BeyondTrust Privileged Remote Access Reviews

We use the tool for vendor access, providing secure vendor access to manage systems. Most of our use cases involve selling the product for vendor access with high privileges. 

We also use it when users want to work from a home office on their systems. BeyondTrust Privileged Remote Access helps vendors connect into the hospital to their specific systems to update and manage these systems.

Our primary use case for the product is supporting vendors in securely managing customer systems. BeyondTrust Privileged Remote Access plays a fundamental role in cost reduction as it eliminates the need for on-site services, allowing vendors to provide remote support. For example, it enables a technician from China to provide remote assistance, which significantly reduces costs for hospitals.

Our company provides a software/platform as a service to state and local governments, municipalities, and provinces. Since all of those need to be NIST 800-54 and FedRAMP compliant, we needed a privileged remote access tool to take care of that access piece. BeyondTrust fills that piece for us.

It certainly has made secure access something that is embraced rather than fought. People are willing to use the tool. That probably is the most significant thing about the product. It's easy, they like it, and it keeps us secure. Within three months, we started to realize the benefit of the product.

We use it for remote support for our clients. The main reason we use it is that it allows us to elevate our privileges remotely. While we're using it or supporting the users, we can elevate our smart card.

We are currently using the latest available version of Bomgar. In terms of deployment, we like to have solutions like this on-prem, but it is good to know that it is available in the cloud because we are moving a lot towards the cloud. In the future, once this appliance dies out, we might just transition over to a cloud version. It is good to know that we have the flexibility to do that.

It is the software that our call center uses all the time, and it is very important for us that Privileged Remote Access doesn't require a VPN. Otherwise, if the VPN is down or something like that, we won't be able to access a computer. With PRA, we're able to get to them even if the VPN is down.

The security provided by PRA when it comes to access for remote and privileged users is great. It is really good. They take a lot of interest and put effort into making sure that the product is very secure because everything has to go through the appliance.

It is easy to do things and set up everything. We have it integrated with Active Directory. So, the customer service group can log in really quickly and easily whenever they need to assist someone. It is a great product. I have no issue with it.

It is used by our IT engineers and customer services team. One of its great features is that you can install it on computers in the DMZ to which they usually don't have network access. They can then use it to access them. Because we all have to use our smart cards to log in, the ability to pass the smart card over to the client is the best thing. It is the golden feature that we like to use. It just makes it easier to quickly help people resolve any issues. A lot of times we try to monitor the computer in different ways, such as through on-calls, and it lets us in. If the elevator screen comes up, you can still view the screen, whereas if you are sharing your screen on Teams or something like that, it might blank out when you elevate your privileges. It is a necessary tool that we have. It is deeply integrated into our process.

It is very important that through the use of PRA, there is no need to share passwords with users. That's very much needed. We definitely don't want to share passwords with the clients. It is a highly needed feature, and it is great that we have that ability.

It offers SSO authentication, which is very important because it allows secure transmissions. We know that no one is eavesdropping. It meets all the latest security requirements. They're doing away with a lot of the older formats.

It is pretty good in terms of session auditing and monitoring of third-party and remote-worker access. It is very detailed, and it is very granular. I like the fact that it can record the actual session. You can pretty much audit anything.

It is remote support for our customers. We use it to connect to our clients.

We have a lot of external customers who don't have access to their networks. BeyondTrust helps us access our services inside their networks without the setup of that entire process.

Our use case has to be on-premises. We are not allowed to use cloud stuff. So, we need an on-premises solution. If that went away, we would have to find a new vendor. This is very important for us.

It is used 24/7, as we are a 24/7 operation. So, it is used all the time very extensively. We just increased usage of it last week, increasing our licenses and everything on them.

It is very important that Privileged Remote Access does not require a VPN. We don't have access to a lot of people's networks. We have a lot of external customers and BeyondTrust allows us to access our stuff on their premises without having to set up 20 VPNs or having different WeVPNs per customer. So, it simplifies the process of onboarding a new customer.

As a whole, Privileged Remote Access is very secure. We have never had a customer deny us having access to it. That is a huge plus for us as it is basically an industry standard at this point. The solution is very highly regarded by anyone and everyone who uses it. That is why we use them.

Since we use it mainly for support, our support team is able to do so much more without having to actively engage our customers. This saves us time and money, helping our customer get back up. Normally, when they are engaging with us, it is a support issue. Therefore, the faster that we can alleviate that support issue, the better it is for our customers. Also, the better it looks for us.

It helps us maintain connections to outside stuff without having to compromise our internal networks when accessing external clients.

It is very important to us that PRA stands on its own as a full solution because of the nature of some of our clients. We can't have too much coupled into our internal stuff versus the stuff that we use to interact with our clients. We use this solution because it is a standalone product that is highly regarded in our industry.

It is used for remote access for all our partners. We bought it to replace our VPN connection for all our third-party partners and providers.

All our sensitive services are required to be hosted on-premises. That is why we needed something that offered an on-premises solution.

It has almost removed all the burdens that we had due to partner interactions via the VPN. The portal is easy to use and the self-service is really well-designed. End users are able to work without a lot of intervention from our teams. Also, when there is an issue with a password or two-factor authentication, they can reset it using the self-service option. There is not much to do now when supporting external partners.

Privileged Remote Access has improved external access to our network, which has had a positive impact on our network security.

