We performed a comparison between BeyondTrust Password Safe and BeyondTrust Privileged Remote Access based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The performance is good."
"The actual innovations offered by the vendor stand out to me. They are quick to respond to market demands and the changing environment of privileged access management."
"The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"Session recording, password rotation, and password vaulting are the most valuable features."
"It is very easy to deploy. It's easy to use. That's the major thing I like about it."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc."
"Its number one feature is discovery. The discovery engine in BeyondTrust is off the charts. When they perform a discovery, you know everything there is about a server, including what software is installed. For example, if you want to group all of your database servers together, you can do that by using discovery and Smart Rules. If a server has Microsoft SQL installed, it gets put into a group based on a Smart Rule. It makes it very easy to determine what is what in your environment. As organizations grow or acquire other companies and merge, they lose track of what they have. BeyondTrust can help you throw a rope around it very rapidly."
"Its initial setup process is straightforward."
"Based on the feedback from my colleagues who have never complained about the technical support, I would say that the product's support team is good."
"We can truly elevate our admin rights while we're in there to fully take control of a system and manage it as if it was sitting right here on our desk. Most of the organization has gone to remote work or work from home. With that being the case, this solution allows us to be able to still work with our end-users, even though they're not always sitting on our network."
"I like the enterprise credential manager. It's a connector that sits in PRA and tests the credentials for the end user with a process that will clean the password. This is one of PRA's primary features and simplifies user onboarding. There aren't many restrictions or complications. We can add the user while only opening one port, which is more than enough to access the PRA server. Every organization requires only four critical servers out of a hundred and some 50 production servers."
"I like all of it. You can access computers that are on a DMZ. You can access computers that are off the network and on the network. You pretty much have access to computers wherever they are. As long as they have the client on them, you can get to them. So, it is convenient, but its main feature is that you can use your smart card to elevate your privileges remotely. That's a great feature."
"The scalability is excellent."
"It is a real fortress. Its security is very strong. Multi-factor came as a feature out-of-the-box, which was big for us. That helps us meet another compliance requirement. It enforces encryption. Nobody can see what we are doing in our remote system if they happen to be listening for unencrypted traffic. That is its biggest strength."
"PRA stands on its own as a full solution. This is important because it reduces the need to maintain a lot of different services. Also, the integration between those services are sometimes not easy to maintain. So, having a solution like BeyondTrust Privileged Remote Access reducing our workload gives us enough time to work on our other issues. The system just runs and does what it is supposed to do."
"The product needs to have better integration with SAP products."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"We'd like to have incremental backups to ensure the solution's information is protected regularly."
"Its access process for third-party vendors needs to be simplified."
"Some of the capabilities in the solution were not as available or not as outstanding as CyberArk. We had to manage whatever little was available for us, especially its recording capabilities, logs, and a number of things."
"There is no connectivity to the appliance side. There is no API, and it is just difficult for me to capture what version the device is on without going in and doing screenshots. It is a little too secure in that regard, where they don't even trust their product owner. Since a lot of hacks come from the inside, they are probably doing what they need to do out of necessity. It is just that I have to work pretty hard to produce compliance data on the box."
"The price is pretty expensive."
"Multiple areas can be improved. We've seen lots of updates in the past year. They have a portal where we can submit our ideas. BeyondTrust is immediately implementing user suggestions. The UI could be more informative. Initially, there were two or three connectors, and now we have five or six. It would be nice if they added a few more connectors for third-party integration. There are multiple tools, but the clients may require more for their convenience."
"The integration client, backup solution, and SSO setup and provisioning could be improved. There isn't any documented or supported user provisioning currently, which slows down the processes of onboarding and assigning permissions. I would like to see this improved soon."
"In terms of the ability to automate the creation of new accounts within it, it's still a bit laborious."
"The issue I found with the product revolves around the fact that RDP and SSH sessions take too much time, making it an area of concern where improvements are required."
More BeyondTrust Privileged Remote Access Pricing and Cost Advice →
BeyondTrust Password Safe is ranked 7th in Privileged Access Management (PAM) with 19 reviews while BeyondTrust Privileged Remote Access is ranked 3rd in Privileged Access Management (PAM) with 21 reviews. BeyondTrust Password Safe is rated 7.6, while BeyondTrust Privileged Remote Access is rated 8.6. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of BeyondTrust Privileged Remote Access writes "Our support team can do so much more without having to actively engage our customers, which saves us time and money". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, CyberArk Enterprise Password Vault and Delinea Secret Server, whereas BeyondTrust Privileged Remote Access is most compared with CyberArk Privileged Access Manager, BeyondTrust Remote Support, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service), WALLIX Bastion and Apache Guacamole. See our BeyondTrust Password Safe vs. BeyondTrust Privileged Remote Access report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.