One Identity Safeguard Reviews

We mainly use the Privileged Session Management (PSM) features.

In terms of the user experience, it is a pretty useful product. It works in a good way. 

We sometimes face issues with configuration and things like that, but we manage to solve them. In general, it is a pretty good solution for the PSM features. 

There can be an improvement in terms of the policy that can be implemented on the SSH session.

I have been working with this product for more or less 2 years.

I have never spoken to their technical support. A colleague of mine interacts with them.

I did not work with any other solution previously. I have read about other products and their features, but I have not worked with them. One Identity Safeguard is probably one of the best solutions for PSM features.

I do not work on the installation. I work on the setup. We do face some issues with configuration, but in general, we are able to troubleshoot them.

Based on my personal experience with the PSM features, it is a good product. I know that there are some competitors, but I have not worked with them.

My colleagues worked on its integration with another tool. It seems to integrate fine, but I do not know for sure if he faced any issues.

My experience is with the PSM features, and for that, I would rate the product a six out of ten. There are some specific features that can be improved, but in general, I have had a good experience with the product.

We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.

Managing the remote access for privileged users feature is moderately difficult.

We currently use only one feature, which is privileged access to remote desktop servers with rotating passwords for privileged accounts. This is the main feature we use, and it typically disconnects external users from the system before giving them a different user to use for logging in. We have to use the Safeguard session in an integrated separate session or with the exact name available to record the sessions.

The GUI has room for improvement because it is confusing and cumbersome. 

I have been using One Identity Safeguard for two months. 

One Identity Safeguard is stable and provides great performance.

The technical support varies depending on who is assigned to our ticket. 

Neutral

The initial setup was complex, and we had to put it behind a firewall for security. This made it difficult to open the ports needed to set up the connections. It was a time-consuming process, and we had to work with the integrator to complete it. It took several days of work, but the tool is powerful and worth the effort to set up.

Three people were required for the deployment.

We used an integrator to help implement One Identity Safeguard. The integrator was good. He was able to train our people to deploy the solution.

I would rate One Identity Safeguard eight out of ten.

A moderate amount of training was required for our people to start using One Identity Safeguard.

We have up to five people using the solution.

The only maintenance required is for patching.

One Identity Safeguard is a great product once we become familiar with it. The GUI takes some getting used to.

We primarily use the solution to manage identities.

It's a good solution for managing identities under OneFile for authorization.

So far, the useability and functionality are very good.

We use the Approval Anywhere, or cloud assistant feature and it is great. It enables us to add an extra layer of security for critical passwords without adding time to the approval process.

The secure remote access feature for privileged users has been useful as well. We've had moderate success with it. It doesn't apply to some reference levels. We do like that it does not make us use a VPN. It gives us more flexibility. We can push out to mobile users a bit easier. 

We do have some support issues sometimes around user authorization rights and onboarding. Typically it's on the user's end where there are issues. We point them back to the instructions.

The big issue I have with the solution is the lack of timely updates. We have feature requests and would like to see the turnaround times on those features to be faster.

The pricing could always be better.

I've used the product for five or six years.

The solution has been stable. 

The scalability of the solution is good. It was one of the reasons why we chose it. We needed something to scale with our customers. So far, we've been happy with its capabilities. 

I haven't had issues with support so far. We do not use the vendor's premier support.

Positive

The whole effort, in terms of initial setup, took a couple of weeks. There is a learning curve associated with the process. My end-user took an hours-long course and my administrators went to training for about two to three days.

The pricing is okay compared to other products we looked at.

We looked at a couple of other solutions from CyberArk. The useability of this solution is better. 

We're partners. We've resold the solution in the past, although we aren't doing so now. We're not active resellers. It's more opportunity-based.

We are using the most up-to-date version of the solution. 

While we have yet to integrate the solution with other parts of our business, we are looking to integrate it in the future with DevOps. We're in the planning phase of that.

The flexibility and integration process is seamless. I've definitely had worse experiences. The resources we had weren't very experienced and we got through everything with very few headaches. From a security and productivity standpoint, it's good. 

I'd rate the product eight out of ten.

We use One Identity Safeguard to manage our privileged accounts.

We use One Identity Safeguard on both physical and virtual appliances.

One Identity Safeguard uses a secure remote access feature that does not use a VPN. This is important because it is cheaper and more secure than implementing a VPN for remote access.

People can start using the solution after five days of training.

We don't need to use VPN for remote access.

One Identity Safeguard is slow and not user-friendly.

Managing remote access for privileged users is difficult because it requires a lot of customization.

Current integration with other solutions requires custom API development. I would like to see out-of-the-box integration built into One Identity Safeguard, similar to other solutions.

The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA.

I have been using One Identity Safeguard for nearly three years.

