One Identity Safeguard Reviews

My main use cases include LDAP, SSH, and some utilization of HTTPS. My primary uses are LDAP and SSH.

From my experience, the features are best for monitoring and the usage of LDAP and SSH. I think One Identity should improve its documentation because it is vast and not clear, and clear documentation on implementing the solution would be advantageous for consultants. I find clear documentation helpful for clients and customers to achieve what they want.

I find it complicated to implement HTTPS monitoring because the documentation is unclear. The disaster recovery process is complicated for me. For some configurations on the SPS side, if I need to make changes, such as for DNS servers, I must redeploy the machine. Transparent Mode can be improved in newer versions, and the failover process is the most complicated for me.

I have been working with this solution for the last two years.

The stability is consistent for me until a problem arises; then it becomes difficult. I encounter problems primarily with the failover procedure.

Scalability is acceptable for me. If customer usage increases, I can add new appliances, but this incurs costs.

I find the support good, but not excellent. When I open a ticket, resolutions can take a long time, and I sometimes need escalations to reach expertise.

I always compare this solution with CyberArk. I feel CyberArk is not like a black box; it allows a lot of customization.

The initial setup is not complex for me; it's straightforward. I would rate it a seven, as it takes me thirty to forty minutes per machine for deployment.

I install the solution and offer the services to the end-users.

Any PAM solution, when I deploy it well and customers use it, leads to a return on investment. This is applicable not just to One Identity or CyberArk, but to any PAM solution that provides what customers need to achieve.

It's about controlling what people are doing in their infrastructure. Overall, I would rate the product six out of ten.

We are using One Identity Safeguard for our data protection.

We are utilizing the virtual appliance solution because it is slightly more cost-effective and allows us to manage it remotely.

Secure Remote Access feature is being utilized by non-technical users, primarily for multi-factor authentications. We are implementing MFA; however, some users in our branch are not yet connected. Consequently, we are resorting to using a VPN in our access control measures. At times, we have also employed remote branches for auditing and monitoring any potentially suspicious activities. Our endpoint security is consistently updated and ensures encryption for all the internet services we utilize.

It is important that the Secure Remote Access feature does not rely on a VPN. One Identity Safeguard provides us with the ability to manage access to the system network and data from our remote branches through the Secure Remote Access feature, ensuring a secure and confidential connection on the backend.

We have integrated One Identity Safeguard with our DevOps processes to assist in managing the parameters. Prior to the integration, we used to wait for certain automation related to security, either already completed or sometimes people would proceed without reporting. However, after the implementation, it has proven to be highly effective for security testing through automation at various stages, particularly in the pipeline, and for conducting critical analysis. This has significantly improved our understanding. 

There are numerous valuable data protection features, including the content and information that offer us more scalable protection as needed.

We also have access to immediate support for situations that we are unable to handle.

Some of our users find the functionality a bit complex, and it could be made more user-friendly.

The integration of automation, security monitoring, and secure configuration can be enhanced. We can integrate these elements using Ansible or any other necessary tools. This would be advantageous in terms of time and effort saved during implementation, especially when dealing with merged branches. This approach will guarantee that the code is approved, tested, and verified, potentially resulting in substantial time savings.

I have been using One Identity Safeguard for ten years.

Premier Support is valuable because it enables us to receive prompt assistance whenever we encounter any type of issue.

Positive

The time to deploy varies from a few minutes to several hours depending on the scenario.

We integrate security tests into our CI/CD pipeline for privileged users to ensure that these users are not affected.

We also assessed CyberArk, which is a more robust Privileged Access Management solution compared to One Identity Safeguard. However, it comes with a significantly higher cost.

I would rate One Identity Safeguard an eight out of ten.

We conducted training sessions for all employees and managers in our company. The training was tailored to each person's skills in order to streamline the training process and facilitate the deployment procedures.

We mainly use the Privileged Session Management (PSM) features.

In terms of the user experience, it is a pretty useful product. It works in a good way. 

We sometimes face issues with configuration and things like that, but we manage to solve them. In general, it is a pretty good solution for the PSM features. 

There can be an improvement in terms of the policy that can be implemented on the SSH session.

I have been working with this product for more or less 2 years.

I have never spoken to their technical support. A colleague of mine interacts with them.

I did not work with any other solution previously. I have read about other products and their features, but I have not worked with them. One Identity Safeguard is probably one of the best solutions for PSM features.

I do not work on the installation. I work on the setup. We do face some issues with configuration, but in general, we are able to troubleshoot them.

Based on my personal experience with the PSM features, it is a good product. I know that there are some competitors, but I have not worked with them.

