Try our new research platform with insights from 80,000+ expert users

One Identity Safeguard vs Symantec Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 6, 2024
 

Categories and Ranking

One Identity Safeguard
Ranking in Privileged Access Management (PAM)
3rd
Average Rating
8.0
Number of Reviews
40
Ranking in other categories
User Entity Behavior Analytics (UEBA) (6th)
Symantec Privileged Access ...
Ranking in Privileged Access Management (PAM)
21st
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
51
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of November 2024, in the Privileged Access Management (PAM) category, the mindshare of One Identity Safeguard is 4.5%, down from 5.7% compared to the previous year. The mindshare of Symantec Privileged Access Manager is 1.7%, down from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM)
 

Featured Reviews

Tor Nordhagen - PeerSpot reviewer
Nov 22, 2023
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.
Muhammad Baber - PeerSpot reviewer
May 6, 2022
Allows IT and consultants to access the infrastructure environment but needs more security and better support
Initial setup was very straightforward. It's basically a hardware appliance. It's a software appliance, but it's a hard-coded appliance. It's just a black and white screen, and it has everything inside. BeyondTrust is a Windows-based server, and they usually harden the machine and have their own patches on it, even though it's a Windows machine, so we can easily log into it. With the current solution, it's very difficult to log in. It's just a black and white screen, and you need a support account to log in onto it. It feels more secure. It's a shell, and the database is embedded. But with BeyondTrust, it's SQL-based and Windows-based, so it's vulnerable. When we first set up the solution, it was only a few endpoints to give access to the vendors. Now, it's around 400-500 machines. It required a lot of maintenance. There were a lot of new patches and new versions of the appliance, and then the appliances would move out of support very quickly, which is another reason we are moving to BeyondTrust. At the moment, we are using the version which is very stable, but it is out of support within six to seven months. They keep asking you to upgrade to the new version, which is challenging. Once we upgraded, we had a lot of issues that support couldn't fix.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."
"The Transparent Mode is the number one advantage of the product."
"I like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor."
"It has greatly helped improve our security posture. Safeguard has an option where it will reset passwords on service accounts, then go out to those servers where that service account is running as a service and update the password on it. That makes password changes very easy. We can regularly change passwords now and are planning on making it an annual activity, where all the people who own service accounts will go in and make sure all their passwords get changed, updated, and reset."
"The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable."
"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
"All sessions are audited and they are indexed/searchable through the GUI."
"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."
"It's easy to use and easy to configure."
"Password Management and Session Recording. The simplicity and ease that it is to be up and running out-of-the-box is very much appreciated."
"The interface is very friendly, colorful, and bold."
"We know we can scale up with what we have, and we probably will not need to buy any further appliances down the road."
"One of the key things for us about the product is around its simplicity. Being able to put in the technology that allows the business to remove complexity and also allow the security improvements."
"It will provide us with more security."
"The two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us."
"We can enforce complicated password policies and very important frequent password changes."
 

Cons

"Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature."
"The Transparent Mode could be somewhat easier to use."
"Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."
"The main point regarding the user experience is that Safeguard has two separate management consoles."
"We have feature requests and would like to see the turnaround times on those features to be faster."
"The SPS could be a lot easier to administrate and the parts should be unified, from a design perspective, so that I can recognize the systems as being part of the same package. They feel like they have been forced together."
"The product uses a lot of resources in current sessions."
"We sometimes face issues with configuration and things like that, but we manage to solve them."
"An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username."
"It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"The management console could be improved."
"They should include some assignments in the test environment to explore the product's features."
"Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM."
"I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using."
"I wish it could create local accounts on desktops."
"It'd be great if you just stuck in your PIV card and Windows popped up, asked you for your password. You typed it in, then it remembered your credentials."
 

Pricing and Cost Advice

"Its subscription cost is too much, and sometimes, it is very difficult to pitch the solution to the management for cost approval. If the cost is reduced a little bit, it would be easier. If its cost was less, many other organizations that currently cannot afford it would be able to use this technology. I'm sure many organizations around the globe are having issues with identity management, and it is a very difficult task for IT to manage privileged accounts."
"Our licensing costs are on a yearly basis."
"The pricing is about $80,000 per 100 servers. There are few elective costs."
"They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base."
"One Identity Safeguard is expensive and the cost goes up as we scale."
"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
"Safeguard is cheaper than CyberArk."
"Setup cost, pricing and licensing are all very expensive."
"It is more expensive than other solutions on the market."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"Pricing is fair compared to other top vendors."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
"Appliances are relatively cheap, don’t skimp. Make sure you have redundancy, high availability, and enough appliances to manage the concurrent workload."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"It is reasonably priced."
"Cost-wise, CA was better compared to others in the market. ​"
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
23%
Financial Services Firm
12%
Manufacturing Company
7%
Government
6%
Computer Software Company
18%
Financial Services Firm
17%
Manufacturing Company
16%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
What is your experience regarding pricing and costs for One Identity Safeguard?
One Identity Safeguard is expensive. The license is around $3,000 per month.
What needs improvement with One Identity Safeguard?
One Identity's support is not appropriately structured, and it has a lot of room to improve.
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Pricing is reasonable. It's neither as expensive as BeyondTrust nor as cheap as other solutions. One can negotiate corporate discounts through franchises, as Broadcom manages most customers through...
What needs improvement with Symantec Privileged Access Manager?
Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM. The product has not kept up with market demands or introduced new features to compete w...
 

Also Known As

No data available
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

 

Sample Customers

Cavium
NEOVERA, Telesis, eSoft
Find out what your peers are saying about One Identity Safeguard vs. Symantec Privileged Access Manager and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.