One Identity Safeguard is unstable. Many bugs affect its performance, particularly when generating bundle batches and performing discovery.

One Identity Safeguard is scalable, but its performance degrades as it is scaled up.

Customer support is a nightmare. They take a long time to respond to tickets, and when they don't understand the issue, they stall by requesting logs.

Negative

I previously used BeyondTrust Endpoint Privilege Management, which is a better solution because it includes recording and remote access out of the box, whereas One Identity Safeguard requires us to integrate each of those components separately. Additionally, each component is a different appliance.

The initial setup is straightforward. The installation takes a couple of hours. One person is required for the deployment.

One Identity Safeguard is expensive and the cost goes up as we scale.

Licensing fees increase as we expand, as does the cost of basic support, which allows us to open tickets. Additionally, we must pay to update outdated appliances.

I would rate One Identity Safeguard three out of ten.

I only recommend One Identity Safeguard for small businesses.

When using One Identity Safeguard, we need to be patient.

We introduce One Identity Safeguard to customers, primarily Italian customers who need to partner with solutions that protect their target resources.

What I like about One Identity Safeguard is its interface, which is easy to understand, even for people new to the product. I also like that the solution collects data without any access to the machine, plus it has a feature that lets people explore access to machines within a network.

Regarding the usability and functionality of One Identity Safeguard, the most common feedback I receive from users is that the solution is easy to use and can easily move data.

I also like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor.

My customers use the transparent mode for privileged sessions in One Identity Safeguard, and it is easy to use, though it may be more difficult to configure. I haven't received any customer complaints about that feature, so it's not that difficult to use.

To start using One Identity Safeguard in terms of training for people who manage the solution and the end-users, my colleague and I took a course from One Identity. That training was enough for the basic features, but for some other features, my colleague and I had to create some tickets, though he and I know the database and processes. For users, it is easy because my company provides them with a two-page resource manual with screenshots. Then, I spent some time with the managers to show how One Identity Safeguard works, which is very easy because I've used the solution before. 

The analytics interface of One Identity Safeguard is also easy to understand.

A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target. For example, in two machines with some applications, I would like to balance traffic between the two machines with the help of One Identity Safeguard. It would be great if the solution allowed users to add some applications to a cluster and balance the traffic between the applications.

I've been working with One Identity Safeguard for customers for six months.

Stability-wise, One Identity Safeguard is okay. It's been running for almost one year, and there's no problem with its stability, so, in terms of stability, it's a seven out of ten for me.

The scalability, including the clustering for One Identity Safeguard, could be improved. It is fair right now, scalability-wise, and from an engineering perspective, it may not be as easy to do that because the appliance would have to be encrypted, and there's a security requirement. Still, it would be nicer if scalability could be improved in One Identity Safeguard.

Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. Support-wise, it's an eight out of ten for me.

Positive

I used a different solution previously, but One Identity Safeguard could limit the maximum number of connections to a target. The other solution, on the other hand, could not do that but has a load-balancing feature.

My company deploys One Identity Safeguard for customers, and I found the process easy.

My customers use the One Identity Safeguard virtual appliances.

I have not used the Cloud Assistant feature of the solution.

I have not used the Remote Access feature for privileged users in One Identity Safeguard.

My company does not integrate the solution with any other parts of the business, such as development, operations, and RPA. It was just tested but not rolled out in production.

In terms of how the deployment of One Identity Safeguard affects privileged users may be a complex question because the customer didn't have a previous infrastructure. The customer is now building the infrastructure, so it's a dynamic environment. The customer doesn't have an old environment.

I'm a One Identity Safeguard integrator, and my company also resells it.

Regarding maintenance, usually, it's not required. Still, sometimes a user could complain about not being able to access passwords in One Identity Safeguard or that there is some misconfiguration I need to analyze, and in the end, the issue is with the target appliance and not One Identity Safeguard.

My rating for One Identity Safeguard is eight out of ten overall.

We use Safeguard for managing privileged passwords only, using physical appliances.

So far, I haven't seen any type of improvement from using this solution when compared with other products in the identity and access management space. It has been neutral.

I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier.

We also use the Secure Remote Access feature for privileged users. Access is based on group membership and with that membership they connect to the remote machine. It's an easy process to manage. 

The main thing that needs improvement is the slowness. Apart from that, the change password check-in feature also needs improvement because it is not working perfectly accurately.

I have been using One Identity Safeguard for the last two and a half years. I work as an implementer and provide support operations to our clients.

It's not a stable solution, but it's not bad. It's neutral in terms of stability.

It's not scalable.

We are not using their Premier Support, but I am okay with the vendor's regular support. But if the product is running on an unsupported version, that is a very negative point. They should support unsupported versions as well so that their customers are not stuck somewhere in between.

