• Home
  • BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access

BeyondTrust Password Safe vs BeyondTrust Privileged Remote Access comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access
March 2024
Executive Summary

We performed a comparison between BeyondTrust Password Safe and BeyondTrust Privileged Remote Access based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Hartmann OLLIVIER De MONTAGUERE
Protects privileged accounts and rotates passwords as soon as an event is triggered
My company's goal is to have mature security and privileged account management. It's mainly used for security purposes and to avoid the usage of... Read more →
Clement
Improved our network external access, which has been beneficial for our network security
It has almost removed all the burdens that we had due to partner interactions via the VPN. The portal is easy to use and the self-service is really... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The performance is good.""The actual innovations offered by the vendor stand out to me. They are quick to respond to market demands and the changing environment of privileged access management.""The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable.""Session recording, password rotation, and password vaulting are the most valuable features.""It is very easy to deploy. It's easy to use. That's the major thing I like about it.""One of the most valuable features is that this is a product designed with enterprises in mind.""It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc.""Its number one feature is discovery. The discovery engine in BeyondTrust is off the charts. When they perform a discovery, you know everything there is about a server, including what software is installed. For example, if you want to group all of your database servers together, you can do that by using discovery and Smart Rules. If a server has Microsoft SQL installed, it gets put into a group based on a Smart Rule. It makes it very easy to determine what is what in your environment. As organizations grow or acquire other companies and merge, they lose track of what they have. BeyondTrust can help you throw a rope around it very rapidly."

More BeyondTrust Password Safe Pros →

"Its initial setup process is straightforward.""Based on the feedback from my colleagues who have never complained about the technical support, I would say that the product's support team is good.""We can truly elevate our admin rights while we're in there to fully take control of a system and manage it as if it was sitting right here on our desk. Most of the organization has gone to remote work or work from home. With that being the case, this solution allows us to be able to still work with our end-users, even though they're not always sitting on our network.""I like the enterprise credential manager. It's a connector that sits in PRA and tests the credentials for the end user with a process that will clean the password. This is one of PRA's primary features and simplifies user onboarding. There aren't many restrictions or complications. We can add the user while only opening one port, which is more than enough to access the PRA server. Every organization requires only four critical servers out of a hundred and some 50 production servers.""I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature.""The scalability is excellent.""It is a real fortress. Its security is very strong. Multi-factor came as a feature out-of-the-box, which was big for us. That helps us meet another compliance requirement. It enforces encryption. Nobody can see what we are doing in our remote system if they happen to be listening for unencrypted traffic. That is its biggest strength.""PRA stands on its own as a full solution. This is important because it reduces the need to maintain a lot of different services. Also, the integration between those services are sometimes not easy to maintain. So, having a solution like BeyondTrust Privileged Remote Access reducing our workload gives us enough time to work on our other issues. The system just runs and does what it is supposed to do."

More BeyondTrust Privileged Remote Access Pros →

Cons
"The product needs to have better integration with SAP products.""There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones.""When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time.""Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit.""The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors.""The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms.""We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily.""We'd like to have incremental backups to ensure the solution's information is protected regularly."

More BeyondTrust Password Safe Cons →

"Its access process for third-party vendors needs to be simplified.""Some of the capabilities in the solution were not as available or not as outstanding as CyberArk. We had to manage whatever little was available for us, especially its recording capabilities, logs, and a number of things.""There is no connectivity to the appliance side. There is no API, and it is just difficult for me to capture what version the device is on without going in and doing screenshots. It is a little too secure in that regard, where they don't even trust their product owner. Since a lot of hacks come from the inside, they are probably doing what they need to do out of necessity. It is just that I have to work pretty hard to produce compliance data on the box.""The price is pretty expensive.""Multiple areas can be improved. We've seen lots of updates in the past year. They have a portal where we can submit our ideas. BeyondTrust is immediately implementing user suggestions. The UI could be more informative. Initially, there were two or three connectors, and now we have five or six. It would be nice if they added a few more connectors for third-party integration. There are multiple tools, but the clients may require more for their convenience.""The integration client, backup solution, and SSO setup and provisioning could be improved. There isn't any documented or supported user provisioning currently, which slows down the processes of onboarding and assigning permissions. I would like to see this improved soon.""In terms of the ability to automate the creation of new accounts within it, it's still a bit laborious.""The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required."

