WALLIX Bastion Reviews

The major use cases for WALLIX Bastion are general privileged access management, such as connecting to a server or securing SSH.

I use the session monitoring feature of WALLIX Bastion. I also use session recording. The approval workflow helps us ensure that everyone has the right access at the right moment. I also use it for access recertification or certification of accesses because I can replay the approval workflow to be sure that the person still needs the access.

I do not find WALLIX Bastion easy to use and ergonomic, but I have no clue about how much it costs.

When I say it is not easy to use, I mean the interface is complex, but it might not be directly linked to the product; it might be linked to the way we implemented it in our context. The way we have to connect to a third Bastion and then launch another session bothers me. We also have some limitations, but I think this is linked to our context regarding how many times the session can stay open on the Windows session, which is not aligned with my needs. I am more of a promoter of other kinds of handling privileged access management with my use case, but it might not be linked to the tool; it is just because the implementation we made is not what I expect for my needs and it is not the way I want to work on my servers.

In the past, I used the leader in PAM but cannot remember the name. I was more satisfied because the connection was more straightforward: I click on a button, make my authentication, and have my servers open, and this is the way I want it. The UI was the main reason why I thought the previous tool I was using was better.

I have been using WALLIX Bastion for around three years, but I am not the one managing the PAM.

When I use WALLIX Bastion, it is stable.

I do not know if WALLIX Bastion is really scalable or if there are some limitations; I am just a user.

I do not know about the technical support.

In the past, I used the leader in PAM but cannot remember the name. I was more satisfied because the connection was more straightforward: I click on a button, make my authentication, and have my servers open, and this is the way I want it.

I do not have a clue about the installation of WALLIX Bastion; we are using a portal, and I have never had to install it on a server or anything like that.

We just bought WALLIX Bastion and we are managing it by ourselves.

The guys that are using it seem to be happy with it.

It is important for our ISO to be able to record and watch what someone has done.

WALLIX Bastion is a security tool that protects us, and I think we are protected with this tool. Even if it is not easy to use, it is still usable. I have given this product a rating of seven because the main objective is reached.

My primary use case is to make a training about Active Directory security. In my experience, I work with Bastion. I emphasize the importance of having a good knowledge of Bastion to avoid vulnerabilities.

It helps by providing some security features for administration, although it's crucial to be careful with its implementation.

Bastion provides a kind of isolation between the administration laptop and the server you want to administer. It offers session management, and you can make videos. Overall, Bastion has several useful features.

The main problem of Bastion, CyberArk, and WALLIX is that they have the same interface for both administration and users, which is not a good idea from a security perspective. Also, there should be more effort to increase the level of security.

I have been confronted with Bastion for more than six years.

Stability is good if defined as whether it works or not, but for additional security features, it can be more complicated. CyberArk is not completely stable as it depends on internet connection and architecture.

Bastion is not built for certain types of scaling, such as when a company buys another company and wants to use the same Bastion.

WALLIX support team is very good, although there are challenges with decision-making in implementing corrections.

Positive

I have worked more with WALLIX support than CyberArk support, but I cannot compare due to lack of experience with CyberArk's research team.

I do not know the pricing, setup cost, or licensing. It's difficult to compare without an identical infrastructure.

I know about CyberArk and WALLIX. I have used only these two.

Don't rate the solution with numerical values, as they can be misleading without proper knowledge.

I'd rate the solution five out of ten.

Neutral

Neutral

WALLIX Bastion is an open-source application that productizes and audits the connections made through the proxy. One use case is auditing CLI commands. Deploying Bastion isn't as straightforward. A PAM solution's most uncomplicated installation and setup is with SonaSecura, which can be completed in about seven to ten minutes. With WALLIX, it's more complex; it's not just about installing the device but also integrating it.

Bastionis controls all interactions passing through itself. When a connection is established through this system, it audits those connections very well.

