We performed a comparison between BeyondTrust Privileged Remote Access and One Identity Safeguard based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature."
"It's a stable product. Based on the demos and interaction with it, it was stable."
"The privileged remote access platform is able to track and record everything that happens within a session."
"The most valuable feature is that this solution can be implemented regardless of the operating system."
"I like the enterprise credential manager. It's a connector that sits in PRA and tests the credentials for the end user with a process that will clean the password. This is one of PRA's primary features and simplifies user onboarding. There aren't many restrictions or complications. We can add the user while only opening one port, which is more than enough to access the PRA server. Every organization requires only four critical servers out of a hundred and some 50 production servers."
"Its initial setup process is straightforward."
"Its security, simplicity, and ease of deployment and maintenance are the most valuable. It is FIPS compliant, so it goes through severe penetration testing every one year or two years. They have to maintain this compliance. It is very safe. Customers have been using it in the last eight years because of the simplicity of getting it deployed quickly. Most of the people using the solution had been hacked already, so they needed it quickly. As compared to the other solutions in the market, it can be turned on in production very quickly. You don't really need to have a server. It can be deployed very rapidly on VMware or Hyper-V, and you don't need to do an installation. It is a kind of an all-included package that you just deploy in a VM environment. It is basically a VM that is specifically built for a customer. The way the PRA data solutions work is that you need to build them for each customer because of being hard-coded with their SSL certificate, their web page name, and all that."
"The security provided by PRA when it comes to access for remote and privileged users has been outstanding. It has met all of our objectives, everything from password rotation to securing and allowing us to clamp down access to the auditing and monitoring features."
"The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration. In actuality, all the features are valuable. They're good, user-friendly."
"It is generally easy-to-use and install."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."
"The whole product solves the privileged access management challenge for our company. We have a secure tunnel, a secure session manager, and automatic logging of sessions, which is good for forensic purposes. We have a rich level of logs and can trace what happened on which machine and see who did what."
"The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."
"It's a good solution for managing identities under OneFile for authorization."
"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."
"Its access process for third-party vendors needs to be simplified."
"They could probably integrate a wizard or something like that to add a new use case. It could be something that makes it easier to add a new use case."
"One of our gaps or pain points is having multi-factor authentication at the endpoint and using the PRA password injection from BeyondTrust, which does not work in our environment. We can only have MFA at the login of BeyondTrust to check out the password. Therefore, we can't meet our security requirements of having it on the endpoint."
"In terms of the ability to automate the creation of new accounts within it, it's still a bit laborious."
"It would be very nice if it has an enterprise vault. Currently, it can interact with Password Safe, which is a separate solution and equivalent to Thycotic Secret Server. Instead of having Password Safe as a separate entity, they should combine it with BeyondTrust Privileged Remote Access. They have done it in some way, but it is not an enterprise tech solution."
"Its management is through two different portals, and you can't get from one portal to the other. I have to literally open up another website and go into it a different way. There are no inner links between the two. They should interlink the actual virtual server and the appliance. In general, there should be one interface for management for admins."
"The solution's Vault is a nice feature. It helps to securely share a security password in teams, but it is not at the level of a password management solution. So, it is just really a vault. We were expecting to have more features to better manage passwords, but that is something that you can work around if you also have a password safe solution. I would like them to have features like password rotation or password auditing, e.g., old passwords."
"Changing your password should be simplified, and there should not be a charge for it."
"We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now."
"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."
"There is a lack of documentation and many problems with the plugins."
"We have issues using Safeguard to connect to and record from the cloud. Currently, they don't have a mechanism to record this type of connection."
"From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target."
"The GUI has room for improvement because it is confusing and cumbersome."
More BeyondTrust Privileged Remote Access Pricing and Cost Advice →
BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews while One Identity Safeguard is ranked 4th in Privileged Access Management (PAM) with 38 reviews. BeyondTrust Privileged Remote Access is rated 8.6, while One Identity Safeguard is rated 8.2. The top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service), BeyondTrust Remote Support and Delinea Secret Server, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, Fudo PAM and ObserveIT. See our BeyondTrust Privileged Remote Access vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years.