IT Central Station is now PeerSpot: Here's why

One Identity Safeguard OverviewUNIXBusinessApplication

One Identity Safeguard is #2 ranked solution in top User Behavior Analytics - UEBA tools and #3 ranked solution in top Privileged Access Management (PAM) tools. PeerSpot users give One Identity Safeguard an average rating of 8 out of 10. One Identity Safeguard is most commonly compared to CyberArk Privileged Access Manager: One Identity Safeguard vs CyberArk Privileged Access Manager. One Identity Safeguard is popular among the large enterprise segment, accounting for 61% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 27% of all views.
One Identity Safeguard Buyer's Guide

Download the One Identity Safeguard Buyer's Guide including reviews and more. Updated: June 2022

What is One Identity Safeguard?

One Identity Safeguard is an integrated system that combines a secure, toughened password safe and a session management and monitoring solution with threat detection and analytics into one integrated solution. It stores, manages, records, and analyzes privileged access in a secure manner.

One Identity Safeguard Features

One Identity Safeguard has many valuable key features. Some of the most useful ones include:

  • Policy-based release control: Seek access and approve privileged passwords and sessions using a secure online browser that supports mobile devices. Depending on your organization's policies, requests can be authorized immediately or require dual/multiple approvals. You can set One Identity Safeguard to match your personalized needs, whether your policies consider the requestor's identity and level of access, the time and day of the request attempt, and/or the specific resource requested. You can also enter reason codes and/or connect to ticketing systems.

  • Vault for personal passwords: In a free personal password vault, every one of your employees can keep and generate random passwords for non-federated business accounts. This allows your company to use a sanctioned tool to securely share and retrieve passwords, giving you much-needed security and visibility into your company's accounts.

  • Auditing, recording, and replaying entire sessions: All session activity is collected, indexed, and kept in tamper-proof audit trails that can be viewed like a video and searched like a database, down to the keystrokes, mouse movements, and windows viewed. Security teams can search across sessions for certain events and play the recording from the exact point where the search criterion happened. For forensics and compliance purposes, audit trails are encrypted, time-stamped, and cryptographically signed.

  • Approval in any location: Approve or refuse requests from anywhere, using One Identity Starling Two-Factor Authentication, without having to connect to a VPN.
  • Instantly on: Safeguard for Privileged Sessions can be implemented in a transparent manner, with no changes to user workflows required. Safeguard, when acting as a proxy gateway, can act as a network router, unseen to both the user and the server. Admins can continue to use their normal client programs and access target servers and systems without disrupting their everyday routine.

  • Biometrics of user behavior: Even when performing identical operations like typing or moving a mouse, each person has his or her own unique pattern of behavior. These behavioral characteristics are examined by the Safeguard algorithms. Keystroke dynamics and mouse movement analysis aid in the detection of security breaches while also acting as a continuous biometric authentication system.

  • Favorites: Right from the login screen, quickly access the passwords you use the most. You can combine many password requests into a single favorite, allowing you to log into all of your accounts with a single click.

  • Discovery options: With host, directory, and network-discovery options, you can quickly find privileged accounts or systems on your network.

Reviews from Real Users

One Identity Safeguard stands out among its competitors for a number of reasons. Two major ones are its stability and its connection control. PeerSpot users take note of the advantages of these features in their reviews:

One PeerSpot reviewer, a Software Solutions Architect at a computer software company, writes, “I have found the most useful feature of One Identity Safeguard to be Privileged Sessions. One Identity Safeguard is a stable solution.” He adds, “I rate One Identity Safeguard a nine out of ten.”

Walid S., Networking and Security Engineer at a tech services company, mentions of the solution, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

One Identity Safeguard Customers

Cavium

One Identity Safeguard Video

One Identity Safeguard Pricing Advice

What users are saying about One Identity Safeguard pricing:
  • "We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."
  • "The pricing is about $80,000 per 100 servers. There are few elective costs."
  • "Safeguard is cheaper than CyberArk."
  • "As compared to other products, it is reasonable, but the training sessions are too expensive."
  • One Identity Safeguard Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Chief Information Security Officer at a financial services firm with 51-200 employees
    Real User
    Reduces operational costs and eliminates password sharing
    Pros and Cons
    • "We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. By using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required."
    • "The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region."

