We performed a comparison between BeyondTrust Password Safe and One Identity Safeguard based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"The performance is good."
"The solution protects organizations from internal and external threats."
"It is very easy to deploy. It's easy to use. That's the major thing I like about it."
"The CI/CD and REST API are also satisfactory; the solution has a full PAM feature set and they all work well."
"It simplifies your compliance and tracking to benchmark other credentials and analytics."
"It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc."
"Session recording, password rotation, and password vaulting are the most valuable features."
"The technical support is tremendous."
"The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
"We use the solution’s “transparent mode” feature for privileged sessions. It is very easy because it is only a simple configuration for our users. We don't have to modify our network. We install it, configure it, and it works. So, it is super easy. The rollout for our users is seamless."
"The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable."
"The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."
"I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server."
"I like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor."
"We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff."
"We'd like to have incremental backups to ensure the solution's information is protected regularly."
"The integration with Secure Remote Access must be improved."
"There are multiple features that have issues, although they could be specific to our environment. What we have seen is that whenever a user gets added to the authentication store, the sync between Password Safe and the authentication store, which is generally easy, takes a lot of time. It does not occur immediately."
"The pricing is not cheap, but it could be better."
"I think that BeyondTrust Password Safe could be improved with more testing. In the beginning, they were practically using customers as beta testers. Maybe the product has evolved since I last used it, but if you look at PAM, privileged access management, whatever's out there has already been done. I don't see there being any other enhancements that are being made regarding PAM, except to support more cloud-based applications."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"It has crashed on us in the past."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."
"One Identity Safeguard can improve by having more integration with multiple devices."
"We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now."
"From a usability perspective, what we are finding out is that our privileged domain admin users, in particular, want functionality for extending a checkout session. So we are working with One Identity support to see if there's an enhancement that can be made to the product."
"The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA."
"Even though we have two nodes, there's no way to do an upgrade without taking everything completely offline. It would be nice if they could improve that."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"For some users, the physical appliance has been a bit buggy."
BeyondTrust Password Safe is ranked 7th in Privileged Access Management (PAM) with 19 reviews while One Identity Safeguard is ranked 4th in Privileged Access Management (PAM) with 38 reviews. BeyondTrust Password Safe is rated 7.6, while One Identity Safeguard is rated 8.2. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of One Identity Safeguard writes "Provides us with centralized storage of secrets and credentials, and visibility into the use of privileged access". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, BeyondTrust Privileged Remote Access and CyberArk Enterprise Password Vault, whereas One Identity Safeguard is most compared with CyberArk Privileged Access Manager, WALLIX Bastion, Delinea Secret Server, BeyondTrust Privileged Remote Access and Fudo PAM. See our BeyondTrust Password Safe vs. One Identity Safeguard report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.