• Home
  • One Identity Active Roles vs. One Identity Safeguard

One Identity Active Roles vs One Identity Safeguard comparison

Cancel
You must select at least 2 products to compare!
One Identity Logo

One Identity Active Roles

Read 17 One Identity Active Roles reviews
1,783 views|742 comparisons
100% willing to recommend
One Identity Logo

One Identity Safeguard

Read 38 One Identity Safeguard reviews
3,663 views|1,572 comparisons
90% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
User Provisioning Software
April 2024
Executive Summary

We performed a comparison between One Identity Active Roles and One Identity Safeguard based on real PeerSpot user reviews.

Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software.
To learn more, read our detailed User Provisioning Software Report (Updated: April 2024).
Download the complete report
768,246 professionals have used our research since 2012.
Featured Review
SameerPalav
Enables zero trust security with hybrid AD find delegation and role-based access control
The solution enables us to create a user in the cloud and give them access to resources through a single workflow which is important to all our... Read more →
Reviewer7009881
Offers high availability and enables end users to deploy the solution with 99.999 percent uptime
The situation as it was seven years ago, the usability and functionality of Safeguard were like three key questions in the case of Safeguard.... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see.""In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well.""With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems.""Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated.""Active Roles improved the management of users, groups, and AD objects in the organization.""The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes.""It gives us attribute-level control and the AD management features work very well.""Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."

More One Identity Active Roles Pros →

"I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server.""Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security.""The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between.""We use the solution’s “transparent mode” feature for privileged sessions. It is very easy because it is only a simple configuration for our users. We don't have to modify our network. We install it, configure it, and it works. So, it is super easy. The rollout for our users is seamless.""One of the most important things is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product.""I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier.""The Transparent Mode is the number one advantage of the product.""The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration. In actuality, all the features are valuable. They're good, user-friendly."

More One Identity Safeguard Pros →

Cons
"The solution needs an attestation process that includes certification and recertification attestation.""The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint.""It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch.""Most of the time it just works.""The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there.""The way you can search groups could be better.""In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets.""When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."

More One Identity Active Roles Cons →

"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated.""Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature.""We have issues using Safeguard to connect to and record from the cloud. Currently, they don't have a mechanism to record this type of connection.""The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA.""We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what.""There is room for improvement in the launch module. They built in a launch button but they don't have effective instructions for configuring it to allow it to launch an RDP session. They're working on that, but the button is in the live product. If they were going to install something that wasn't useful, they should have just disabled it and not rolled it out with the product.""Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service.""I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal."

More One Identity Safeguard Cons →

Pricing and Cost Advice
  • "The licensing model is a simple user-based model, not that much complicated."
  • "The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
  • "The pricing is on the higher end."
  • "It's fairly priced."
  • "It's expensive."

    • More One Identity Active Roles Pricing and Cost Advice →

  • "Setup cost, pricing and licensing are all very expensive."
  • "Our licensing costs are on a yearly basis."
  • "It was definitely cheaper than the other two products that we evaluated."
  • "They offer a fair price for a robust solution."
  • "The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."
  • "It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
  • "The pricing is about $80,000 per 100 servers. There are few elective costs."
  • "We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."

    • More One Identity Safeguard Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which User Provisioning Software solutions are best for your needs.
    See Recommendations
    768,246 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about One Identity Active Roles?
    Top Answer:The solution is stable.
    Read all 13 answers   →
    What is your experience regarding pricing and costs for One Identity Acti...
    Top Answer:The solution is fairly priced. That said, I have nothing to compare it to.
    Read all 6 answers   →
    What needs improvement with One Identity Active Roles?
    Top Answer:The solution has not enabled us to reduce password reset times. It has not automated provisioning. The group attestation could be improved. It was a feature that was available in version 5. You can… more »
    Read all 13 answers   →
    What do you like most about One Identity Safeguard?
    Top Answer:The identity discovery is good, and the performance is pretty good value.
    Read all 31 answers   →
    What is your experience regarding pricing and costs for One Identity Safe...
    Top Answer:They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base. Usually, they start at one price, and when you start pricing the competition, you… more »
    Read all 18 answers   →
    What needs improvement with One Identity Safeguard?
    Top Answer:Something for One Identity to look at is having integration guidelines for how to logically group accounts. This is always something you need people to do. It would be especially helpful when you have… more »
    Read all 29 answers   →
    Ranking
    5th
    out of 24 in User Provisioning Software
    Views
    1,783
    Comparisons
    742
    Reviews
    5
    Average Words per Review
    673
    Rating
    8.0
    5th
    out of 48 in Privileged Access Management (PAM)
    Views
    3,663
    Comparisons
    1,572
    Reviews
    14
    Average Words per Review
    950
    Rating
    7.7
    Comparisons
    Also Known As
    Quest Active Roles
    Learn More
    One Identity
    One Identity
    Overview

    One Identity Active Roles is a highly regarded solution for Active Directory (AD) security and account management. One Identity Active Roles will enhance group, account, and directory management while eradicating the need for manual processes. The end result is a significant increase in the overall speed, efficiency, and security of the organization.

    Using One Identity Active Roles, users can:

    • Easily increase and strengthen native attributes of Active Directory (AD) and Azure AD.

    • Quickly unify and automate group and account management while protecting and securing critical administrative access.

    • Free up valuable resources to concentrate on other IT tasks, fully confident that your user permissions, critical data, and privileged access are safe and secure.