    What is our primary use case?

    Our company is regulated by the central bank in our country. There are about 4,000 employees in our organization.  Our main need was to reduce the operational cost of our department by increasing the window of operations to 24-hour rather than have office unemployment.  We are now digitizing the access control function through One Identity. Whoever forgets their password can reset it on their own rather than reaching out to the security desk. Whenever we have a new employee, we found that it was taking at least two days to get them a username or access to the system. Now, once they are logged into the organization and are registered on our ERP system, their complete access will be ready within five seconds. They will receive an SMS with their username and password so they can start working. This has increased efficiency and effectiveness of the access control function. It has reduced operational costs as well as providing services 24/7 with a platform that can be used anytime and anywhere for investigation in case we have a requirement.  We use the physical appliances, as they are more reliable. Around the world, dedicated appliances are more reliable than having a virtual version/copy. We went with the physical appliances because they are dedicated and closed like a black box. However, we haven't reported any misses with the virtual version. 

    What is most valuable?

    We use the solution’s Approval Anywhere feature which enables us to add an extra layer of security for critical passwords without adding time-consuming approval processes. In the past, we were having problems when a user went on vacation. There were many recalled cases of password sharing. When we received this type of incidence and started to investigate, we found out the past setup had no solution. For example, if someone with a daily duty went on vacation, they still had to do it within the office. That is why sometimes people tried to justify the sharing of passwords by the importance of their duties. Now, by using this platform, if someone goes on a vacation, out of office, or needs urgent/planned leave, then our setup will select the functions tied to that person and automatically delegate them to the next person. That person can start performing that duty based on their access. No sharing of passwords is required.

    What needs improvement?

    The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region. However, it matches our criteria and requirements overall. One Identity is using a third-party to create one-time passwords. Due to our security restrictions, we needed to build our own. When we discussed this with One Identity, "Why they don't provide a technology that can be hosted on our data center and be built by One Identity," they said they are using a third-party. This was their justification, so I think it's based on their strategy and there's no harm using a third party. However, we were having an issue using a third-party.

    For how long have I used the solution?

    I have using this solution for about six months. The project started about one year back. We started product introduction through phases. We went full-fledged with One Identity using Cloud Access Manager, Password Manager, and Privileged Access Management along with identity and access management.
    Buyer's Guide
    One Identity Safeguard
    June 2022
    Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    611,060 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    We have been trying to stabilize the system until now. We haven't had the chance to revisit the deployment to find out if there are any expansion plans, as we are working to sustain the set up. We want to increase end user awareness and start building the number of reports.

    What do I think about the scalability of the solution?

    I didn't have a requirement to test the scalability of the solution. We did discuss the scalability with the system integrator at the beginning, and it's on the license level. I don't think we will have an issue once we come to the point of needing to scale. We have 3,000 end users and 10 administrators.

    How are customer service and support?

    I haven't had a chance to work the One Identity technical team. We work with the local partner instead. None of my team has gone for training yet. However, they did have a handover for operation of the solution. It doesn't need that much training as long as you know the basics of access control functions. End users only need to have a tutorial to the portal. This is what we provide: a tutorial for how to use it and the know-how.

    Which solution did I use previously and why did I switch?

    We previously were using a manual process. One Identity helped us to automate this process.

    How was the initial setup?

    We integrated One Identity with our ERP system (Oracle) and also with our security operations center (Splunk). The integration went perfectly. It was an easy connection. We built the connectivity directly through the API. What we found time consuming: the setup and connecting One Identity. E.g., Oracle takes more time than Splunk to connect because Splunk's system is ready to send the security logs to the security operations centers. With Oracle, the integration depends on the business needs and there are a number of different requirements based on those business needs. The enhancement One Identity made is the historical part related to system access control goes through our SOC to this tool.

    What about the implementation team?

