IT Central Station is now PeerSpot: Here's why

One Identity Safeguard Room for Improvement

Cody Engelman - PeerSpot reviewer
Expert Systems Architect at Tempur Sealy International, Inc.

We tried the solution's “transparent mode” feature for privileged sessions. It ended up making a lot of Cisco Layer 2 configurations hard and was using a lot of ACLs to control the traffic, which we identified as type of a risk. In order for it to do production that would put an unnecessary burden on our network guys to configure it because that's thousands and thousands of lines of code that they'd have to update and change. We did use this feature for the PoC and that worked out well. However, for production, we are using the Remote Desktop Gateway feature.

Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature.

I would like their transparent mode to have an easier implementation. If there was a way that we could do transparent mode without having to use ACLs that would be incredibly beneficial. 

They could do a better discovery to find out where service accounts are being used on non-Windows Boxes, such as Linux. That would be a good benefit.

View full review »
FI
Chief Information Security Officer at a financial services firm with 51-200 employees

The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region. However, it matches our criteria and requirements overall.

One Identity is using a third-party to create one-time passwords. Due to our security restrictions, we needed to build our own. When we discussed this with One Identity, "Why they don't provide a technology that can be hosted on our data center and be built by One Identity," they said they are using a third-party. This was their justification, so I think it's based on their strategy and there's no harm using a third party. However, we were having an issue using a third-party.

View full review »
Martin Ajayiobe - PeerSpot reviewer
Senior Vice President (Infrastructure Systems/Information Security) at MAXUT

The only part of the Safeguard solution that I think could be a problem over time is the amount of storage it takes in the sessions. For example, because it records in real-time video it takes a lot of resources. So, it has not been a problem yet, but we are looking at a solution where we allocate the cost of that additional capacity differently. Then there will be enough resources to compensate for whatever the storage needs are. It just takes a large amount of storage for each current session.  

Another thing that I would like to see them improve is that I would like them to make the transparent board a little bit more transparent. The transparent mode is something I use often and it is the best feature of the product but that is also why I see how it can be improved. It might just be a little bit easier to use.  

View full review »
Buyer's Guide
One Identity Safeguard
May 2022
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: May 2022.
597,708 professionals have used our research since 2012.
Alexander Pirogov - PeerSpot reviewer
Head of Department of Technical Means of Protection at BrokerCreditService

I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal.

I would like to visualize SSH sessions.

I would like built-in traffic balancing mechanisms with the built-in load balancing mechanism when using several instances.

View full review »
reviewer1161345 - PeerSpot reviewer
User with 10,001+ employees

Management of the farm of appliances. When you have more than one server to handle the traffic, you need to configure everything on each console and maintain seperately. The cluster feature is coming in the next versions, until then you can handle with some scripts but its not straight forward. In case you want to use a farm of appliances instead of one you should consider this.

Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service. Again when you have a farm of appliances you need to have all the monitoring data centrally so you know what is happening with the overall service. This feature is missing. You have to go on each server to see what is the status there.

View full review »
FF
Security Business Consultant at a tech services company with 201-500 employees

I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated.

View full review »
RC
Software Solutions Architect at a computer software company with 11-50 employees

When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk. 

Another example is, I have one potential customer that wants to use some feature that is available only in CyberArk. The scenario is one user request a patient, however, that user doesn't have the permissions. In that request, he wants to request more permissions elevation and more rights under the live connection. This can be done in CyberArk and not in One Identity Safeguard.

We need to allow more permissions for the user who requests access for the previous account in a live connection.

CyberArk gives stronger features for safeguarding at this moment.

View full review »
Walid Semrani - PeerSpot reviewer
Networking and Security Engineer at a tech services company with 1-10 employees

I requested for an evaluation license, but no one responded to me. 

We can't review or audit HTTP and HTTPS. This functionality should be added so that we can review and audit HTTP and HTTPS.

View full review »
Mahfoudh Bousaidi - PeerSpot reviewer
Network & Security Engineer at Onetechpro dz

We have issues using Safeguard to record http/https connection in a video formt. Currently, they don't have a mechanism to record this type of connection.

View full review »
MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology

One Identity Safeguard can improve by having more integration with multiple devices.

View full review »
Buyer's Guide
One Identity Safeguard
May 2022
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: May 2022.
597,708 professionals have used our research since 2012.