More BeyondTrust Privileged Remote Access Cons →

Pricing and Cost Advice
  • "It has subscription-based licensing. BeyondTrust is three times less expensive than CyberArk."
  • "This solution is not cheap—it's a very expensive solution. Very, very expensive compared to the features and functions that they offer."
  • "We just pay for Password Safe. Session management is included, but we don't use it. There aren't any additional costs besides the standard licensing fees. We pay for an annual license."
  • "The pricing of BeyondTrust is very good as compared to other products. That was the main reason we decided to go with BeyondTrust at first."
  • "At the time, BeyondTrust was significantly cheaper than CyberArk. Pricing-wise, if I remember correctly, it goes by assets. The pricing was negotiated for our instances based on the number of assets that we onboard into the system. It is a little different from CyberArk, where the pricing is by users. So, it depends. If you have a lot of assets, it can get very expensive."
  • "When you buy Password Safe and perform your initial Discovery, you have all these servers that are added to your assets in BeyondTrust, but you're not using a license until you actually start managing the systems. BeyondTrust's licensing is based on the systems when they're managed, which means when an administrator is able to connect to the server through BeyondTrust with a managed account. There would be a privileged account on the endpoint when the licensing starts. A significant advantage to that is that there are many organizations that want to evaluate their environment prior to automatic management."
  • "The pricing structure is better than the competitors. It's much cheaper than CyberArk. They do the licensing on the basis of assets, not on the number of users. For CyberArk, they base the licensing on the number of users, and they have an expensive model of pricing. BeyondTrust has a cheaper model."
  • "The product is quite affordable."

    • More BeyondTrust Password Safe Pricing and Cost Advice →

  • "The price is pretty expensive, but you get what you pay for and this is a great product."
  • "I wish it was a little bit cheaper, but when a product is as solid as this, I understand what the cost does. It helps them to make sure it stays that way. If you want a reliable, solid product, you're going to pay more."
  • "Don't get into a situation where you are licensing per desktop or per person until you fully understand the licensing."
  • "My client found the solution a bit expensive but considering their use case and requirements, they didn't have any other choice. As far as I know, implementation and licensing are the only costs."
  • "I wasn't directly involved in the licensing and pricing, but I can say that PRA is licensed per endpoint added to the Vault. I would advise users to take frequent exports of their license usage package; it's a simple feature that provides a spreadsheet of every machine in the Vault. This helps to cut down on duplicate licenses, which can happen by adding the same endpoint using an IP address and a fully qualified domain name, for instance. The implementation is an additional cost, and they offer several tiers, so the price varies. There are also some optional add-ons, so I would advise people to research the product well and find out precisely what they need regarding features. The Advanced Web Access add-on provides some required functionality when interfacing with websites; that's one to consider."
  • "Its price is pretty good for the features and services that it provides. It is not outrageous. I'm not aware of any additional charges or anything like that."
  • "PRA was one of the cheapest solutions that we evaluated."
  • "Though the solution was a bit expensive, the overall pricing was average."

    • More BeyondTrust Privileged Remote Access Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What is your experience regarding pricing and costs for BeyondTrust Passw...
    Top Answer:The pricing is nice. It is a yearly basis license. I would rate the pricing a seven out of ten, where one is cheap and ten is expensive.
    Read all 12 answers   →
    What needs improvement with BeyondTrust Password Safe?
    Top Answer:The pricing is not cheap, but it could be better.
    Read all 16 answers   →
    What is your primary use case for BeyondTrust Password Safe?
    Top Answer:The use cases are essentially the same as those for any PAM solution. Like addressing security compliance, securing the network against threats, and protecting all identities with intelligence and… more »
    Read all 16 answers   →
    What do you like most about BeyondTrust Privileged Remote Access?
    Top Answer:The product has improved remote support capabilities since it works fine.
    Read all 18 answers   →
    What needs improvement with BeyondTrust Privileged Remote Access?
    Top Answer:The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required. The product should be able to… more »
    Read all 17 answers   →
    What is your primary use case for BeyondTrust Privileged Remote Access?
    Top Answer:I use the tool in my lab. I am involved in the product's testing phase in my lab, where I am trying to check out the solution.
    Read all 16 answers   →
    Ranking
    7th
    out of 48 in Privileged Access Management (PAM)
    Views
    831
    Comparisons
    534
    Reviews
    15
    Average Words per Review
    1,168
    Rating
    8.0
    3rd
    out of 48 in Privileged Access Management (PAM)
    Views
    2,454
    Comparisons
    1,595
    Reviews
    16
    Average Words per Review
    1,299
    Rating
    8.4
    Comparisons
    Also Known As
    BeyondTrust PowerBroker Password Safe
    Bomgar Privileged Access
    Learn More
    BeyondTrust
    BeyondTrust
    Overview

    Beyond Trust Password Safe is an automated solution that combines password and privileged session management into a single platform. Password Safe delivers secure access control, auditing, alerting, recording, and monitoring.

    This free and open-source password manager supports Windows and Linux, and some ports are available for other platforms as well. Their proprietary algorithm, Twofish, is considered highly secure, with the advantage that it is not affiliated with NIST. The Twofish algorithm secures the data while keys are delivered using SHA-256 authentication.

    The application is easy to use, and you can download the Windows app from several sites. Additionally, the application is available in 14 languages.

    Beyond Trust Password Safe Key Features

    • Continuous automated account discovery: Scan, identify and profile assets with the discovery engine. The solution has dynamic categorization that enables the automated onboarding of assets into groups.

    • Application-to-application password management: Password Safe offers an adaptable API interface including an unlimited number of password caches, therefore providing scalability and redundancy.

    • Secure SSH key management: The system automatically rotates SSH keys to enforce granular access control and workflow. Private keys securely log users onto systems without exposing them.

