Most Helpful Review
Functionality is straightforward with a simple checkout process and integration of checkout proxy ID
Find out what your peers are saying about ARCON Privileged Access Management vs. One Identity Safeguard and other solutions. Updated: March 2020.
406,070 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Previously, we had to go through some effort to change the credentials of our devices. The process was subject to human error... For things like managing credentials, some kind of register had to be maintained. With the Password Vault of ARCON, all these processes are automated. The credentials are changed, as per the schedule. The information is encrypted, kept in our vault, and sent to all the email addresses within the ARCON solution itself.
One important feature is the administrator access, mainly for Windows machines as well as Linux machines. It is important for us because there is accountability associated with each user ID. And the recordings are also helpful.
For compliance, each change I do, in each of the servers, is clearly recorded. We recently faced an audit and this was an awesome feature. Even our auditor had praise for it saying, "This is really a good feature."
The user interface, overall, is really good. If I have some 20 servers in my ID, I can easily see for which servers I have read-only access, for which servers I have prompt-access, and for which servers I have server admin access.
It was very easy for us to move this application and database from on-premise to cloud, as well as configure new things, such as load balancing. The product is very compatible.
Video and audio logs are there for any activities that the privileged admin carries out.
With this log available, we can drill down to the activities performed by the people within our kiosk. There is a great feature where in the case of Unix servers, we have our own text-based logs. In the case of Window's server, we cannot create a text-based log, so our kiosk takes the screenshot or picture of the screen when I am working. It does this every three seconds.
The initial setup was very simple. There was only one server we had to setup. We needed to store all the passwords, and a secure database is used.
We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. By using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required.
It's one of the best products we've seen. When you start looking at the functionality and use cases and usability of the product, it's straightforward. They designed this product with the end-user in mind, and they also had the sysadmin who is supporting the product in mind. They really did a nice job. Overall, it's a nice product to work with.
We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff.
We use the solution’s “transparent mode” feature for privileged sessions. It is very easy because it is only a simple configuration for our users. We don't have to modify our network. We install it, configure it, and it works. So, it is super easy. The rollout for our users is seamless.
It has greatly helped improve our security posture. Safeguard has an option where it will reset passwords on service accounts, then go out to those servers where that service account is running as a service and update the password on it. That makes password changes very easy. We can regularly change passwords now and are planning on making it an annual activity, where all the people who own service accounts will go in and make sure all their passwords get changed, updated, and reset.
All sessions are audited and they are indexed/searchable through the GUI.
The solution's most valuable features are the efficiency and the quality of the recording.
The way the solution is installed and deployed is very valuable. They make it very easy.
Currently, we can manage only the SSH or RDP connections, but there are many more devices that are present, apart from our SSH and RDP. We want all this to be part of the ARCON solution. For the password management, they should increase the pool of supported devices, they should have more connectors.
Currently, along with the upgrade of the ARCON solution, we have to consider the desktops and the endpoints from where the solution will have to be accessed. We have to upgrade those endpoints and desktops as well. So upgrades are not smooth.
It should be browser-agnostic and, frankly, it is working well on Internet Explorer. It should work on popular browsers like Mozilla and Firefox.
I would like to see a "wild card" kind of a feature or something that would enable us to search the video.
It would be helpful to have a "Favorites" list. For example, if I have 100 servers but I only go to 10 servers frequently, a Favorites list would allow me to go through those ten servers only.
There are no APIs readily available... I'm working on automation for ARCON so that whatever the ARCON administrator is doing will be automated, rather than having to do it manually. For that, I had to spend months to get the API developed myself. Having that handy out of the box, that would really help...
For the in-house built applications, they need to provide good, solid access through their portal.
The auto-password change feature which was recently added. It is supposed to change the password. However, in some cases, while changing the password, it has caused me to lose to connection due to network-related issues or something similar. What we need to have is a type of log for failure of password change.
The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region.
From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product.
Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this.
The interface is better now, but it still could be improved a lot. It needs more organization, menus, automatic refresh of information, and Web 2.0.
Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature.
Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service.
I would like to see an adjustment with more enterprise architecture. You can buy multiple appliances but you can not fully separate different functions, so scaling might be a bit more complicated.
Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support.
Pricing and Cost Advice
The product's pricing is a good value. It's appropriately priced. The product has all the required features. It doesn't work in some of the areas but, right now overall, it's pretty good.
I definitely feel the product's pricing is a good value. It is one of the best products we have. The licensing is server-based.
Product pricing is based on users and connections. We did not have to pay more for additional features.
They do have some licenses, which are required for things like Linux servers. However, in my environment, we do not have Linux servers.
There are no major concerns with licensing because we can handle multiple servers in our kiosk system.
It is good value for our business. According to me, their competitors are more costly. Therefore, it is quite affordable. I find the ARCON to be much cheaper than the other products in the market.
The licensing is simple, and there are only two types licensing: device licensing and user-based licensing.
Their licensing model is very simple, as it is based on the number of endpoints which you want to manage along with the number of users and administrators which you want to use.
We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation.
It was definitely cheaper than the other two products that we evaluated.
Our licensing costs are on a yearly basis.
It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody.
The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible.
Setup cost, pricing and licensing are all very expensive.
out of 30 in Privileged Access Management
Average Words per Review
out of 30 in Privileged Access Management
Average Words per Review
Compared 48% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 50% of the time.
Compared 8% of the time.
Compared 5% of the time.
Also Known As
|ARCON PAM is a full blown Privileged Access Management solution. It has a robust password vaulting technology that comes with AES- 256 Database encryption. Dual Factor Authentication, 4Eye Authentication functionalities and Granular Access Control enables an enterprise to block any unauthorized access attempt to critical information assets. All access is based on “Need to know” and “Need to do” basis. It has the largest connector stack. Its Single Sign On enables seamless access to a host of devices with just a single click. The Solution enables an enterprise to monitor and analyze advanced threats in a real time. It has the best-in-class real-time threat analytics. It provides comprehensive audit trails and session recordings to ensure that all activities are tracked and these logs are encrypted and separately stored creating a legal hold. Further, it has a highly scalable architecture that easily integrates with Third Party SIEM Solutions. It also supports cloud environment. ARCON PAM is full-functionality solution at the most optimum pricing. More than 250 global enterprises spanning wide-ranging industries such as Banking, Financial Services and Insurance (BFSI), Government Organizations, Media, Health Care, and Fintech have deployed ARCON PAM as of today. While the company continues to be a leader in India and the Middle East, it has gained a solid traction in Africa and APAC market thanks to its well-distributed global channel network and strong industry reputation it enjoys in the cyber security domain.|
One Identity Safeguard securely stores, manages, records and analyzes privileged accounts and access. It is an integrated solution that combines a secure hardened password safe and a session management and monitoring solution with threat detection and analytics.
Learn more about ARCON Privileged Access Management
Securely store, manage, record and analyze privileged access
Prevent security breaches and limit damage by putting in place a privileged access management solution. Get a free 45-day trial, or request a demo of One Identity SafeGuard.
Information Not Available
Financial Services Firm88%
Software R&D Company39%
Comms Service Provider22%
Financial Services Firm19%
Financial Services Firm71%
Software R&D Company32%
Financial Services Firm21%
Comms Service Provider16%