Delinea Secret Server Reviews

Our clients use this solution to manage privileged accounts, meaning their administrative accounts. Whether it's active directories, co-banking solutions, or databases, the solution will take over all the privileged accounts on the network or in the infrastructure. 

Number one is the password vault; it's very good. It helps our clients avoid having a lot of passwords out there.

Number two, they have a feature for remote desktops that are created on a per session basis, which is very good for security. They also integrate with service providers. Let's say I'm having Microsoft take a look at the active directory or something that went wrong. I can give them one-time access, and once they're done, the session ends and they don't have access to it anymore. These features are very helpful for my customers.

The setup for this solution is complex. I'm not going to lie, you need a specialized system security engineer to deploy it.

I have been working with this solution for about five years.

The solution is stable. 

The solution is scalable. 

Since I'm speaking as a system security engineer, most of the time we're able to solve any problems the customers have, unless there's a software problem that needs to go to the software development team at Thycotic, but most of the time there are no issues.

On a scale of one to five, with one being the worst and five being the best, I would say that the ease of deployment by a novice would be around a one or two, while a skilled engineer could deploy it around a three or four.  

Licensing depends on a lot of factors, but once they do the proper scoping for you I don't think their pricing is that bad. This is a privileged access management solution, so yes it's expensive, but if the scoping is done right, I think you get a return on your internal investment.

Like most of these solutions, it depends on the engineer who comes and sets it up the first time. If it is done correctly and they integrate the different systems correctly, it'll work fine within your environment and you shouldn't have any issues. Administration of the solution is easy once it is set up. 

I prefer Thycotic because of the security, the fact that it is easy to administer, and the features. I think it has very, very good features, so I'd recommend Thycotic over CyberArk and the rest.

When considering a privileged access management solution, I would advise people to do their homework and find out about the features. People get solutions for different reasons, and the plan is not as straightforward as it would be with a firewall where you know what you want to block or control. Do your homework because it's an expensive solution, regardless of who you're buying it from. Find out what features it has, and make sure that the features work for you so you don't buy an expensive solution just to have it parked.

I would rate this solution as an eight out of ten.

Delinea Secret Server is good for multi-platform support and hybrid cloud environment, it supports a mix of Linux and Windows programs.

The secret template, password rotation, and recording sessions are the most valuable.

They could improve the container platform and SPO. The cloud database technologies should be improved. The web browser isolation recording could be improved. When you do anything from the web portal, it cannot record properly. You can only record via remote desktop or secure share. But when the admin performs by web access we cannot record the session.

I have been using Delinea Secret Server for the past five years.

I have found that it is reliable. 

It is easy to scale and they support modular.

They are pretty good when it comes to basic support.  If you have questions or concerns beyond the basic support you have a fee-based professional service that takes over.

The initial setup is straightforward.

I used an in-house implementation.

The licensing costs around seventy thousand dollars annually.

I would rate Delinea Secret Server an eight out of ten.

One valuable feature is that it will support a dedicated database. Delinea provides multiple features, like reporting and remote password changes.

The UI needs improvement because the interface is a little clumsy.

I've been using it for almost two years.

It's stable.

It is scalable and is better than other solutions. We have 400 users in our company.

We can't say that technical support is good because they respond according to their time zone, and we are not in the same time zone. I would give them a six out of ten.

Neutral

The deployment was not difficult and took one and a half months.

We have an enterprise license as well as a user license and a support license.

I can recommend this solution and will rate it at eight on a scale from one to ten.

I use Delinea Secret Server for demonstration purposes while talking to clients, for internet access management, and user monitoring.

I like that it's user-friendly.

Support could be better. I have heard about a lot of problems in the Bangladesh market. People are saying that there are support issues. So, Delinea should focus on support and services.

I have been using Delinea Secret Server for one or two months.

Delinea Secret Server is a stable solution.

Delinea Secret Server is a scalable solution.

Technical support could be better. The support centers can't solve the issues.

On a scale from one to five, I will give technical support a two.

Neutral

The initial setup is straightforward. For demonstration purposes, it does not take much time. But it takes up to four months to go into production.

I would tell potential users that they should focus on local partners with a local support team. This is becasue Delinea can't resolve the issues these days. I have seen a lot of cases in Bangladesh where the OEM can't resolve the issues. The application server is full of logs, and sometimes it needs to clear all the logs and files because it can become slow. 

On a scale from one to ten, I would give Delinea Secret Server a six.

We intend to replace our pairing password management solution with something more enterprise-friendly.

We are currently conducting a demonstration with Thycotic Secret Server.