    My team worked on the initial setup. I don't remember any critical escalations related to technicalities during their field deployments. The local system integrator helped us with any deployment challenges. There was zero disruption to privilege users during the deployment, which can be attributed to the work of the project management team. The deployment took about six months using two outsourced resources. For the consultation services, we went with a well-known, famous system integration company (Exceed Gulf), who is local. They were cooperative, experienced, and professional. They have led many successful deployments in our region. Sometimes, they provide better advice when we are releasing an RFP to the market, e.g., when they got this RFP, they added value by doing a slight amendment to the deployment. This contributed a lot to the success of this project. Their advice comes based on their experience in the deployment for such a solution in our region. I strongly recommend working with Exceed Gulf and the same team that we worked with, as their technical skills were perfect.

    What was our ROI?

    We have not yet seen ROI. The benefit that we get from using One Identity is that it reduces operational costs.

    What's my experience with pricing, setup cost, and licensing?

    We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation.

    Which other solutions did I evaluate?

    When we started thinking about approaching such a solution, there was an increased need to digitize or have a platform that helped to provided access control functions. There were a number of solutions in the market, like Oracle and Microsoft. One Identity (per our evaluation) was our selected solution. One Identity won when we match these criteria against other solutions in the market: Support The system integrator Strength of the solution Complexity of the solution (less complex than other solutions).

    What other advice do I have?

    Make sure to always get the support. This solution could not be successfully implemented with no support of the HR and procurement system. You will need to mature all of your HR and procurement processes to do the deployment in a secure manner. This is a security solution, not an IT solution. If you want to deploy it as a security requirement, you need to ensure that the HR and procurement processes are correctly in place. You can use it as a technology solution, because not all the technology requires security, but all security requires technology. We haven't activated the session recordings yet. We have tested it, and while it worked successfully, we didn't apply it fully because of internal technical issues. All the logs in the system are recorded and sent to our security operations center (SOC) for analysis. In our SOC, we have end user behavior analysis, but do not depend directly on One Identity to provide this. However, I might ask to have a report for the user behavioral analysis going forward. I can rate the solution as an eight (out of 10).

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Martin Ajayiobe - PeerSpot reviewer
    Senior Vice President (Infrastructure Systems/Information Security) at MAXUT
    Real User
    Top 20
    This product is an excellent for controlling role-based access without administrative overhead
    Pros and Cons
    • "The Transparent Mode is the number one advantage of the product."
    • "It is generally easy-to-use and install."
    • "Being able to use a proxy server is an advantage."
    • "The product uses a lot of resources in current sessions."
    • "The Transparent Mode could be somewhat easier to use."

    What is our primary use case?

    With Safeguard, there are two virtual appliances. There is one that helps you manage passwords and then there is another one that helps you record the sessions. You can configure it to record whatever you do when you make the remote calls.  

    We use this solution for a bank. My current project is to onboard all the bank's security assets onto Safeguard. It will be used for admins to have secure access to the server.  

    What is most valuable?

    The part of this product that I like the most is the transparent mode. That is the number one advantage of the product. I also like the ease-of-use. That is what Quest is known for. The interface is interactive, relatively easy-to-use.  

    I like the fact that we are using a proxy server. Also, I like the fact that it is integrated in such a way that I can connect to my Linux and Unix resources using my AD credentials. They map the AD credentials to Linux accounts. So, when I am connected to my AD accounts, it acts as a sort of proxy to convert it to the Unix account that it is configured for. That is quite useful.  

    What needs improvement?

    The only part of the Safeguard solution that I think could be a problem over time is the amount of storage it takes in the sessions. For example, because it records in real-time video it takes a lot of resources. So, it has not been a problem yet, but we are looking at a solution where we allocate the cost of that additional capacity differently. Then there will be enough resources to compensate for whatever the storage needs are. It just takes a large amount of storage for each current session.  

    Another thing that I would like to see them improve is that I would like them to make the transparent board a little bit more transparent. The transparent mode is something I use often and it is the best feature of the product but that is also why I see how it can be improved. It might just be a little bit easier to use.  

    For how long have I used the solution?