My colleagues worked on its integration with another tool. It seems to integrate fine, but I do not know for sure if he faced any issues.

My experience is with the PSM features, and for that, I would rate the product a six out of ten. There are some specific features that can be improved, but in general, I have had a good experience with the product.

We use the virtual appliance of One Identity Safeguard to enhance security when external support is logged into our internal network. This is because it is the riskiest situation when an external company logs into servers to provide support. We want to increase security and monitoring to minimize risk. We have better monitoring tools to help us achieve this.

Managing the remote access for privileged users feature is moderately difficult.

We currently use only one feature, which is privileged access to remote desktop servers with rotating passwords for privileged accounts. This is the main feature we use, and it typically disconnects external users from the system before giving them a different user to use for logging in. We have to use the Safeguard session in an integrated separate session or with the exact name available to record the sessions.

The GUI has room for improvement because it is confusing and cumbersome. 

I have been using One Identity Safeguard for two months. 

One Identity Safeguard is stable and provides great performance.

The technical support varies depending on who is assigned to our ticket. 

Neutral

The initial setup was complex, and we had to put it behind a firewall for security. This made it difficult to open the ports needed to set up the connections. It was a time-consuming process, and we had to work with the integrator to complete it. It took several days of work, but the tool is powerful and worth the effort to set up.

Three people were required for the deployment.

We used an integrator to help implement One Identity Safeguard. The integrator was good. He was able to train our people to deploy the solution.

I would rate One Identity Safeguard eight out of ten.

A moderate amount of training was required for our people to start using One Identity Safeguard.

We have up to five people using the solution.

The only maintenance required is for patching.

One Identity Safeguard is a great product once we become familiar with it. The GUI takes some getting used to.

We primarily use the solution to manage identities.

It's a good solution for managing identities under OneFile for authorization.

So far, the useability and functionality are very good.

We use the Approval Anywhere, or cloud assistant feature and it is great. It enables us to add an extra layer of security for critical passwords without adding time to the approval process.

The secure remote access feature for privileged users has been useful as well. We've had moderate success with it. It doesn't apply to some reference levels. We do like that it does not make us use a VPN. It gives us more flexibility. We can push out to mobile users a bit easier. 

We do have some support issues sometimes around user authorization rights and onboarding. Typically it's on the user's end where there are issues. We point them back to the instructions.

The big issue I have with the solution is the lack of timely updates. We have feature requests and would like to see the turnaround times on those features to be faster.

The pricing could always be better.

I've used the product for five or six years.

The solution has been stable. 

The scalability of the solution is good. It was one of the reasons why we chose it. We needed something to scale with our customers. So far, we've been happy with its capabilities. 

I haven't had issues with support so far. We do not use the vendor's premier support.

Positive

The whole effort, in terms of initial setup, took a couple of weeks. There is a learning curve associated with the process. My end-user took an hours-long course and my administrators went to training for about two to three days.

The pricing is okay compared to other products we looked at.

We looked at a couple of other solutions from CyberArk. The useability of this solution is better. 

We're partners. We've resold the solution in the past, although we aren't doing so now. We're not active resellers. It's more opportunity-based.

We are using the most up-to-date version of the solution. 

While we have yet to integrate the solution with other parts of our business, we are looking to integrate it in the future with DevOps. We're in the planning phase of that.

The flexibility and integration process is seamless. I've definitely had worse experiences. The resources we had weren't very experienced and we got through everything with very few headaches. From a security and productivity standpoint, it's good. 

I'd rate the product eight out of ten.

We use One Identity Safeguard to manage our privileged accounts.

We use One Identity Safeguard on both physical and virtual appliances.

One Identity Safeguard uses a secure remote access feature that does not use a VPN. This is important because it is cheaper and more secure than implementing a VPN for remote access.

People can start using the solution after five days of training.

We don't need to use VPN for remote access.

One Identity Safeguard is slow and not user-friendly.

Managing remote access for privileged users is difficult because it requires a lot of customization.

Current integration with other solutions requires custom API development. I would like to see out-of-the-box integration built into One Identity Safeguard, similar to other solutions.

The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA.

I have been using One Identity Safeguard for nearly three years.

One Identity Safeguard is unstable. Many bugs affect its performance, particularly when generating bundle batches and performing discovery.

One Identity Safeguard is scalable, but its performance degrades as it is scaled up.

Customer support is a nightmare. They take a long time to respond to tickets, and when they don't understand the issue, they stall by requesting logs.

