BeyondTrust Privileged Remote Access vs One Identity Safeguard comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between BeyondTrust Privileged Remote Access and One Identity Safeguard based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed BeyondTrust Privileged Remote Access vs. One Identity Safeguard Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Q&A Highlights
Question: Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Answer: Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your specific needs and integrates seamlessly into your existing infrastructure. However, I recommend visiting the official website of Broadcom (the company that acquired Symantec's enterprise security business) or contacting their sales representatives to get the most up-to-date information about their PAM solutions, including any rebranding or changes that may have occurred. When evaluating any PAM solution, it's essential to consider factors such as security, integration capabilities, ease of use, vendor support, scalability, and alignment with your organization's specific needs and compliance requirements. It's also a good practice to request demonstrations, proofs of concept, and references from vendors to ensure that the solution meets your expectations. Remember to involve key stakeholders, such as IT, security, compliance, and management teams, in the decision-making process to ensure alignment with organizational goals and requirements.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is a real fortress. Its security is very strong. Multi-factor came as a feature out-of-the-box, which was big for us. That helps us meet another compliance requirement. It enforces encryption. Nobody can see what we are doing in our remote system if they happen to be listening for unencrypted traffic. That is its biggest strength.""When it comes to the Privileged Remote Access (PRA) solution, instead of depending on a VPN client, from Cisco or any other vendor, we can directly use this product from the internet. It is very easy to do the implementation, and it is easy for every user to access the server from outside of their organization. They can open the URL and put their name and password, and it'll do the multi-factor authentication. They can easily access the server. Prior to this solution, the users had to log into the VPN, which is not required with BeyondTrust. Now, they can use their computer over the internet.""The project goal was to allow staff to run applications with admin privileges without being admins, which was the product's most important feature.""The security provided by PRA when it comes to access for remote and privileged users has been outstanding. It has met all of our objectives, everything from password rotation to securing and allowing us to clamp down access to the auditing and monitoring features.""The scalability is excellent.""The visibility of the solution's Vault works as it is supposed to: out-of-the-box for domain accounts, endpoints, and local accounts associated with discovery jobs.""PRA stands on its own as a full solution. This is important because it reduces the need to maintain a lot of different services. Also, the integration between those services are sometimes not easy to maintain. So, having a solution like BeyondTrust Privileged Remote Access reducing our workload gives us enough time to work on our other issues. The system just runs and does what it is supposed to do.""The privileged remote access platform is able to track and record everything that happens within a session."

More BeyondTrust Privileged Remote Access Pros →

"The technical support is tremendous.""Safeguard has the ability to record and retrieve in the full-video format.""I have found the most useful feature of One Identity Safeguard to be Privileged Sessions.""It is generally easy-to-use and install.""The whole product solves the privileged access management challenge for our company. We have a secure tunnel, a secure session manager, and automatic logging of sessions, which is good for forensic purposes. We have a rich level of logs and can trace what happened on which machine and see who did what.""All sessions are audited and they are indexed/searchable through the GUI.""The Transparent Mode is the number one advantage of the product.""The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between."

More One Identity Safeguard Pros →

Cons
"One of our gaps or pain points is having multi-factor authentication at the endpoint and using the PRA password injection from BeyondTrust, which does not work in our environment. We can only have MFA at the login of BeyondTrust to check out the password. Therefore, we can't meet our security requirements of having it on the endpoint.""Its management is through two different portals, and you can't get from one portal to the other. I have to literally open up another website and go into it a different way. There are no inner links between the two. They should interlink the actual virtual server and the appliance. In general, there should be one interface for management for admins.""It would be very nice if it has an enterprise vault. Currently, it can interact with Password Safe, which is a separate solution and equivalent to Thycotic Secret Server. Instead of having Password Safe as a separate entity, they should combine it with BeyondTrust Privileged Remote Access. They have done it in some way, but it is not an enterprise tech solution.""The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required.""Changing your password should be simplified, and there should not be a charge for it.""Its access process for third-party vendors needs to be simplified.""The solution is very flexible, which is a plus, but I would say the implementation requires someone with knowledge and experience, as it can be easy to get lost in all the details. The implementation process could be streamlined and simplified. Though the complexity of the solution provides greater flexibility, it requires a lot of time to understand it fully.""The price is pretty expensive."