    We are a long-time Quest partner and have only been using the product for the past five months. We just got onboarded to the One Identity product. This is my first project with One Identity.  

    What do I think about the stability of the solution?

    One of the things I really like about the One Identity solution is the fact that it can be configured in active-active cluster mode. It is just a little pricey because you have to purchase the additional licensing just to be able to do an active-active configuration.  

    But I like it also because it is a virtual appliance. This means I can configure a high-availability cluster anyhow I want. If I have it on a VMware cluster, I can enable high-availability or any virtual cluster solution that makes sure it is highly available. I would do that using VMware storage. This makes it a more stable and flexible solution.  

    The fact that I do not have to worry about other incidental things is good. I am not connected to an external database server. So all the dependencies, patching, and additional setup is something I do not have to do on the One Identity appliance. Everything is on a hardware appliance. In other words, I do not really even have to worry about securing my security device. It may not be the first thing to think about, but because you deployed a security device, now you have to worry about securing it. As it is all-in-one as a hardware appliance, I do not have to worry about all that.  

    What do I think about the scalability of the solution?

    We have not had any issues with scalability to this point and it is handling our capacity and needs. The only potential issue would be budgeting for additional licensing, which would not be a problem in our case, and handling the resource usage. These are not really limiting.  

    Between the banking client and our company, not everyone has been onboarded yet to the One Identity Safeguard. But in the end, we are looking at probably about 500 servers and I think a total of about 180 admins. This seems realistic using this product.  

    How are customer service and technical support?

    My impression of support is that the guys there are very helpful. They are eager to jump in and to help you out. Yes, I think it is a great service.  

    How was the initial setup?

    I think that the initial setup was very straight forward. Pretty much a piece of cake, actually. With our implementation strategy, the deployment actually took only about two hours. That is including the discovery of the assets. It is a relatively large enterprise network, so discovery can potentially take some time. This was very reasonable.  

    What's my experience with pricing, setup cost, and licensing?

    The approximate cost on a yearly basis is in the ballpark of about 80 grand, $80,000. That is for about 100 servers. That is the standard license fee. There are not really any additional costs once you purchase that. Sometimes you can have professional services included with it. For example, if you take a week of professional services or if you need them to do the install. That is the only additional charge.  

    Which other solutions did I evaluate?

    As a long-time Quest partner, this was an easy choice to make. Because we were already partners it made sense to work with their other solutions.  

    What other advice do I have?

    The advice I would give to organizations considering this solution would be that before they make a commitment they need to try to find a local support resource. They will want to be able to get local support because that can be critical. But otherwise, I think it is a good product and a good buy. I would buy it again. As a partner, I would also sell it again because I am confident in it as a product and a solution.  

    On a scale from one to ten, where one is the worst and ten is the best, I would rate the One Identity Safeguard solution as a nine-point-five out of ten. I'm very happy. If I have to choose an integer, it would have to be a nine. Ten would mean it is perfect and there are things I think can be improved.  

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Buyer's Guide
    One Identity Safeguard
    June 2022
    Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    611,060 professionals have used our research since 2012.
    Alexander Pirogov - PeerSpot reviewer
    Head of Department of Technical Means of Protection at BrokerCreditService
    Real User
    Visualizes RDP sessions and logs SSH sessions
    Pros and Cons
    • "The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."
    • "I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal."

    What is our primary use case?

    We use this solution to control the access of privileged users, such as application administrators, to the internal network. This solution allows us to record and log user sessions.

    We use virtual appliances on the VMware platform. The virtualization of such services allows us to flexibly scale our hardware configuration and gives significantly more opportunities for building a stable structure. 

    How has it helped my organization?

    This solution allowed us to provide remote access to the company's internal infrastructure in the context of the COVID-19 pandemic. It made this access more transparent and controlled for information security departments.

    We easily integrated this product with our SIEM system for collecting events. Thanks to this integration, we were able to build convenient, regular reports on privileged user connections. Therefore, our information security units can better see who is connecting to the remote infrastructure.

    What is most valuable?

    The most valuable feature is the logging sessions with their visualization, which is video recording. This functionality allows us to restore the actions of a user in the event of any incidents.