    • Adaptive access control: Evaluates context and provides access requests by considering factors such as time of access and location to determine the user’s authorization level.

    • Enhanced privileged session management: Admins can record, lock, and document suspicious behavior without disrupting productivity by managing sessions live.

    • Advanced privileged threat analytics: Password Safe monitors assets and user behavior every day, analyzing what are normal patterns and detecting deviations.

    • Multi-factor authentication: Password Safe supports 2FA (two-factor authentication) using Yubikey 4, Nano, or Neo.

    What can you do with Password Safe?

    • Cross-device and cross-platform syncing: You can safely store encrypted password files online, where you can access them via Password Safe-compatible apps.

    • Drag and drop password: Password Safe has a “Dragbar,” which you can use to complete forms by dragging and dropping icons over the form - for example, passwords, usernames, design tiles, and emails.

    • Autotype: With Password Safe, when you click on a web page or login box, the autotype feature will try to fill in your credentials automatically for you.

    • Import and export: You can import passwords from text, XML, or CSV fails. You can also export passwords in text, XML, and the PSAFE format.

    • Password generator: Generate secure passwords by using the algorithm. You can also define your password rules.

    Beyond Trust Password Safe Benefits

    • Controls third-party access: Password Safe secures the connection and automatically checks privileged credentials. The solution records all sessions.

    • Uses context to determine access: Password Safe considers risk factors like location, day, or time of access and uses them to adjust the permissions and privileges of each user.

    • Manages access for privileged and non-privileged accounts: By integrating with SailPoint IdentityIQ, Password Safe effectively manages user access for privileged as well as non-privileged accounts.

    • Reduces cloud risk: Password Safe simplifies secure storage and session management. It supports major cloud providers such as Azure, Amazon, Google, Rackspace, and GoGrid. It also supports social networks - Facebook, LinkedIn, and Twitter.

    • Integrates password and privilege management: Integrates with Endpoint Privilege Management to control the resources users can access and the actions they are allowed to take

    Reviews from Real Users

    A PAM Architect at a tech services company says, "BeyondTrust Password Safe's features that I have found most valuable are really those that are knitted in. That is their Smart Rules and Smart Groups, where you design your administration model so you create your AD groups and your asset groups, and configure Password Safe."

    An I.S. Architect at a insurance company mentions that "Session recording, password rotation, and password vaulting are the most valuable features."

      "One of the most valuable features is that this is a product designed with enterprises in mind," adds a Cybersecurity Architect at a tech vendor.

          BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.

          Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.

          Features include:

          - Privileged Access Control: Enforce least privilege by giving users the right level of access.

          - Monitor Sessions: Control and monitor sessions using standard protocols for RDP, VNC, HTTP/S, and SSH connections.

          - Reduce the Attack Surface: Reduce attacks by consolidating the tracking, approval, and auditing of privileged accounts in one place and by creating a single access pathway.

          - Integrate with Password Management: Inject credentials directly into servers and systems with just one click, so users never need to know or see plain text credentials.

          - Mobile & Web Consoles: Use mobile apps or web-based consoles anytime, anywhere.

          - Audit & Compliance: Create audit trails, session forensics, and other reporting features by capturing detailed session data in real-time or post- session review, and provide attestation reports to prove compliance.

          Sample Customers
          Aera Energy LLC, Care New England, James Madison University
          Horizon Beverage, Air Liquide, Gateway Bank of Florida
          Top Industries
          REVIEWERS
          Financial Services Firm50%
          Insurance Company20%
          Security Firm10%
          Government10%
          VISITORS READING REVIEWS
          Financial Services Firm15%
          Computer Software Company14%
          Manufacturing Company9%
          Government7%
          REVIEWERS
          Comms Service Provider21%
          Security Firm14%
          Government14%
          Wholesaler/Distributor14%
          VISITORS READING REVIEWS
          Computer Software Company18%
          Financial Services Firm10%
          Government9%
          Manufacturing Company7%
          Company Size
          REVIEWERS
          Small Business50%
          Midsize Enterprise15%
          Large Enterprise35%
          VISITORS READING REVIEWS
          Small Business17%
          Midsize Enterprise12%
          Large Enterprise71%
          REVIEWERS
          Small Business50%
          Midsize Enterprise15%
          Large Enterprise35%
          VISITORS READING REVIEWS
          Small Business21%
          Midsize Enterprise13%
          Large Enterprise67%
          Buyer's Guide
          BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access
          March 2024
          Free Report: BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access
          Find out what your peers are saying about BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access and other solutions. Updated: March 2024.
          DOWNLOAD NOW
          768,857 professionals have used our research since 2012.

          BeyondTrust Password Safe is ranked 7th in Privileged Access Management (PAM) with 19 reviews while BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews. BeyondTrust Password Safe is rated 7.6, while BeyondTrust Privileged Remote Access is rated 8.6. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, CyberArk Enterprise Password Vault and Delinea Secret Server, whereas BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, BeyondTrust Remote Support, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service), WALLIX Bastion and Apache Guacamole. See our BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access report.

          See our list of best Privileged Access Management (PAM) vendors.

          We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.