• Home
  • BeyondTrust Privileged Remote Access vs. One Identity Safeguard

BeyondTrust Privileged Remote Access vs One Identity Safeguard comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
BeyondTrust Privileged Remote Access vs. One Identity Safeguard
March 2024
Executive Summary

We performed a comparison between BeyondTrust Privileged Remote Access and One Identity Safeguard based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed BeyondTrust Privileged Remote Access vs. One Identity Safeguard Report (Updated: March 2024).
Download the complete report
767,995 professionals have used our research since 2012.
Q&A Highlights
Question: Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Answer: Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your specific needs and integrates seamlessly into your existing infrastructure. However, I recommend visiting the official website of Broadcom (the company that acquired Symantec's enterprise security business) or contacting their sales representatives to get the most up-to-date information about their PAM solutions, including any rebranding or changes that may have occurred. When evaluating any PAM solution, it's essential to consider factors such as security, integration capabilities, ease of use, vendor support, scalability, and alignment with your organization's specific needs and compliance requirements. It's also a good practice to request demonstrations, proofs of concept, and references from vendors to ensure that the solution meets your expectations. Remember to involve key stakeholders, such as IT, security, compliance, and management teams, in the decision-making process to ensure alignment with organizational goals and requirements.
Read more →
Featured Review
Anonymous User
Streamlines onboarding and privilege assignment, with Active Directory integration and an intelligent approach to...
Initially, we had a different VPN set up for our external vendors, and working for a pharmaceutical company, we had a lot of equipment vendors... Read more →
Anonymous User
Researched BeyondTrust Privileged Remote Access but chose One Identity Safeguard: Functionality is straightforward with a simple checkout process and integration of checkout proxy ID
We went from a state where privileged accounts were being used and not being monitored or even audited to our situation now where we are starting... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The privileged remote access platform is able to track and record everything that happens within a session.""Its initial setup process is straightforward.""I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature.""One of the features that I really like about it is the ability to set a start date, time, and end date for the access. For example, you can set the access for a person from tomorrow, Monday, or Tuesday and ending on a specific period of the day or a specific date. That's really quite helpful.""The project goal was to allow staff to run applications with admin privileges without being admins, which was the product's most important feature.""The product has improved remote support capabilities since it works fine.""The scalability is excellent.""The most valuable feature is that this solution can be implemented regardless of the operating system."

More BeyondTrust Privileged Remote Access Pros →

"The technical support is tremendous.""We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.""It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage.""I have found the most useful feature of One Identity Safeguard to be Privileged Sessions.""It is generally easy-to-use and install.""It offers high availability and enables end users to deploy the solution with 99.999 percent uptime, which is crucial in an enterprise environment with a large number of endpoints.""Safeguard has the ability to record and retrieve in the full-video format.""I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier."

More One Identity Safeguard Pros →

Cons
"Changing your password should be simplified, and there should not be a charge for it.""They could probably integrate a wizard or something like that to add a new use case. It could be something that makes it easier to add a new use case.""Multiple areas can be improved. We've seen lots of updates in the past year. They have a portal where we can submit our ideas. BeyondTrust is immediately implementing user suggestions. The UI could be more informative. Initially, there were two or three connectors, and now we have five or six. It would be nice if they added a few more connectors for third-party integration. There are multiple tools, but the clients may require more for their convenience.""Some of the capabilities in the solution were not as available or not as outstanding as CyberArk. We had to manage whatever little was available for us, especially its recording capabilities, logs, and a number of things.""The solution is very flexible, which is a plus, but I would say the implementation requires someone with knowledge and experience, as it can be easy to get lost in all the details. The implementation process could be streamlined and simplified. Though the complexity of the solution provides greater flexibility, it requires a lot of time to understand it fully.""The price is pretty expensive.""The solution's Vault is a nice feature. It helps to securely share a security password in teams, but it is not at the level of a password management solution. So, it is just really a vault. We were expecting to have more features to better manage passwords, but that is something that you can work around if you also have a password safe solution. I would like them to have features like password rotation or password auditing, e.g., old passwords.""Its access process for third-party vendors needs to be simplified."