    The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating.

    While the "transparent mode" feature did not affect the monitoring in any way, it led to an increase in the convenience of connecting users.

    This solution visualizes RDP sessions and logs SSH sessions.

    What needs improvement?

    I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal.

    I would like to visualize SSH sessions.

    I would like built-in traffic balancing mechanisms with the built-in load balancing mechanism when using several instances.

    For how long have I used the solution?

    About four years.

    What do I think about the stability of the solution?

    Over four years of use, we have not encountered a single system crash or failure. The product is stable.

    What do I think about the scalability of the solution?

    When increasing the number of users, we can rather easily add to virtual appliances processors and memory, or disks for storing records, which is more difficult to do on a hardware (physical) appliance.

    We have two administrators involved in the deployment, configuration, and maintenance of this solution. During the peak of the pandemic, we had up to 3,000 users connected through the solution and able to work from home.

    How are customer service and technical support?

    We have used One Identity’s tech support. I would rate it as excellent. They answer all the questions asked of them quickly and efficiently.

    Which solution did I use previously and why did I switch?

    We did not previously use a different solution.

    How was the initial setup?

    The virtual appliance is deployed from the delivered image without any problems. The setup takes about 15 to 20 minutes, including initial setup and configuration. It also is available to any admin user with Unix competencies.

    We use the “transparent mode” function to connect administrative users via SSH to the Unix servers. We did not encounter any problems when setting up this feature, as everything was easy. The solution is well-documented and quite understandable when setting up.

    It took about one or two working days to administer the solution, read the documentation and settings, and test various configuration options. It was not very difficult. For our users, there were no special nuances since the connection is transparent. They do not understand nor see that they are connecting through the One Identity Safeguard space.

    Our implementation strategy was to use this solution to control remote sessions of privileged users, first with our IT support staff. Now, we use the product for this purpose. In general, the strategy was a success.

    What was our ROI?

    There has been a lack of losses, since controlling the actions of privileged users is primarily to minimize risks and create an absence of losses.

    What's my experience with pricing, setup cost, and licensing?

    Licensing and pricing are quite straightforward. The number of recording channel licenses depends on the needs of the customer. I would suggest estimating the number of concurrent sessions per unit of time and proceed from there when purchasing a license.

    Which other solutions did I evaluate?

    We evaluated Safeguard and another product. We ultimately chose Safeguard.

    Safeguard is an external (in relation to controlled systems) solution which allows you to record sessions. Its competitor was an agent solution that was put on target servers. With the competitor's solution, there was a risk of disconnecting of a privileged user's recording.

    What other advice do I have?

    Clearly assess your needs and formulate the necessary requirements, then proceed from there with the selection of an appropriate solution. In our case, One Identity Safeguard became this solution. However, this solution is not a panacea for all ills. It is possibly you’ll find that a different solution is more suitable.

    I would rate the solution as a nine (out of 10). In order to rate it as a 10, it should have what I would like to see in its coming new releases.

    Foreign Language: (Russian)

    Как и для чего вы используете этот продукт?

    Мы используем это решение для контроля доступа привилегированных пользователей, таких как администраторы приложений, к внутренней сети. Это решение позволяет нам записывать и регистрировать пользовательские сессии.

    Мы используем виртуальные устройства на платформе VMware. Виртуализация таких сервисов позволяет нам гибко масштабировать конфигурацию нашего оборудования и предоставляет значительно больше возможностей для построения стабильной структуры.

    Как это помогло моей организации?

    Это решение позволило нам обеспечить удаленный доступ к внутренней инфраструктуре компании в контексте пандемии COVID-19. Это сделало этот доступ более прозрачным и контролируемым для отделов информационной безопасности.

    Мы легко интегрировали этот продукт с нашей системой SIEM для сбора событий. Благодаря этой интеграции мы смогли создавать подходящие регулярные отчеты о привилегированных пользовательских соединениях. Поэтому наши подразделения информационной безопасности могут лучше видеть, кто подключается к удаленной инфраструктуре.