The disadvantage is that they have to optimize it to use fewer resources. They have to go forward and add some technology to grow so fast.

It needs to meet certain PQI solutions, including single sign-on, multi-factor authentication, and TDS connections. To keep up with the growing market and increasing customer challenges, they need to enhance Bastion and accelerate its development.

It is 100% stable.

Scalability is medium to high.

CyberArk has developed a secure browser that operates solely in the cloud, which is impressive. However, in terms of pricing, SonaSecura is more affordable. WALLIX tends to be pricier and falls between BeyondTrust and One Identity, which are also closely priced. CyberArk is the most expensive option. Currently, SonaSecura and Fudo offer better value for their performance and stability SonaSecura could be close to an eight out of ten.

Deploying Bastion can take a couple of hours, depending on who's handling it. While it's not hard, upgrading or updating can be more challenging in CyberArk. With WALLIX, the integration with Microsoft can also introduce some difficulties.

You can use your Management Studio on your computer to access your database resources without needing a job server. When connecting to your database, you pass through the PAM. This means you write the database address as the SonaSecura server, but the credentials you use are proxied through SonaSecura to connect to the database. You'll see the same interface as before.

First, it's important for organizations to thoroughly understand Bastion. When considering a PAM solution, they should start by outlining their specific scenarios and objectives.

They should find the best solution that closely aligns with their needs. This process involves creating a detailed RFP. When comparing different solutions, they should ensure that at least 80% of their requirements are met by some of the options available. 

Overall, I rate the solution an eight out of ten.

Since we are a medical company, we use WALLIX Bastion to record the sessions to our secure servers that host HIPAA. We strictly monitor what people are doing on these machines. We use the solution to allow access and record sessions for what people are doing on these machines.

We use WALLIX Bastion to provide access and to monitor sessions.

WALLIX Bastion is GUI-driven, but it sometimes needs some management. The solution’s reporting and alerting could be improved.

I have been using WALLIX Bastion for five years.

I rate the solution’s stability an eight out of ten.

I rate the solution an eight or nine out of ten for scalability.

We did contact the solution's technical support a couple of times, and one case took a while to be resolved.

Neutral

We are primarily a Microsoft shop, and we feel that CyberArk is easier to use for Microsoft shops and the Microsoft products suite.

The solution's initial implementation was not complicated.

The solution's pricing is comparable to that of other products.

We restrict access to specific users. When users access, we record the sessions, and people are aware that the sessions are being recorded. The tool requires very low maintenance and can build a resilient environment. However, sometimes, some weird stuff happens because of probably some updates as it's running on a Linux kernel.

The solution's reporting is fine but not great. For its reporting and alerting features, I rate the solution an eight out of ten. I would recommend WALLIX Bastion to people who want to restrict access.

Overall, I rate the solution an eight out of ten.

WALLIX Bastion is one of the premium solutions that is very effective in PAM (Privileged Access Monitoring). One thing it does is secure identity with intelligent privilege control.

Another is essential management, and thirdly, it enables secure vendor and third-party access. Organizations with third-party vendors can use PAM to provide secure access. It ensures proper security and access control, allowing third parties-access to specific network segments. It also reduces risk by enhancing controlled visibility over privileged access for all users within the organization, both internal and privileged users.

For privileged users, it provides a unique password after verifying their details. This password allows access to servers or databases based on approval by the admin or the approving authority. It ensures continuous compliance, simplified with data reporting and deployment security. These features make it highly effective for cybersecurity.

Based on my experience as a sales tech person, one area of improvement could be a more unified licensing model.

For example, if you look at BeyondTrust, their licensing is more straightforward. They only ask about the number of assets you need to protect, and there's no additional cost for external users or third-party vendors.

With WALLIX Bastion, there's a separate fee for external users to access the environment. It would be great if they could unify the licensing so that customers don't have to pay separate fees for different types of users. It would make the pricing more transparent and easier to understand.