    Managing accounts in AD and Azure AD can be tremendously challenging; continually keeping these important systems safe and secure presents an even greater challenge. Traditional tools can be inefficient, error-prone, and very disjointed. In today’s robust marketplace, organizations are finding it somewhat difficult to keep pace with the constant access changes in a hybrid AD ecosystem. Additionally, there are significant security issues to consider (government compliance, employee status/access changes, and other confidential business requirements). And, of course, there is a requirement to properly manage Active Directory and Azure Active Directory access in addition to managing all the other numerous SaaS and non-Windows applications that organizations use today.

    Users can easily automate all of these tedious, mundane administrative tasks, keeping their systems safe and error-free. Active Roles ensures users can perform their job responsibilities more effectively, more efficiently, and with minimal manual intervention. Active Roles was created with a flexible design, so organizations can easily scale to meet your organizational needs, today, tomorrow, and in the foreseeable future.

    Reviews from Real Users

    A PeerSpot user who is a Network Analyst at a government tells us, “It has eliminated admin tasks that were bogging down our IT department. Before we started using Active Roles, if one of our frontline staff members deleted a user or group, it could take several hours to try to reverse that mistake. Whereas now, the most our frontline staff can do is a deprovision, which just disables everything in the background, but it's still there. We can go in and have it back the way it was two minutes later. Instead of it taking two hours, it only takes two minutes.

    Becky P., Sr Business Analyst at George Washington University, shares, “In addition, with the use of workflows and the scheduled tasks, we were able to automate and centrally manage a number of the processes as well as utilize them to work around other product limitations. Those include, but are not limited to syncing larger groups, which have 50,000 plus members, to Azure AD. We sync up to Azure AD using ARS. If we had not already had ARS in place, it would have been impossible for us to have done so in the time period we did it in. We did it in under six months. ARS probably saves us at least two weeks out of every month. It's reduced our workload by 50 percent, easily.”

    One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.

    One Identity Safeguard Features

    One Identity Safeguard has many valuable key features. Some of the most useful ones include:

    • Policy-based release control: Seek access and approve privileged passwords and sessions using a secure online browser that supports mobile devices. Depending on your organization's policies, requests can be authorized immediately or require dual/multiple approvals. You can set One Identity Safeguard to match your personalized needs, whether your policies consider the requestor's identity and level of access, the time and day of the request attempt, and/or the specific resource requested. You can also enter reason codes and/or connect to ticketing systems.

    • Vault for personal passwords: In a free personal password vault, every one of your employees can keep and generate random passwords for non-federated business accounts. This allows your company to use a sanctioned tool to securely share and retrieve passwords, giving you much-needed security and visibility into your company's accounts.

    • Auditing, recording, and replaying entire sessions: All session activity is collected, indexed, and kept in tamper-proof audit trails that can be viewed like a video and searched like a database, down to the keystrokes, mouse movements, and windows viewed. Security teams can search across sessions for certain events and play the recording from the exact point where the search criterion happened. For forensics and compliance purposes, audit trails are encrypted, time-stamped, and cryptographically signed.

    • Approval in any location: Approve or refuse requests from anywhere, using One Identity Starling Two-Factor Authentication, without having to connect to a VPN.
    • Instantly on: Safeguard for Privileged Sessions can be implemented in a transparent manner, with no changes to user workflows required. Safeguard, when acting as a proxy gateway, can act as a network router, unseen to both the user and the server. Admins can continue to use their normal client programs and access target servers and systems without disrupting their everyday routine.

    • Biometrics of user behavior: Even when performing identical operations like typing or moving a mouse, each person has his or her own unique pattern of behavior. These behavioral characteristics are examined by the Safeguard algorithms. Keystroke dynamics and mouse movement analysis aid in the detection of security breaches while also acting as a continuous biometric authentication system.

    • Favorites: Right from the login screen, quickly access the passwords you use the most. You can combine many password requests into a single favorite, allowing you to log into all of your accounts with a single click.

    • Discovery options: With host, directory, and network-discovery options, you can quickly find privileged accounts or systems on your network.

    Reviews from Real Users

    One Identity Safeguard stands out among its competitors for a number of reasons. Two major ones are its stability and its connection control. PeerSpot users take note of the advantages of these features in their reviews:

    One PeerSpot reviewer, a Software Solutions Architect at a computer software company, writes, “I have found the most useful feature of One Identity Safeguard to be Privileged Sessions. One Identity Safeguard is a stable solution.” He adds, “I rate One Identity Safeguard a nine out of ten.”

    Walid S., Networking and Security Engineer at a tech services company, mentions of the solution, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

    Sample Customers
    City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
    Cavium
    Top Industries
    REVIEWERS
    Aerospace/Defense Firm18%
    Financial Services Firm18%
    Consumer Goods Company9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government9%
    Healthcare Company8%
    REVIEWERS
    Financial Services Firm40%
    Healthcare Company15%
    Manufacturing Company10%
    Recreational Facilities/Services Company5%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm12%
    Manufacturing Company7%
    Government7%
    Company Size
    REVIEWERS
    Small Business28%
    Midsize Enterprise6%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise68%
    REVIEWERS
    Small Business36%
    Midsize Enterprise24%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    Buyer's Guide
    User Provisioning Software
    April 2024
    Download Free Report
    Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software. Updated: April 2024.
    DOWNLOAD NOW
    768,246 professionals have used our research since 2012.

    One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while One Identity Safeguard is ranked 5th in Privileged Access Management (PAM) with 38 reviews. One Identity Active Roles is rated 8.6, while One Identity Safeguard is rated 8.2. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access and Fudo PAM.

    We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.