I've only used this solution a few times as a demo and haven't explored everything it has to offer, but I have experience integrating it with our Active Directory and setting up the server.

I like the one-way hash, as well as the ability to store it in the cloud and access it from anywhere.

I like the fact that you don't have to have separate databases for each department in your organization. 

They have one central location, that they all go to it. 

They all go to the same central location. If they leave, we can disable their account, reset their password, and integrate it with our Active Directory.

At this early stage, and based on my demo experience over the last two weeks, it appears to have more features than we require, but we can grow into it.

It's a great product. It seems that you could do your privileged access and things like that where you do the IEM. You could also make it so that those individuals have access for a set period of time to do their administration. These are the types of features we haven't really used, but I can see them being very useful. I can also see where they're going with this product, which is an all-in-one solution. 

It appears to be well-developed.

Although the password policy was interesting, the default setting was inadequate. As a result, we had to change it to be 20 characters with symbols. It was an odd process, but it was relatively simple to adjust.

I have been using the latest version of Thycotic Secret Server for a couple of weeks.

Thycotic Secret Server is a stable solution. We didn't encounter any bugs or glitches.

It appears to be pretty easy to scale.

We have fewer than ten people to test the demo in our organization.

We may decide to use this solution, and we are attempting to budget for it. We must sell the features and show that the extra cost is justified.

I have not contacted technical support. We had our representative involved, and he brought in a technical person to assist with the build, as well as being available to answer questions.

We are working with Jira.

The initial setup was fairly simple.

We are going from a free product, which isn't necessarily a fair comparison because it brings many things to the table, but it appears to be reasonably priced.

It would be beneficial if it were reduced.

I haven't tested many other products, but this one appears to be quite good. I believe it is comparable in the industry.

I haven't used this solution a lot, just in a demo capacity. I haven't explored all that it can office. I have worked on the integration with our Active Directory, and we set up the server.

I would rate Thycotic Secret Server an eight out of ten.

We have used Thycotic Secret Server for some secret management and integrated it with some applications. We mainly used it for Privileged Account Discovery and the management of them.

The discovery engine is really robust and flexible. It had some session management features that are better compared to some other vendors. Overall the GUI is very good and straightforward to operate compared to other solutions. For example, CyberArk and Hitachi tend to be hard to navigate.

When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations.

In an upcoming release, there should be more AI and machine learning features. Some of the competitors are leaning in this direction.

I have been using Thycotic Secret Server for approximately two years.

There can be some stability issues when you use the video record feature. You have to be careful when you turn on the video recording features and what you want to record because the data adds up quickly. There is a performance impact to your network as well, that has to be planned for. Users think it is a fancy feature and they want to use it but you have to plan ahead of time before you use it.

The solution is able to be scaled and it is not too difficult.

The last organization I implemented the solution in they have approximately 900 users using the solution.

The technical support is good. They were able to give us support when we needed it.

I have used other solutions, such as CyberArk and Hitachi.

The setup was straightforward.

When comparing the price of Thycotic Secret Server with other solutions it is reasonable.

My advice to those wanting to implement this solution is they should know their requirements. It is a great solution it fits your requirements. It is important to know what you need to integrate with and how.

I rate Thycotic Secret Server an eight out of ten.

The primary use case is managing access for user groups and individuals in a very large environment.  

One of the best things about Thycotic is that it is very easy-to-use. It is logical, it has well-designed screens and a nice GUI interface. It has good performance and is generally a pleasure to operate.  

If you look at Thycotic, it is a great product that has pretty much all the same features as CyberArk — which will be replacing it. There is not much difference between the two. We will be switching away from using Thycotic, however, before the end of the year.  

The catalyst for the change was a formal comparison of the two products that we did using each to evaluate how we would use it in solving actual use case issues. In the presentation of the scoring over specific categories, CyberArk had slightly better professional service marks and the same price. Besides that, the two products were neck-and-neck and almost identical in the scoring. CyberArk just came out just a little bit better than Thycotic in the details, and not by much at all. Be that as it may, the formal comparison is the reason for the change.  

Thycotic has been in use in our Healthcare system for four years.  

Thycotic is a rock-solid product. Our organization never had any issues with it.  

If you consider the shere physical size of the Healthcare environment, you can tell from that just how scalable the product is. Not every product can handle 55,000 network elements and 15,000 servers.  

The technical support for Thycotic is very good as might be expected. The members of the support team that I have been in contact with are very much on the ball. Thycotic has  excellent service staff.  

This will be the last year Thycotic will be in operation at Healthcare in Norway because it will be replaced by CyberArk at some time this year.  

