BrunoMassoutierHead of Communications at Stadt Winterthur
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording."
"The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"The implementation is quite easy because the documents are always online."
"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
"The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
"BeyondTrust has very good integrations with quite a lot of security vendors such as SailPoint, IBM, FortiGuard, Splunk, etc."
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy."
"Technical support is good."
"The most valuable feature is that this solution can be implemented regardless of the operating system."
"Its security, simplicity, and ease of deployment and maintenance are the most valuable. It is FIPS compliant, so it goes through severe penetration testing every one year or two years. They have to maintain this compliance. It is very safe. Customers have been using it in the last eight years because of the simplicity of getting it deployed quickly. Most of the people using the solution had been hacked already, so they needed it quickly. As compared to the other solutions in the market, it can be turned on in production very quickly. You don't really need to have a server. It can be deployed very rapidly on VMware or Hyper-V, and you don't need to do an installation. It is a kind of an all-included package that you just deploy in a VM environment. It is basically a VM that is specifically built for a customer. The way the PRA data solutions work is that you need to build them for each customer because of being hard-coded with their SSL certificate, their web page name, and all that."
"The scalability is excellent."
"The other area to improve is that they rely on MS SQL servers only. You cannot have any other database behind them. They have to be on MS SQL. If they can do something about these issues, this would be a better alternative for some customers."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"The help system should be improved to provide a quick help guide with each tab within the solution, which explains what each particular function does."
"Their technical support could be more responsive and helpful."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"If you don't get the implementation right at the outset, you will struggle with the product."
"Changing your password should be simplified, and there should not be a charge for it."
"It would be very nice if it has an enterprise vault. Currently, it can interact with Password Safe, which is a separate solution and equivalent to Thycotic Secret Server. Instead of having Password Safe as a separate entity, they should combine it with BeyondTrust Privileged Remote Access. They have done it in some way, but it is not an enterprise tech solution."
"They could probably integrate a wizard or something like that to add a new use case. It could be something that makes it easier to add a new use case."
"This solution is expensive compared to its competitors."
BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.
Key Solutions Include:
-ENTERPRISE PASSWORD SECURITY
Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.
-ENDPOINT LEAST PRIVILEGE
Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.
-SERVER PRIVILEGE MANAGEMENT
Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.
-A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS
Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.
Learn more at https://www.beyondtrust.com/privilege-management
BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.
Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.
- Privileged Access Control: Enforce least privilege by giving users the right level of access.
- Monitor Sessions: Control and monitor sessions using standard protocols for RDP, VNC, HTTP/S, and SSH connections.
- Reduce the Attack Surface: Reduce attacks by consolidating the tracking, approval, and auditing of privileged accounts in one place and by creating a single access pathway.
- Integrate with Password Management: Inject credentials directly into servers and systems with just one click, so users never need to know or see plain text credentials.
- Mobile & Web Consoles: Use mobile apps or web-based consoles anytime, anywhere.
- Audit & Compliance: Create audit trails, session forensics, and other reporting features by capturing detailed session data in real-time or post- session review, and provide attestation reports to prove compliance.
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 8 reviews while BeyondTrust Privileged Remote Access is ranked 13th in Remote Access with 3 reviews. BeyondTrust Endpoint Privilege Management is rated 7.6, while BeyondTrust Privileged Remote Access is rated 9.0. The top reviewer of BeyondTrust Endpoint Privilege Management writes "A stable, scalable, and easy-to-deploy solution that can track malicious use or send analytics to a host". On the other hand, the top reviewer of BeyondTrust Privileged Remote Access writes "Great integration capabilities with excellent support and very good ROI". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Privileged Access Manager, Thycotic Secret Server, CyberArk Endpoint Privilege Manager and Cisco ISE (Identity Services Engine), whereas BeyondTrust Privileged Remote Access is most compared with WALLIX Bastion, BeyondTrust Remote Support, CyberArk Privileged Access Manager, Thycotic Secret Server and Symantec Privileged Access Manager.
See our list of .
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.