Neutral

As an organization, we are using other PAM solutions for other projects, but I'm not sure which other solutions are in use.

The initial setup for Safeguard is straightforward. Because it was deployed a long time ago in our organization, before my tenure, my expertise is based on adding to clusters. If we are going to add clients within a cluster, it depends on the speed, meaning how the network connectivity is between the cluster and the target device.

In terms of the effect of deployment on users, they are provisioned, with the help of group membership, into Safeguard. Once they are assigned to a particular group, they can follow the previous sites. Based on the previous site, they can log in and check out the password of their privileged account.

As for the amount of training needed, it depends on the solution. If the solution is only for privileged passwords, about three weeks' training is required to understand the solution. And if the server for privileges is also integrated with the solution, it will take a month or as much as 45 days.

We have an implementation team and an operations team. Between them, there are a total of five or six people required for this solution to deploy and maintain it.

I'm not aware of the product cost, but if it's going to cost more, first they have to maintain and stabilize the product.

My impression of the form factor of the Safeguard physical appliance is not good and not bad. It's neutral. Similarly, feedback about the usability and functionality is neutral.

My advice, if you have the budget, is to buy other products, like CyberArk Privileged Access Manager or BeyondTrust Endpoint Privilege Management. If you don't have that kind of budget you can use this product.

We use it to link our virtual systems. We have Windows and Linux, and we have some applications. We use One Identity Safeguard to connect to them. We also use Password Vault, and we do session monitoring.

I am one version behind the latest version. I usually wait before doing an update to make sure that there are no problems with the new release.

One Identity Safeguard helps with accountability. We now know which person is accessing which machine. It also helps to make sure that they are secured, and that everyone knows what changes they need.

We have used the transparent mode and non-transparent mode for privileged sessions. The transparent mode is more difficult than the normal mode, but with the help of the documentation, we figured out how to do the necessary configuration and use this mode. Generally, we use the normal mode. We do not use the transparent mode. 

We use the Secure Remote Access feature for privileged users. It was very easy to manage remote access for privileged users by using this feature. When our users cannot be physically present at our place, they can access the resources using the Starling account. It is easy.

The Secure Remote Access feature does not make use of a VPN. This is very important for us because there are some problems with using VPN, so it is easier to use something like Starling. We can be sure that our users can access the network even from home and that the sessions are secure.

I have worked with other One Identity solutions. I have used One Identity Defender, One Identity SPP, and One Identity SPS. They worked very well for our users. We also use the authentication service to control the Linux machines with Active Directory accounts. They work well with each other. I have also used Safeguard Remote Access. I tried its features with Safeguard to allow our users to connect to the sessions by using the cloud so that they do not need to log in to the company servers.

One of the most important aspects is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product. Our end-users find it easy. They have a web application. They only need to enter the credentials, and they can access the Safeguard session. They can use it very fast without any problems. Its learning curve is very low.

We can discover Windows and Linux machines, but we would also like to discover databases. It is very important for us. I have heard that in the new version, we can discover databases, but I have not tried it yet, so I am not sure if the new version does it properly or still needs some work. 

We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now.

I have been using this solution for about two years.

It is very stable. They always release new updates if there are any issues. For example, for the Log4j issue that happened a couple of months ago, they released an update to solve the issue and make sure that no user is affected by it. It is based on the Linux machine, so it is very stable.

I did not face any problems. It is very scalable, and it can be used for a small company or a big company without any problems.

Currently, there are about 20 users who are using it.

We have used their regular support, not the premier support. When we have any problems related to it, we open a ticket. They always help us. We might have to provide them with additional things so that they are able to troubleshoot better, but they are always helpful. I would rate their support a 9 out of 10.

Positive

We did not use any other solution.

The initial setup is straightforward. We have two installation types. We have Safeguard for Privileged Passwords and Safeguard for Privileged Sessions. For Safeguard for Privileged Passwords, we just need to import and the whole organization will be done. The process for Safeguard for Privileged Sessions is also simple. There are no problems.

The deployment duration depends on the number of systems, the number of users, and the number of applications. In a small company, it might take about two weeks or three weeks.

The deployment did not affect our privileged users. We just needed some time to get used to it. We were not using any PAM product before, so it took some time to get used to using it. It is more restrictive than the Active Directory system, but it is for the best.

For managing and deploying the solution, I took technical training. It was about five-day training with One Identity. After that, I started its deployment. In case of any problem, we could check several resources. We could check the administration guide or forums. We could also open a support ticket with One Identity. For the end-users, I gave the training, and it took one or two days at the most.

I deployed it myself.

We checked out a couple of solutions, but I was not a part of the selection process.