Even if the total cost stays the same, a unified approach would be much simpler and more convenient for customers. It's about clarity and ease of understanding.

The setup is not complex. It's very straightforward if an experienced person does the deployment. It's nice and fine.

The deployment time depends on the person doing it. It can be just in days, maybe two or three, depending on the user's competency.

In a complex environment, it might take longer, perhaps two to five days, due to the complexity and integration with security applications. In a non-complex environment, it might not take more than that. It depends on the complexity and the environment.

Customers pay for the license. The solution is cost-effective for licensing. There are two types of licensing for Bastion. You can subscribe based on assets or users.

If you choose asset licensing, it's based on the number of assets in the organization. For example, if you have 20,000 assets, you get a license for that. The number of users won't be an issue; it's unlimited. They won't be worried about the license.

The second type is user-based licensing. If you want 50 users to have privileged access, you pay for 50 licenses. If more people are added, you need additional licenses. Different organizations go for different types, and it's cost-effective, especially asset-based licensing.

It's very cost-effective. In fact, asset-based licensing is much more cost-effective compared to user-based licensing.

The solution has the best automation features.

There could be more automation features for the solution. Also, its user behavior analysis using machine learning needs improvement.

We have been using the solution for two years.

I rate the solution's stability an eight out of ten.

I rate the solution's scalability a seven out of ten.

The solution's technical support team helped us a lot.

Positive

I rate the solution's initial setup process an eight out of ten. It took five months to complete.

I rate the solution's pricing as a five out of ten.

We evaluated CyberArk and BeyondTrust. In comparison, the solution provides more flexibility in terms of usage.

I rate the solution a seven out of ten.

Within our company, there are roughly 200 employees that use this solution, including partners and outsourced employees.

There are two of us that handle all maintenance-related issues.

We have seen a lot of improvement, especially in regard to our forensic investigations. We have better data — not just faster, but better data.

The security, its video recording capabilities have definitely been key for us. The reason why we deployed this solution in the first place was for the video recording features. 

I have been using WALLIX Bastion for five years.

This solution is both very stable and scalable.

Their support is fine both locally and remotely; though we work with them much more remotely. I would say they're doing a good job.

The initial setup is pretty easy. It didn't take us that long time; I think it took one week in total. The integration and the performance of the system took some time to stabilize because, in the beginning, we had to do some complicated configurations.

We are currently considering installing another solution (CyberArk) because we want to separate our external access and internet access. We want to keep our internal access on WALLIX, and our external access on CyberArk.

For the purpose that it was built, WALLIX was the recommended tool. However, now that we are growing, we need some more flexibility. We can't put all of our eggs in the same basket. So, we decided to find an alternative to WALLIX, just to make sure that if we have some security issues on one side, we are not fully exposed — we have a backup plan. 

I wouldn't advise others to start with a huge license. Overall, on a scale from one to ten, I would give this solution a rating of seven.

There are some features we have not tested yet like two-factor authentication. If I had, maybe I could give it a higher rating. For me, the main issue has to do with the system performance itself. If you don't size it properly, it will be very difficult to handle. We bought our licenses based on the number of devices that we can manage, but it seems like we have a limitation on the number of people that can gain access, which has been pretty difficult to handle.

WALLIX Bastion's most valuable feature is the Access Manager because you can use it and access the data center without any client VPN.

The performance of WALLIX Bastion's password manager is very low.

I've been using WALLIX Bastion for three years.

WALLIX Bastion is very stable.

WALLIX Bastion is very scalable.

WALLIX Bastion's technical support is responsive, but their answers aren't precise.

Neutral

Previously, I worked with One Identity SPS, which is cheaper than WALLIX Bastion, but we switched because it has the Access Management module.

The initial setup is super easy - you can deploy all the components in one day, and it's usable in two.

WALLIX Bastion is a great solution that evolves with new features, unlike competitors like CyberArk. I would give WALLIX Bastion a rating of eight out of ten.