    Какие функции вы нашли наиболее ценными?

    Наиболее ценной функцией является регистрация сеансов с их визуализацией, то есть запись видео. Эта функциональность позволяет нам восстанавливать действия пользователя в случае каких-либо инцидентов.

    Решение прозрачно интегрируется в инфраструктуру, и пользователи этого не замечают. Я бы дал этой функции самый высокий рейтинг.

    Хотя функция «прозрачного режима» никак не повлияла на мониторинг, она привела к увеличению удобства подключения пользователей.

    Это решение визуализирует сеансы RDP и регистрирует сеансы SSH.

    Что нуждается в улучшении?

    Я хотел бы видеть поддержку RDP через HTTPS, чтобы этот продукт можно было использовать вместе с терминалом Microsoft.

    Я хотел бы визуализировать сессии SSH.

    Я хотел бы использовать встроенные механизмы балансировки трафика со встроенным механизмом балансировки нагрузки при использовании нескольких экземпляров.

    Как долго я использую этот продукт/решение?

    Около четырех лет.

    Что я думаю о стабильности этого продукта/решения?

    За четыре года использования мы не встретили ни одного сбоя или сбоя системы. Продукт стабилен.

    Что я думаю о масштабируемости решения?

    Увеличивая количество пользователей, мы можем довольно легко добавить к виртуальным устройствам процессоры и память или диски для хранения записей, что труднее сделать на аппаратном (физическом) устройстве.

    У нас есть два администратора, участвующих в развертывании, настройке и обслуживании этого решения. В разгар пандемии у нас было до 3000 пользователей, подключенных через решение и способных работать из дома.

    Как бы вы оценили техническую поддержку этого продукта/решения?

    Мы использовали техническую поддержку One Identity. Я бы оценил это как превосходное. Они отвечают на все заданные вопросы быстро и качественно.

    Какое решение я использовал ранее и почему я переключился?

    Ранее мы не использовали другое решение.

    Как прошла начальная настройка?

    Виртуальное устройство развертывается из доставленного образа без каких-либо проблем. Настройка занимает от 15 до 20 минут, включая первоначальную установку и настройку. Он также доступен для любого администратора с компетенцией Unix.

    Мы используем функцию «прозрачного режима» для подключения административных пользователей через SSH к серверам Unix. При настройке этой функции проблем не возникало, так как все было просто. Решение хорошо документировано и вполне понятно при настройке.

    Потребовалось около одного или двух рабочих дней для администрирования решения, ознакомления с документацией и настройками, а также для тестирования различных вариантов конфигурации. Это было не очень сложно. Для наших пользователей особых нюансов не было, так как подключение прозрачно. Они не понимают и не видят, что они соединяются через пространство One Identity Safeguard.

    Наша стратегия внедрения заключалась в том, чтобы использовать это решение для управления удаленными сеансами привилегированных пользователей, в первую очередь с нашей службой поддержки Информационных Технологий. Теперь мы используем продукт для этой цели. В целом стратегия имела успех.

    Какой была была ваша прибыль на инвестиции в One Identity Safeguard?

    Мы не испытали никаких потерь, поскольку контроль действий привилегированных пользователей в первую очередь сводит к минимуму риска и создает отсутствие потерь.

    Какой у меня опыт работы с ценами, стоимостью установки и лицензированием?

    Лицензирование и ценообразование довольно просты. Количество каналов регистрации лицензий зависит от потребностей заказчика. Я бы посоветовал оценить количество одновременных сеансов за единицу времени и перейти оттуда к покупке лицензии.

    Прежде чем выбрать этот продукт, вы оценивали другие варианты?

    Мы оценили Safeguard и другой продукт. В конечном итоге мы выбрали Safeguard.

    Safeguard - это внешнее (по отношению к управляемым системам) решение, которое позволяет вам записывать сессии. Его конкурентом было агентское решение, которое было размещено на целевых серверах. С решением конкурента был риск отключения записи привилегированного пользователя.

    Какой еще у меня совет?