More BeyondTrust Privileged Remote Access Cons →

"The SPS could be a lot easier to administrate and the parts should be unified, from a design perspective, so that I can recognize the systems as being part of the same package. They feel like they have been forced together.""The main point regarding the user experience is that Safeguard has two separate management consoles.""From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product.""Some of our users find the functionality a bit complex, and it could be made more user-friendly.""We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated.""We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates.""The product uses a lot of resources in current sessions.""There is a lack of documentation and many problems with the plugins."

More One Identity Safeguard Cons →

Pricing and Cost Advice
  • "The price is pretty expensive, but you get what you pay for and this is a great product."
  • "I wish it was a little bit cheaper, but when a product is as solid as this, I understand what the cost does. It helps them to make sure it stays that way. If you want a reliable, solid product, you're going to pay more."
  • "Don't get into a situation where you are licensing per desktop or per person until you fully understand the licensing."
  • "My client found the solution a bit expensive but considering their use case and requirements, they didn't have any other choice. As far as I know, implementation and licensing are the only costs."
  • "I wasn't directly involved in the licensing and pricing, but I can say that PRA is licensed per endpoint added to the Vault. I would advise users to take frequent exports of their license usage package; it's a simple feature that provides a spreadsheet of every machine in the Vault. This helps to cut down on duplicate licenses, which can happen by adding the same endpoint using an IP address and a fully qualified domain name, for instance. The implementation is an additional cost, and they offer several tiers, so the price varies. There are also some optional add-ons, so I would advise people to research the product well and find out precisely what they need regarding features. The Advanced Web Access add-on provides some required functionality when interfacing with websites; that's one to consider."
  • "Its price is pretty good for the features and services that it provides. It is not outrageous. I'm not aware of any additional charges or anything like that."
  • "PRA was one of the cheapest solutions that we evaluated."
  • "Though the solution was a bit expensive, the overall pricing was average."
  • More BeyondTrust Privileged Remote Access Pricing and Cost Advice →

  • "Setup cost, pricing and licensing are all very expensive."
  • "Our licensing costs are on a yearly basis."
  • "It was definitely cheaper than the other two products that we evaluated."
  • "They offer a fair price for a robust solution."
  • "The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
  • "It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
  • "The pricing is about $80,000 per 100 servers. There are few elective costs."
  • "We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."
  • More One Identity Safeguard Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Answers from the Community
    Avinash Gopu
    Nurlan Temirbulatov - PeerSpot reviewerNurlan Temirbulatov
    Vendor

    Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years. 

    Questions from the Community
    Top Answer:The product has improved remote support capabilities since it works fine.
    Top Answer:The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required. The product should be able to… more »
    Top Answer:I use the tool in my lab. I am involved in the product's testing phase in my lab, where I am trying to check out the solution.
    Top Answer:The identity discovery is good, and the performance is pretty good value.
    Top Answer:They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base. Usually, they start at one price, and when you start pricing the competition, you… more »
    Top Answer:Something for One Identity to look at is having integration guidelines for how to logically group accounts. This is always something you need people to do. It would be especially helpful when you have… more »
    Ranking
    Views
    2,515
    Comparisons
    1,613
    Reviews
    16
    Average Words per Review
    1,356
    Rating
    8.6
    Views
    3,655
    Comparisons
    1,588
    Reviews
    15
    Average Words per Review
    907
    Rating
    7.7
    Comparisons
    Also Known As
    Bomgar Privileged Access
    Learn More
    Overview

    BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.

    Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.

    Features include:

    - Privileged Access Control: Enforce least privilege by giving users the right level of access.

    - Monitor Sessions: Control and monitor sessions using standard protocols for RDP, VNC, HTTP/S, and SSH connections.

    - Reduce the Attack Surface: Reduce attacks by consolidating the tracking, approval, and auditing of privileged accounts in one place and by creating a single access pathway.

    - Integrate with Password Management: Inject credentials directly into servers and systems with just one click, so users never need to know or see plain text credentials.

    - Mobile & Web Consoles: Use mobile apps or web-based consoles anytime, anywhere.

    - Audit & Compliance: Create audit trails, session forensics, and other reporting features by capturing detailed session data in real-time or post- session review, and provide attestation reports to prove compliance.