I think there are some very small things in Thycotic which are a little harder to do, and that is only because the Healthcare environment is so large. Healthcare has 55,000 network elements and 15,000 servers. One of the few things that CyberArk does better than Thycotic is to more neatly group IT assets in smaller bundles using a 'safe' that could be assigned to groups or teams for access. By comparison, Thycotic — at least in the versions leading up to the competition — lists all the assets at one time, no matter how many there are. When there are lists which are 15,000 elements long, it is harder to locate items and divvy up the work. So it was some slight usability things like this that really made the difference in the outcome of our comparison.  

While this organizational feature in Thycotic was not so good, some other parts of the user interface that are included in it are really fabulous. Thycotic is more intuitive and it is more logical in many ways than CyberArk. So I really like the Thycotic product. But for this very large environment, it turned just to be slightly less applicable to our situation than its competition.  

As I probably indicate from my answer, if it was not for the fact that we did a formal comparison and scoring of the products — following the objective measures that we have to follow when we buy things in the public — we probably would have done well just keeping Thycotic. But when you follow the Government process and the idea is to be absolutely impartial, then the way the scoring is set up is the way it goes.  

I think the pricing of Thycotic and CyberArk products are very similar.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Thycotic as probably a nine. That is only because I have to rank them slightly lower after we decided to make the switch to CyberArk, and replacing a product that is a ten would not make a lot of sense. So a nine-out-of-ten it is.  

Thycotic is a product that is so friendly that it can be used by nearly anyone and everyone, and that is a good place to be. As for the limitations in a very large environment, Thycotic could invest in making changes in the product to handle structuring in a segmented way. It would be costly for Thycotic to make that investment, but for Healthcare as a user group, that would have been the difference. We have already bought another product, so we are not going to change our minds again, but it may be worth considering for the team at Thycotic.  

I would probably recommend Thycotic for most businesses because it is simpler and easier to deal with than CyberArk. So really, I would recommend it to all businesses except for the extremely large ones.  

We are a Thycotic partner. We use Thycotic extensively, and we also do a lot of implementations for them. Generally, it is for privilege access management and session recording capabilities. 

A few clients have used it as a proxy capability, and the functionality there is that the privileged accounts have access from their workstations to the servers. In order to get access, they have to be basically proxied through Thycotic for an SSH or RDP connection, and then you have a control capability for auditing and session recording.

We have used pretty much every version since 2018, including the latest version. We have deployed it to AWS and on-prem.

I like that it is Windows-based. It is good that primarily, it is not an appliance. Some of the other applications in the space, such as a Quest Software CPAM or a Safeguard, are appliances, so you can't deploy the ends of them. With Thycotic, you can either install your Temporal Protection module physically in the VM host, or you can use BouncyCastle for high-security module capabilities.

One thing that I wish they would do is to have a Kubernetes or container-based deployment supported, but they're not quite there yet. Containerization or support for containerization would be fantastic.

I have been using this solution since 2018.

There is nothing major. There were minor things that were really edge cases. We've had an issue in 2019 where if you went through the web interface to change your password, the agent that actually did the password change on the backend would go and make the change to the main controller or the active directory domain controller. After that, without waiting long enough for the change to finish committing, meaning waiting for zero nanoseconds, it would go and check to see if the change had been accomplished. So, they introduced a slight delay of two to three milliseconds, and that fixed the problem. It was really straightforward, but it took a little while to demonstrate what the actual problem was.

With our latest versions, the scalability is very good. They have a scale-out and scale-up capability depending on what your needs are and how distributed you want the capabilities to be. I don't know any other products on the market that are better at scaling.

We have deployed it to small organizations with 10,000 users. Our largest organization has 10 million users.

I would rate them a nine out of 10. You get forwarded around a bit, but you actually get somebody who can really help and solve the problem for you.

It is very straightforward. We generally do an automated deployment by using a script-based capability that we've created. It works out really well. 

It is a kind of self-serving advice, but I would advise getting a partner to deploy it for you. There are a lot of really good partners out there, not just us.

In terms of the maturity of their product, there are a lot of Enterprise capabilities that they haven't yet brought into the market, but after it has been called out to them that there is a customer who needs a capability, they're very quick and responsive around doing development to get that capability in, which is something I like. There was an Enterprise scalability capability where you have high availability and multi-site failover. One of the versions that they had back in the 2018 and 2019 timeframe did not support that capability. We called out some recommendations to them, and they had it in the product in the next major revision.

I would rate Thycotic Secret Server a 10 out of 10 because I am not familiar with any products that are capable of going on-prem and have a superior function set.