration with applications is easy. We can customize whatever we want. We did a lot of application integration using scripting."
"The solution protects organizations from internal and external threats."
"It simplifies your compliance and tracking to benchmark other credentials and analytics."
"BeyondTrust Password Safe has good reporting and Smart Rules which makes it convenient. Though Smart Rules are convenient, those who do not have much experience with such things may find it difficult to understand how these things work. Otherwise, I find Smart Rules very convenient to work with."
"I like the session recording feature. I also like the analytics and reports. You can pull up a report, and the UI is fantastic. The system is recording when nobody's there, so we have a record of what's happening."
"The ability to manage privileged account passwords is the most valuable feature."
"Session recording, password rotation, and password vaulting are the most valuable features."
"The CI/CD and REST API are also satisfactory; the solution has a full PAM feature set and they all work well."
"The visibility of the solution's Vault works as it is supposed to: out-of-the-box for domain accounts, endpoints, and local accounts associated with discovery jobs."
"PRA stands on its own as a full solution. This is important because it reduces the need to maintain a lot of different services. Also, the integration between those services are sometimes not easy to maintain. So, having a solution like BeyondTrust Privileged Remote Access reducing our workload gives us enough time to work on our other issues. The system just runs and does what it is supposed to do."
"I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature."
"We like the integration with Active Directory. It allows us to discover the endpoints and user accounts that need protection. It's a good way of securing our privileged access."
"We can truly elevate our admin rights while we're in there to fully take control of a system and manage it as if it was sitting right here on our desk. Most of the organization has gone to remote work or work from home. With that being the case, this solution allows us to be able to still work with our end-users, even though they're not always sitting on our network."
"Its security, simplicity, and ease of deployment and maintenance are the most valuable. It is FIPS compliant, so it goes through severe penetration testing every one year or two years. They have to maintain this compliance. It is very safe. Customers have been using it in the last eight years because of the simplicity of getting it deployed quickly. Most of the people using the solution had been hacked already, so they needed it quickly. As compared to the other solutions in the market, it can be turned on in production very quickly. You don't really need to have a server. It can be deployed very rapidly on VMware or Hyper-V, and you don't need to do an installation. It is a kind of an all-included package that you just deploy in a VM environment. It is basically a VM that is specifically built for a customer. The way the PRA data solutions work is that you need to build them for each customer because of being hard-coded with their SSL certificate, their web page name, and all that."
"It's a stable product. Based on the demos and interaction with it, it was stable."
"Based on the feedback from my colleagues who have never complained about the technical support, I would say that the product's support team is good."
"The pricing is not cheap, but it could be better."
"Documentation is the primary area of improvement."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors."
"The product needs to have better integration with SAP products."
"We weren't aware that the Password Safe virtual appliance runs on a Windows server. As part of our monthly patching process, we ran into an issue. BeyondTrust Password Safe wasn't compatible with the patching we used to put on our server."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"If there was one thing, it would be having the documentation standardized. They should keep the documentation consistent. For example, when BeyondTrust updated one of their admin guides, they left out the information on the discovery account requirements, and then over a period of time, we ended up having to search multiple different documents to put together a string of information for a specific topic, which was problematic. It was minor, but it was problematic. Standardized documentation would be the one thing I would suggest."
"I would love to have a web console and the ability to use the smart card with the web console to provide remote support. If you are on a computer that doesn't have the Bomgar console, you should be able to use the web console to provide support. That's the only thing right now. A web console is nice when you're jumping into a computer, but if you need to elevate the privileges, you currently can't do it with the smart card. If they could figure that out, that would be money."
"In terms of the ability to automate the creation of new accounts within it, it's still a bit laborious."
"It would be very nice if it has an enterprise vault. Currently, it can interact with Password Safe, which is a separate solution and equivalent to Thycotic Secret Server. Instead of having Password Safe as a separate entity, they should combine it with BeyondTrust Privileged Remote Access. They have done it in some way, but it is not an enterprise tech solution."
"Its access process for third-party vendors needs to be simplified."
"Changing your password should be simplified, and there should not be a charge for it."
"There is no connectivity to the appliance side. There is no API, and it is just difficult for me to capture what version the device is on without going in and doing screenshots. It is a little too secure in that regard, where they don't even trust their product owner. Since a lot of hacks come from the inside, they are probably doing what they need to do out of necessity. It is just that I have to work pretty hard to produce compliance data on the box."
"The price is pretty expensive."
"The solution's Vault is a nice feature. It helps to securely share a security password in teams, but it is not at the level of a password management solution. So, it is just really a vault. We were expecting to have more features to better manage passwords, but that is something that you can work around if you also have a password safe solution. I would like them to have features like password rotation or password auditing, e.g., old passwords."
More BeyondTrust Privileged Remote Access Pricing and Cost Advice →
BeyondTrust Password Safe is ranked 7th in Privileged Access Management (PAM) with 19 reviews while BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews. BeyondTrust Password Safe is rated 7.6, while BeyondTrust Privileged Remote Access is rated 8.6. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, Delinea Secret Server and CyberArk Enterprise Password Vault, whereas BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service), WALLIX Bastion, BeyondTrust Remote Support and Apache Guacamole. See our BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.