    Четко оцените свои потребности и сформулируйте необходимые требования, а затем приступайте к выбору подходящего решения. В нашем случае One Identity Safeguard стал таким решением. Однако это решение не является панацеей от всех болезней. Возможно, вы обнаружите, что другое решение более подходит.

    Я бы оценил решение как девять (из 10). Чтобы оценить его как 10, у него должно быть то, что я хотел бы видеть в его будущих новых выпусках.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Security Business Consultant at a tech services company with 201-500 employees
    Real User
    Top 20
    Defines and updates processes and procedures into the security framework of a company
    Pros and Cons
    • "Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
    • "I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated."

    What is our primary use case?

    We primarily use the solution to manage passwords and use for the RDP access. 

    Our infrastructure is three SPPs and two SPSs. This is across 1,000 users and approximately 500 targets. 

    How has it helped my organization?

    Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security.

    What is most valuable?

    The most interesting thing about this product is it is very easy to implement and configure as well as its usability. Also, for the final user, the work experience doesn't change when using the SPS for the Linux administrator, which is fantastic. You change only a little bit of the connection. Everything else is really easy.

    What needs improvement?

    I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated.

    For how long have I used the solution?

    I started using it two years ago.

    What do I think about the stability of the solution?

    It is a very stable system. There are no problems when using the platform.

    What do I think about the scalability of the solution?

    The scalability is fantastic. It is very easy to connect and use the solution, if you need it.

    How are customer service and technical support?

    There are two different supports: one for SPS and another for SPP. The technical preparation of the support is very high. They have very quickly given me the solution for a couple of issues that I have seen.

    Which solution did I use previously and why did I switch?

    We switched from CyberArk to Safeguard. In order to manage CyberArk, it is a very big effort. The platform is very complex. The management system of Safeguard is very easy. Also, the configuration for the targeted user is easier in Safeguard rather than CyberArk. Lastly, the cost of CyberArk's licensing is very expensive.

    How was the initial setup?

    We try to understand what the customer needs in order to fit the solution for what they want, then we plan all the activities based on that.

    What about the implementation team?

    We can deploy the system in a couple of days, then the system is up and running. The next step is importing the whole system. The time frame of this depends on many targets the customer has, but it doesn't take too long.

    What was our ROI?

    I work at a system integrator, designing and implementing the solution for our customers. I think our customers see a return of the investment using this solution.

    What's my experience with pricing, setup cost, and licensing?

    Safeguard is cheaper than CyberArk.

    What other advice do I have?

    It is a good solution. There is no limit to its usage in a company, e.g., IT or financial.

    Check the basic rules in the documentation because the solution is easy to use.

    I would rate the solution as 10 out of 10.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: System Integrator
    Software Solutions Architect at a computer software company with 11-50 employees
    Real User
    Simple deployment, responsive support, and scalable
    Pros and Cons
    • "I have found the most useful feature of One Identity Safeguard to be Privileged Sessions."
    • "When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."

    What is most valuable?

    I have found the most useful feature of One Identity Safeguard to be Privileged Sessions.

    What needs improvement?

    When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk. 

    Another example is, I have one potential customer that wants to use some feature that is available only in CyberArk. The scenario is one user request a patient, however, that user doesn't have the permissions. In that request, he wants to request more permissions elevation and more rights under the live connection. This can be done in CyberArk and not in One Identity Safeguard.

    We need to allow more permissions for the user who requests access for the previous account in a live connection.

    CyberArk gives stronger features for safeguarding at this moment.

    For how long have I used the solution?

    I have been using One Identity Safeguard for approximately one year.

    What do I think about the stability of the solution?

    One Identity Safeguard is a stable solution.

    What do I think about the scalability of the solution?

    I have found One Identity Safeguard to be scalable.

    How are customer service and support?

    I have contacted support. I can create tickets for support and in approximately one hour, I have a response from the support. They are very quick.

    Which solution did I use previously and why did I switch?

    I have previously used Cyberark.

    How was the initial setup?

    The initial setup of One Identity Safeguard was simple. In one week we can be ready to fully operate.

    What other advice do I have?

    My advice to others wanting to implement this solution is to do the implementation slowly and concentrate.