More BeyondTrust Privileged Remote Access Cons →

"One Identity Safeguard can improve by having more integration with multiple devices.""There is a lack of documentation and many problems with the plugins.""The SPS could be a lot easier to administrate and the parts should be unified, from a design perspective, so that I can recognize the systems as being part of the same package. They feel like they have been forced together.""The product uses a lot of resources in current sessions.""We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates.""I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated.""There is room for improvement in the launch module. They built in a launch button but they don't have effective instructions for configuring it to allow it to launch an RDP session. They're working on that, but the button is in the live product. If they were going to install something that wasn't useful, they should have just disabled it and not rolled it out with the product.""When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."

More One Identity Safeguard Cons →

Pricing and Cost Advice
  • "The price is pretty expensive, but you get what you pay for and this is a great product."
  • "I wish it was a little bit cheaper, but when a product is as solid as this, I understand what the cost does. It helps them to make sure it stays that way. If you want a reliable, solid product, you're going to pay more."
  • "Don't get into a situation where you are licensing per desktop or per person until you fully understand the licensing."
  • "My client found the solution a bit expensive but considering their use case and requirements, they didn't have any other choice. As far as I know, implementation and licensing are the only costs."
  • "I wasn't directly involved in the licensing and pricing, but I can say that PRA is licensed per endpoint added to the Vault. I would advise users to take frequent exports of their license usage package; it's a simple feature that provides a spreadsheet of every machine in the Vault. This helps to cut down on duplicate licenses, which can happen by adding the same endpoint using an IP address and a fully qualified domain name, for instance. The implementation is an additional cost, and they offer several tiers, so the price varies. There are also some optional add-ons, so I would advise people to research the product well and find out precisely what they need regarding features. The Advanced Web Access add-on provides some required functionality when interfacing with websites; that's one to consider."
  • "Its price is pretty good for the features and services that it provides. It is not outrageous. I'm not aware of any additional charges or anything like that."
  • "PRA was one of the cheapest solutions that we evaluated."
  • "Though the solution was a bit expensive, the overall pricing was average."

    • More BeyondTrust Privileged Remote Access Pricing and Cost Advice →

  • "Setup cost, pricing and licensing are all very expensive."
  • "Our licensing costs are on a yearly basis."
  • "It was definitely cheaper than the other two products that we evaluated."
  • "They offer a fair price for a robust solution."
  • "The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
  • "It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
  • "The pricing is about $80,000 per 100 servers. There are few elective costs."
  • "We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."

    • More One Identity Safeguard Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    See Recommendations
    767,995 professionals have used our research since 2012.
    Answers from the Community
    Avinash Gopu
    Question: Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
    Nurlan Temirbulatov - PeerSpot reviewerNurlan Temirbulatov
    Vendor

    Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years. 

    See all 2 answers »
    Questions from the Community
    What do you like most about BeyondTrust Privileged Remote Access?
    Top Answer:The product has improved remote support capabilities since it works fine.
    Read all 18 answers   →
    What needs improvement with BeyondTrust Privileged Remote Access?
    Top Answer:The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required. The product should be able to… more »
    Read all 17 answers   →
    What is your primary use case for BeyondTrust Privileged Remote Access?
    Top Answer:I use the tool in my lab. I am involved in the product's testing phase in my lab, where I am trying to check out the solution.
    Read all 16 answers   →
    What do you like most about One Identity Safeguard?
    Top Answer:The identity discovery is good, and the performance is pretty good value.
    Read all 31 answers   →
    What is your experience regarding pricing and costs for One Identity Safe...
    Top Answer:They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base. Usually, they start at one price, and when you start pricing the competition, you… more »
    Read all 18 answers   →
    What needs improvement with One Identity Safeguard?
    Top Answer:Something for One Identity to look at is having integration guidelines for how to logically group accounts. This is always something you need people to do. It would be especially helpful when you have… more »
    Read all 29 answers   →
    Ranking
    3rd
    out of 48 in Privileged Access Management (PAM)
    Views
    2,454
    Comparisons
    1,595
    Reviews
    16
    Average Words per Review
    1,299
    Rating
    8.4
    5th
    out of 48 in Privileged Access Management (PAM)
    Views
    3,663
    Comparisons
    1,572
    Reviews
    14
    Average Words per Review
    950
    Rating
    7.7
    Comparisons
    Also Known As
    Bomgar Privileged Access
    Learn More
    BeyondTrust
    One Identity
    Overview

    BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.

    Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.

    Features include:

    - Privileged Access Control: Enforce least privilege by giving users the right level of access.

    - Monitor Sessions: Control and monitor sessions using standard protocols for RDP, VNC, HTTP/S, and SSH connections.