Negative

I previously used BeyondTrust Endpoint Privilege Management, which is a better solution because it includes recording and remote access out of the box, whereas One Identity Safeguard requires us to integrate each of those components separately. Additionally, each component is a different appliance.

The initial setup is straightforward. The installation takes a couple of hours. One person is required for the deployment.

One Identity Safeguard is expensive and the cost goes up as we scale.

Licensing fees increase as we expand, as does the cost of basic support, which allows us to open tickets. Additionally, we must pay to update outdated appliances.

I would rate One Identity Safeguard three out of ten.

I only recommend One Identity Safeguard for small businesses.

When using One Identity Safeguard, we need to be patient.

I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization. 

I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server. 

We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what. 

I have used Safeguard for one year.

Safeguard is stable. 

It's scalable, depending on the solution case. I don't know if it's domain-based because it was not restricted. We're gradually moving to the Azure cloud.

One Identity support is okay. 

Deploying Safeguard was straightforward.

I rate One Identity Safeguard eight out of 10.

We use it to link our virtual systems. We have Windows and Linux, and we have some applications. We use One Identity Safeguard to connect to them. We also use Password Vault, and we do session monitoring.

I am one version behind the latest version. I usually wait before doing an update to make sure that there are no problems with the new release.

One Identity Safeguard helps with accountability. We now know which person is accessing which machine. It also helps to make sure that they are secured, and that everyone knows what changes they need.

We have used the transparent mode and non-transparent mode for privileged sessions. The transparent mode is more difficult than the normal mode, but with the help of the documentation, we figured out how to do the necessary configuration and use this mode. Generally, we use the normal mode. We do not use the transparent mode. 

We use the Secure Remote Access feature for privileged users. It was very easy to manage remote access for privileged users by using this feature. When our users cannot be physically present at our place, they can access the resources using the Starling account. It is easy.

The Secure Remote Access feature does not make use of a VPN. This is very important for us because there are some problems with using VPN, so it is easier to use something like Starling. We can be sure that our users can access the network even from home and that the sessions are secure.

I have worked with other One Identity solutions. I have used One Identity Defender, One Identity SPP, and One Identity SPS. They worked very well for our users. We also use the authentication service to control the Linux machines with Active Directory accounts. They work well with each other. I have also used Safeguard Remote Access. I tried its features with Safeguard to allow our users to connect to the sessions by using the cloud so that they do not need to log in to the company servers.

One of the most important aspects is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product. Our end-users find it easy. They have a web application. They only need to enter the credentials, and they can access the Safeguard session. They can use it very fast without any problems. Its learning curve is very low.

We can discover Windows and Linux machines, but we would also like to discover databases. It is very important for us. I have heard that in the new version, we can discover databases, but I have not tried it yet, so I am not sure if the new version does it properly or still needs some work. 

We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now.

I have been using this solution for about two years.

It is very stable. They always release new updates if there are any issues. For example, for the Log4j issue that happened a couple of months ago, they released an update to solve the issue and make sure that no user is affected by it. It is based on the Linux machine, so it is very stable.

I did not face any problems. It is very scalable, and it can be used for a small company or a big company without any problems.

Currently, there are about 20 users who are using it.

We have used their regular support, not the premier support. When we have any problems related to it, we open a ticket. They always help us. We might have to provide them with additional things so that they are able to troubleshoot better, but they are always helpful. I would rate their support a 9 out of 10.

Positive

We did not use any other solution.

The initial setup is straightforward. We have two installation types. We have Safeguard for Privileged Passwords and Safeguard for Privileged Sessions. For Safeguard for Privileged Passwords, we just need to import and the whole organization will be done. The process for Safeguard for Privileged Sessions is also simple. There are no problems.

The deployment duration depends on the number of systems, the number of users, and the number of applications. In a small company, it might take about two weeks or three weeks.

The deployment did not affect our privileged users. We just needed some time to get used to it. We were not using any PAM product before, so it took some time to get used to using it. It is more restrictive than the Active Directory system, but it is for the best.

For managing and deploying the solution, I took technical training. It was about five-day training with One Identity. After that, I started its deployment. In case of any problem, we could check several resources. We could check the administration guide or forums. We could also open a support ticket with One Identity. For the end-users, I gave the training, and it took one or two days at the most.

I deployed it myself.

We checked out a couple of solutions, but I was not a part of the selection process.

It is a very easy solution. In case of any problem, you can contact the distributor or the vendor, and they will help you.

I have worked with physical and virtual appliances. We went for virtual appliances because they are easy for us. We have servers in our company, so we have the space and resources to install them.

I would rate One Identity Safeguard a 10 out of 10. I have used it for some time, and I enjoyed working with it.