We performed a comparison between BeyondTrust Endpoint Privilege Management and NetIQ Identity Governance based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file."
"It scales easily and the product is stable."
"The features related to application elevate is amazing. It helped the company to remove almost all admin local users."
"The most valuable feature is the asset discovery, which makes it very easy to locate and identify assets and pull them into the manager."
"Reduces major vulnerabilities by removing local administrator privileges."
"The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."
"The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager."
"The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us."
"We’re very satisfied with technical support. Usually we get people with the right knowledge who understand the solution very well."
"When doing a review you can either make manual or automatic fulfillment to immediately apply the manager's decision to the system, like removing or adding new permissions to the user account."
"I like the queries and find the catalog to be comparatively powerful."
"This solution has been around for a long time. It has had lots of successful deployments and releases."
"I really like the separation of the duties. It is the most ambitious model in the server because you have to create all the different rules, especially business rules. You have to check with the client and set different policies and rules, and then, you to have refine them. You will notice what is bad in the company and where the real problem is."
"All three functionalities, access certification, the configuration of duties, and role mining - especially role mining - are very advanced compared with the competition."
"NetIQ Identity Governance has improved the security of my company."
"You can run reports and verify the access each user has. There is a process that runs automatically for access review. It sends an email to the manager and provides a task for the manager to review the users and access. The manager can approve or reject, and then it goes to the application owner for further review. This feature is especially important in large customer environments, as manual review can be challenging."
"What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way."
"Reports to the end user."
"They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment."
"We use a program to automate all of this, but it's not a default feature of BeyondTrust Endpoint Privilege Management."
"The deployment process should be clarified or made simpler. It would be helpful if the solution had in-app tutorials for users to look at as they progress through the system. Sometimes we get lost and need to go back to check what exactly the function was. There should be small hints around major key functions. It would go a long way in speeding up the deployment process."
"The program updates are very rare and the frequency is too far apart to take care of bug fixes and adding the latest features."
"There is room for improvement in having the solution align more with standards. We're always shoehorning the product into the standards. It's not that it doesn't work for standards, it does. But Quick Start Policies are pretty close to what we need. The vendor needs to keep looking at GDPR, 27001, and 27701. That's why our clients buy the product."
"The product should improve its price."
"The solution should provide more connectors in future releases. The solution also should offer more monitoring."
"With NetIQ, you have to install two or more products. It would be better if we could install one product and have one server and one dashboard."
"NetIQ Identity Governance is not flexible. Sometimes, filtering information to provide users with options, such as selecting the application to which they want to request access, can be challenging. It needs to improve application integration as well."
"We need more connectors to cloud applications like AWS."
"They haven't really evolved the product to the cloud, so they don't have a cloud solution."
"The product could use more advanced features related to Identity Intelligence."
"The initial setup has room for improvement."
"Technical support is horrible."
More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →
BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 27 reviews while NetIQ Identity Governance is ranked 21st in Identity Management (IM) with 9 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while NetIQ Identity Governance is rated 8.0. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of NetIQ Identity Governance writes "Helps to run reports and verify user access but improvement is needed in integration ". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server and ARCON Privileged Access Management, whereas NetIQ Identity Governance is most compared with SailPoint IdentityIQ, OpenText Identity and Access Management and One Identity Manager.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.