    - Reduce the Attack Surface: Reduce attacks by consolidating the tracking, approval, and auditing of privileged accounts in one place and by creating a single access pathway.

    - Integrate with Password Management: Inject credentials directly into servers and systems with just one click, so users never need to know or see plain text credentials.

    - Mobile & Web Consoles: Use mobile apps or web-based consoles anytime, anywhere.

    - Audit & Compliance: Create audit trails, session forensics, and other reporting features by capturing detailed session data in real-time or post- session review, and provide attestation reports to prove compliance.

    One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.

    One Identity Safeguard Features

    One Identity Safeguard has many valuable key features. Some of the most useful ones include:

    • Policy-based release control: Seek access and approve privileged passwords and sessions using a secure online browser that supports mobile devices. Depending on your organization's policies, requests can be authorized immediately or require dual/multiple approvals. You can set One Identity Safeguard to match your personalized needs, whether your policies consider the requestor's identity and level of access, the time and day of the request attempt, and/or the specific resource requested. You can also enter reason codes and/or connect to ticketing systems.

    • Vault for personal passwords: In a free personal password vault, every one of your employees can keep and generate random passwords for non-federated business accounts. This allows your company to use a sanctioned tool to securely share and retrieve passwords, giving you much-needed security and visibility into your company's accounts.

    • Auditing, recording, and replaying entire sessions: All session activity is collected, indexed, and kept in tamper-proof audit trails that can be viewed like a video and searched like a database, down to the keystrokes, mouse movements, and windows viewed. Security teams can search across sessions for certain events and play the recording from the exact point where the search criterion happened. For forensics and compliance purposes, audit trails are encrypted, time-stamped, and cryptographically signed.

    • Approval in any location: Approve or refuse requests from anywhere, using One Identity Starling Two-Factor Authentication, without having to connect to a VPN.
    • Instantly on: Safeguard for Privileged Sessions can be implemented in a transparent manner, with no changes to user workflows required. Safeguard, when acting as a proxy gateway, can act as a network router, unseen to both the user and the server. Admins can continue to use their normal client programs and access target servers and systems without disrupting their everyday routine.

    • Biometrics of user behavior: Even when performing identical operations like typing or moving a mouse, each person has his or her own unique pattern of behavior. These behavioral characteristics are examined by the Safeguard algorithms. Keystroke dynamics and mouse movement analysis aid in the detection of security breaches while also acting as a continuous biometric authentication system.

    • Favorites: Right from the login screen, quickly access the passwords you use the most. You can combine many password requests into a single favorite, allowing you to log into all of your accounts with a single click.

    • Discovery options: With host, directory, and network-discovery options, you can quickly find privileged accounts or systems on your network.

    Reviews from Real Users

    One Identity Safeguard stands out among its competitors for a number of reasons. Two major ones are its stability and its connection control. PeerSpot users take note of the advantages of these features in their reviews:

    One PeerSpot reviewer, a Software Solutions Architect at a computer software company, writes, “I have found the most useful feature of One Identity Safeguard to be Privileged Sessions. One Identity Safeguard is a stable solution.” He adds, “I rate One Identity Safeguard a nine out of ten.”

    Walid S., Networking and Security Engineer at a tech services company, mentions of the solution, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

    Sample Customers
    Horizon Beverage, Air Liquide, Gateway Bank of Florida
    Cavium
    Top Industries
    REVIEWERS
    Comms Service Provider21%
    Government14%
    Wholesaler/Distributor14%
    Computer Software Company14%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm40%
    Healthcare Company15%
    Manufacturing Company10%
    University5%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Manufacturing Company7%
    Government7%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise15%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise67%
    REVIEWERS
    Small Business36%
    Midsize Enterprise24%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    Buyer's Guide
    BeyondTrust Privileged Remote Access vs. One Identity Safeguard
    March 2024
    Free Report: BeyondTrust Privileged Remote Access vs. One Identity Safeguard
    Find out what your peers are saying about BeyondTrust Privileged Remote Access vs. One Identity Safeguard and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    767,995 professionals have used our research since 2012.

    BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. BeyondTrust Privileged Remote Access is rated 8.6, while One Identity Safeguard is rated 8.2. The top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, BeyondTrust Remote Support, BeyondTrust Password Safe, WALLIX Bastion and ARCON Privileged Access Management, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, Fudo PAM and ObserveIT. See our BeyondTrust Privileged Remote Access vs. One Identity Safeguard report.

    See our list of best Privileged Access Management (PAM) vendors.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.