    One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.

    One Identity Safeguard Features

    One Identity Safeguard has many valuable key features. Some of the most useful ones include:

    • Policy-based release control: Seek access and approve privileged passwords and sessions using a secure online browser that supports mobile devices. Depending on your organization's policies, requests can be authorized immediately or require dual/multiple approvals. You can set One Identity Safeguard to match your personalized needs, whether your policies consider the requestor's identity and level of access, the time and day of the request attempt, and/or the specific resource requested. You can also enter reason codes and/or connect to ticketing systems.

    • Vault for personal passwords: In a free personal password vault, every one of your employees can keep and generate random passwords for non-federated business accounts. This allows your company to use a sanctioned tool to securely share and retrieve passwords, giving you much-needed security and visibility into your company's accounts.

    • Auditing, recording, and replaying entire sessions: All session activity is collected, indexed, and kept in tamper-proof audit trails that can be viewed like a video and searched like a database, down to the keystrokes, mouse movements, and windows viewed. Security teams can search across sessions for certain events and play the recording from the exact point where the search criterion happened. For forensics and compliance purposes, audit trails are encrypted, time-stamped, and cryptographically signed.

    • Approval in any location: Approve or refuse requests from anywhere, using One Identity Starling Two-Factor Authentication, without having to connect to a VPN.
    • Instantly on: Safeguard for Privileged Sessions can be implemented in a transparent manner, with no changes to user workflows required. Safeguard, when acting as a proxy gateway, can act as a network router, unseen to both the user and the server. Admins can continue to use their normal client programs and access target servers and systems without disrupting their everyday routine.

    • Biometrics of user behavior: Even when performing identical operations like typing or moving a mouse, each person has his or her own unique pattern of behavior. These behavioral characteristics are examined by the Safeguard algorithms. Keystroke dynamics and mouse movement analysis aid in the detection of security breaches while also acting as a continuous biometric authentication system.

    • Favorites: Right from the login screen, quickly access the passwords you use the most. You can combine many password requests into a single favorite, allowing you to log into all of your accounts with a single click.

    • Discovery options: With host, directory, and network-discovery options, you can quickly find privileged accounts or systems on your network.

    Reviews from Real Users

    One Identity Safeguard stands out among its competitors for a number of reasons. Two major ones are its stability and its connection control. PeerSpot users take note of the advantages of these features in their reviews:

    One PeerSpot reviewer, a Software Solutions Architect at a computer software company, writes, “I have found the most useful feature of One Identity Safeguard to be Privileged Sessions. One Identity Safeguard is a stable solution.” He adds, “I rate One Identity Safeguard a nine out of ten.”

    Walid S., Networking and Security Engineer at a tech services company, mentions of the solution, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

    Offer
    Learn more about BeyondTrust Privileged Remote Access
    Securely store, manage, record and analyze privileged access

    Prevent security breaches and limit damage by putting in place a privileged access management solution. Get a free 45-day trial, or request a demo of One Identity SafeGuard.

    Sample Customers
    Horizon Beverage, Air Liquide, Gateway Bank of Florida
    Cavium
    Top Industries
    REVIEWERS
    Comms Service Provider21%
    Government14%
    Wholesaler/Distributor14%
    Computer Software Company14%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm42%
    Healthcare Company16%
    Manufacturing Company11%
    Sports Company5%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Government7%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise15%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise13%
    Large Enterprise67%
    REVIEWERS
    Small Business37%
    Midsize Enterprise24%
    Large Enterprise39%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise20%
    Large Enterprise57%
    Buyer's Guide
    BeyondTrust Privileged Remote Access vs. One Identity Safeguard
    March 2024
    Find out what your peers are saying about BeyondTrust Privileged Remote Access vs. One Identity Safeguard and other solutions. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. BeyondTrust Privileged Remote Access is rated 8.6, while One Identity Safeguard is rated 8.2. The top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, BeyondTrust Password Safe, WALLIX Bastion, BeyondTrust Remote Support and ARCON Privileged Access Management, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, Fudo PAM and ManageEngine PAM360. See our BeyondTrust Privileged Remote Access vs. One Identity Safeguard report.

    See our list of best Privileged Access Management (PAM) vendors.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.