It is a very easy solution. In case of any problem, you can contact the distributor or the vendor, and they will help you.

I have worked with physical and virtual appliances. We went for virtual appliances because they are easy for us. We have servers in our company, so we have the space and resources to install them.

I would rate One Identity Safeguard a 10 out of 10. I have used it for some time, and I enjoyed working with it.

We have more than 1,000 servers or application servers, and we have several layers of teams. We have super admins, system admins, and operations staff, and we also have application vendors using the system. In such a large environment, it was really difficult for us to do identity management on a daily basis. We had new people joining the team, and we also had people leaving. We had to put in additional manpower to monitor these activities and comply with the regulations. That was the main reason we moved to automation with the One Identity solution. We are using their Privileged Account Management solution.

We have virtual appliances. We don't have physical ones.

We have several data centers located all over the globe. Previously, if someone needed access or certain permissions, we had to manually go to our Active Directory, identify the user, and give permission. We had to do that one by one. When we had hundreds of new joiners, it was a time-consuming activity. Sometimes, this activity would take more than two days. One Identity has made all this easier. Monitoring has become much easier, and I can invest the energy in other things instead of monitoring which user is doing what. It has become a one-console management for us.

For my team, it has reduced the task of monitoring who did what and using which ID by 80%. They only have to do 20% of the work than before.

We are using all of the access features. It is much easier for a new user to adopt this solution. It also works perfectly fine with a VPN.

All the features are promising, but we love the reporting feature because we can get each and every report. That's a major compliance requirement. Its reporting is really amazing, and it has made life a lot easier.

Its setup is quick. It is easy to set up and operate. It doesn't matter whether you have a deep IT background or not.

Cost-wise, it is a little bit expensive, which makes it difficult to get management approval. Its price should be reduced.

In terms of features, I'm completely satisfied with it. I am not expecting any more features. Its cost is the only issue. Everything else is okay.

We introduced this product in our organization in 2014.

It is pretty stable.

It is very scalable. We recently increased the number of licenses. Previously, we had a thousand servers, but now, the number has increased. The number of users has also increased. So, we upgraded our system. 

We are using it mostly for privileged users, developers, and system administrators. In total, we have around 300 users. We have plans to increase its usage. We have some upcoming projects where we want to use it on a larger basis. We have plans to use it for DevOps users and third-party vendors, but it will take a little bit of time.

We have not integrated the solution with any other parts of the business, such as DevOps, RPA, or cloud targets. We are evolving day by day. We are upgrading our technology, and we have plans to do that in the future.

We had premium support initially, but we don't require that now. We didn't encounter any critical issues. We are using their regular support. I would rate their support a nine out of ten.

Positive

We were not using another solution previously. Privilege management was a really tough task before the One Identity solution.

It was straightforward. Of course, when you are introducing a new product, you need to do a little bit of research, but the steps were very simple. You don't need much technical knowledge, and you don't need to go so deep to do the configuration. You can just have a look at the setup start guide. Anyone should be able to do it easily.

Our deployment took around six months because we did a few PoC. We also tested it in different system environments before bringing it to the production environment. Out of these six months, we spent almost two months doing the PoC with other products, and then for two months, we put it in the UAT environment or the test environment, and then we brought it into the production environment. So, overall, it took six months for the rollout.

The deployment wasn't disruptive for our privileged users because they were working with the old method while we were implementing it. So, there was no pause during the implementation. Once we completely rolled out One Identity, they started using it.

To start using the solution, you at least need knowledge of the policies and configurations available. You require a little bit of training because one change is going to impact thousands of users.

When we did the deployment, we had a team of about 30 people. Now, we don't have a dedicated team for its maintenance. We have a team of about 15 people doing other activities and managing various technologies, including One Identity.

I have definitely seen an ROI. It is not necessarily in terms of cost. My work has reduced, and I'm able to focus the saved energy or time working on other technologies or implementing new things in other areas of my organization.

Its subscription cost is too much, and sometimes, it is very difficult to pitch the solution to the management for cost approval. If the cost is reduced a little bit, it would be easier. If its cost was less, many other organizations that currently cannot afford it would be able to use this technology. I'm sure many organizations around the globe are having issues with identity management, and it is a very difficult task for IT to manage privileged accounts.

We did PoC to identify different solutions. We tried several solutions, but it didn't work out. We did a PoC with the One Identity solution, and it was easy to manage because it helped us to meet all the compliance requirements and do other things. That's why we went with this solution.

I would recommend it if you are looking for a privilege management or identity management solution. If you are having challenges with reporting and compliance, it will certainly be helpful because you will get a lot of details for auditing and monitoring purposes.

I would rate it a nine out of ten. It is an amazing product, but its cost needs improvement.