It is very important to us that, through use of PRA, there isn't a need to share passwords with users. One of the basic best practices for securities is to avoid sharing passwords. We try to enforce this in our organization, so this is something that is mandatory for us.

It is used 90% of the time by external vendors and partners. That is the main reason why we bought this product. In terms of an attack in the network, PRA limits the possibility of access into our internal networks. The only point where they have access is PRA. According to its design, you can only access what has been configured. At the end of the day, we don't worry about what the external vendor can access on our internal network. We are just working on making sure that we give them the highest access to PRA.

In terms of security, PRA offers SSO authentication, which is a plus. It is very important to limit the use of multiple passwords, then we can just help a user focus on their jobs, not handling data passwords. 

We are an MSP, and we have customers actively using the solutions and the services. We do the backend administration and implementation, troubleshooting and incident handling, and other things like that.

Our use cases include adding users, adding environments to the system, and general and advanced configurations for users and environments. Those are just the standard regular use cases. Other than those, we handle platform maintenance, and platform restoration and recovery in case of an incident.

We also use PRA to provide access to third-party vendors. It restricts access only to the devices and only to a certain section of that device or environment that the vendor would need to access. It can also limit access in terms of time and time of day. Access can be subject to approval, which adds an additional layer of security, and we can also set in advance the number of days that that vendor will have access through PRA.

Since PRA eliminates the need for a VPN, this has translated into cost reduction and reduced complexity. PRA has eliminated the human factor from managing critical credentials; it has restricted access only to specified devices and only on specific ports. The solution provides very restricted and very specific access, both in terms of the endpoints of devices being accessed and in terms of the protocols that are available to initiate the session.

We have two use cases. We have it for the PAM, Privileged Identity (PI), the Vault solution, and Password List. We also have it on the desktop side of the house for our admin accounts.

Our network requires that Privileged Remote Access (PRA) does not require a VPN.

We are extensively using Privileged Identity, but not PRA.

We are one version back from the latest.

PRA only works in our Windows environment. It has helped us with not being able to see the password for our security reasons, but only in a subset of our environment. We only use it for password injection. We wanted it for all platforms, but it doesn't work. So, it is only used in our Windows environment.

It met a NIS control in which we needed to not have passwords visible to users because of malicious activity that happened to our company. That is the only positive effect that it has had so far. We have been able to go to the Windows platform and inject the passwords without people viewing passwords. It is not helping us with our Linux or cloud environments.

For the most part, it has been meeting our requirements for safe controls and just-in-time access.

I work for a massive company. They have 6,000-plus servers integrated into the PRA solution. BeyondTrust is a remote solution for administrators and other privileged accounts across the organization. It controls access to critical servers, domain controllers, Active Directory, Exchange, or any client servers they'll be using. Right now, there are about 10 products on the market globally, and BeyondTrust is the market leader. Within BeyondTrust, there are multiple sub-products, including Password Safe, Privileged Remote Access (PRA), and Endpoint Protection. PRA is unique among BeyondTrust products and other solutions.

We use Password Safe to store all the passwords in a vault, indicating when a privileged user attempts to access a privileged account on a server. PRA doesn't provide direct access to the process. Instead, we'll provide PRA access to Password Safe through a connector. In other words, the user doesn't have access to the critical account via Password Safe. 

Whenever a user wants to initiate a session, they will log into Password Safe, which will inject the credentials. PRA limits access to Password Safe itself. Only a Password Safe engineer has access to that solution, and the engineer is responsible for onboarding the servers and end users. The user will initiate the session via PRA, which will retrieve the credentials. In addition to this core feature, it has reporting tools to record sessions, providing a list of clear logs. 

Right now, BeyondTrust is an on-premise solution. We have a cloud version, but we are not using it. Eventually, we plan to move it to the cloud. BeyondTrust is being used extensively in our organization. There are between 100 and 130 concurrent sessions daily. Our server can easily maintain that usage level, so we don't need to add another. 

Using BeyondTrust has made our end users happy because they have trouble logging into multiple sessions. Now, they only need to open the client to start a session. It has shortened and simplified various processes, like approval requests. They can do several sessions, with a session time of 15 minutes. 

From an administrative point of view, BeyondTrust has streamlined user onboarding, a never-ending process. Every day, we are onboarding and deactivating users on the server. It's easy, and I don't need to change passwords or worry about who has access. My users access the servers through PRA exclusively. It's enough to remove a user's access to the server from PRA. Later, I can clean up the password or access control.

I can remove user access with one click, then figure out the other offboarding activities later. It's convenient for an administrator and the end users. Every channel has been monitored and recorded, so it's highly secure.

After getting the password, a user can initiate a direct connection to the target server. Any user working on a server can log into Password Safe to pull the password and store it somewhere. Next time, they won't need to log in to Password Safe. After that, they will directly initiate the session. PRA has a connector that allows it to retrieve the password. 

PRA also doesn't require a VPN, which is a substantial cost saving for our organization. In the past, we needed a VPN license for every administrator operating from home to connect to the server. That's a massive expenditure. By implementing PRA, we could completely get rid of our VPN solution. It works like Microsoft but allows direct access, so I don't need to worry about a VPN. I log in to my PRA control and initiate the session. It's easy for any user. A domain name is more than enough. I can log into my PRA control, and I'll be able to access my server.