    I rate One Identity Safeguard a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    Walid Semrani - PeerSpot reviewer
    Networking and Security Engineer at a tech services company with 1-10 employees
    Real User
    Top 5
    Reasonable price, easy to deploy, and useful for session management
    Pros and Cons
    • "We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP."
    • "We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS."

    What is our primary use case?

    We use it for controlling the client sessions into our data center.

    What is most valuable?

    We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP. 

    What needs improvement?

    I requested for an evaluation license, but no one responded to me. 

    We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS.

    For how long have I used the solution?

    I have been using this solution for less than one year.

    What do I think about the stability of the solution?

    It is stable.

    What do I think about the scalability of the solution?

    It is scalable. It scales well in our company.

    How are customer service and support?

    I requested them for an evaluation license, but no one responded to me. They didn't give me an evaluation license.

    Which solution did I use previously and why did I switch?

    I have some knowledge of Wallix. It is a competitor of One Identity. They have similar functionalities, but I didn't explore it too much.

    How was the initial setup?

    It was easy. There were no problems. It is easy to navigate through the web interface.

    What's my experience with pricing, setup cost, and licensing?

    As compared to other products, it is reasonable, but the training sessions are too expensive.

    What other advice do I have?

    I haven't used other products, but I would highly recommend One Identity SPS.

    I would rate it an eight out of 10.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: partner
    Flag as inappropriate
    Mahfoudh Bousaidi - PeerSpot reviewer
    Network & Security Engineer at Onetechpro dz
    Real User
    Top 20
    It has the ability to record and retrieve in the full-video format

    What is our primary use case?

    We use Safeguard to manage users when the client wants to record all discussions on an LDAP. The solution is deployed on a VMware ESXI because all our clients don't want a physical appliance. We average about 300 to 500 connections to Safeguard.

    What is most valuable?

    Safeguard has the ability to record and retrieve in the full-video format.

    What needs improvement?

    We have issues using Safeguard to record http/https connection in a video formt. Currently, they don't have a mechanism to record this type of connection.

    For how long have I used the solution?

    We've been working with One Identity Safeguard for about eight months. I work as an integrator for solutions like PAM and One Identity. We make alterations and integrate the solution. 

    What do I think about the scalability of the solution?

    We run One Identity Safeguard on a VM, so we can create as many as we need. 

    How are customer service and support?

    I had an issue about a week ago because we were migrating from an old VM to a new one. I opened a ticket, and they responded, but I didn't get a solution. 

    Which solution did I use previously and why did I switch?


    How was the initial setup?

    We set up a VM appliance and configured it then deployed the solution. The typical time for deployment and configuration is about three to five days.

    What other advice do I have?

    I rate One Identity Safeguard eight out of 10. It's an excellent solution and a perfect fit for our use case.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    MohamedEladawy - PeerSpot reviewer
    Service Security Lead at Salam Technology
    Real User
    Scalable, reliable, and simple implementation

    What is our primary use case?

    One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.

    What needs improvement?

    One Identity Safeguard can improve by having more integration with multiple devices.

    For how long have I used the solution?

    I have been using One Identity Safeguard for approximately one year.

    What do I think about the stability of the solution?

    I have found One Identity Safeguard to be stable.

    What do I think about the scalability of the solution?

    The scalability of One Identity Safeguard is good, we can add multiple devices.

    We have approximately 40 administrates using this solution in my organization.

    We plan to increase usage in the future.

    How are customer service and support?

    I have not contacted support.

    How was the initial setup?

    The initial installation was simple.

    The full deployment took approximately a couple of months. Not because of the One Identity Safeguard, but because of us, we were busy doing other projects in parallel.

    What about the implementation team?

    We used a third-party vendor for the implementation and we had a good experience with them.

    What other advice do I have?

    My advice to others is One Identity Safeguard is a must to have because it's part of the cybersecurity framework, such as Nest ISO. We should have an identity management solution to manage the whole identity, such as privileged users.

    I rate One Identity Safeguard an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Buyer's Guide
    Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2022
    Buyer's Guide
    Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.