We performed a comparison between BeyondTrust Endpoint Privilege Management and One Identity Safeguard based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
"I find the comprehensive Privilege Access Management features valuable, including automation, and the ability to integrate with applications and the Windows operating system."
"The implementation is quite easy because the documents are always online."
"Logs that get collected on the Privilege Management console from the agents are very good. They help us to identify the aspects from which we have to whitelist an application."
"The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"Scalability is good. I would rate the scalability a nine out of ten."
"The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
"It is straightforward. It is a good technology, and it is made to do one single thing."
"The monitoring system is very good."
"The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable."
"We use the solution’s “transparent mode” feature for privileged sessions. It is very easy because it is only a simple configuration for our users. We don't have to modify our network. We install it, configure it, and it works. So, it is super easy. The rollout for our users is seamless."
"I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server."
"The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. By using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required."
"One Identity Safeguard is stable and provides great performance."
"It keeps on breaking every now and then. It is not yet mature. Every time something new comes up or we run into some new issues, the culprit is BeyondTrust because the agents and the adapter are not mature. The new development process goes on, and they're not able to handle things. It should be mature. It shouldn't break every now and then."
"A valuable enhancement could be the capability to deploy agents directly through the console."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"The initial setup was very difficult. Even if you are an expert in EPM, it is still very difficult."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"The product should improve its price."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"There are three types of endpoints. If we need to use them in the solution, then we need to purchase the licenses separately. The tool needs to improve its licensing."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"Some of our users find the functionality a bit complex, and it could be made more user-friendly."
"When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."
"The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA."
"I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated."
"We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now."
"From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product."
"One Identity Safeguard can improve by having more integration with multiple devices."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 5th in Privileged Access Management (PAM) with 27 reviews while One Identity Safeguard is ranked 4th in Privileged Access Management (PAM) with 38 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while One Identity Safeguard is rated 8.2. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server and ARCON Privileged Access Management, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access and Fudo PAM. See our BeyondTrust Endpoint Privilege Management vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.