Delinea Secret Server Reviews

I'm a director/engineer and we partnered with the company. Our primary use case was for a project that we followed from an administrator point of view, not the end-user point of view. My responsibility was to manage the migration-related to the project, installing and configuring the infrastructure, creating policies and so on. Technically speaking, it was at a high level. All of my clients are enterprise companies.

The most valuable aspects were its ease of use because the software is monolithic, so you only have to install the web services and then there's a database, so it's very easy to use and to configure. There are no further modules so installation is simple as is configuration. There are a lot of features out of the box. That was an interesting aspect.

I think the services could be improved by making it more 'friendly.' Documentation could be improved if they were to include more about connectors. Technically speaking, and in comparison to other software such as CyberArk, the documentation was not enough. CyberArk has extensive documentation and I believe Thycotic doesn't have enough.

The same applies for additional features - improved documentation in the next release would be helpful.

I've used the product for five months. 

It's a very stable solution.

It's very easy to scale the solution because it's a web server. If you want to install more than one server then you just have to add the additional server to the database. So it's very, very easy.

Technical support is fine but as I said, it could be a little more friendly.

There is a lot of risk management software around. I decided to switch to Thycotic, first of all, because we were starting a new project and it was a challenge for me and a new software I wanted to try. That was the main reason for the move. 

Being a web server, the initial setup is very straightforward and easy to understand. It's one of the differences between Thycotic and CyberArk. CyberArk requires some study, it's a modular solution. 

I'm a technicial person so I don't know about setup costs. 

In general, I would recommend the product. It's very good and is cheaper than CyberArk. It's something that a team leader or project manager would take into consideration because even the cost of the license is something to keep in mind when planning a project. It really depends on the company's requirements. 

We use Delinea Secret Server as a PAM solution. It helps us to check, rotate, and store passwords. 

We implemented the product for our privileged identities. We have configured them in check-in/check-out rotation. Delinea Secret Server rotates the password each time a privileged identity is checked in, making the password valid only for some time. 

The tool's most valuable feature is robust audit logging. 

Delinea Secret Server needs to improve its reporting. 

I have been working with the product for three years. 

I rate Delinea Secret Server's stability a nine out of ten. 

I rate the tool's scalability a seven out of ten. 

I have had limited exposure to CyberArk. 

We can see ROI when we use the product to its full capacity. 

The tool's pricing is expensive. 

Delinea Secret Server is superior to CyberArk. I rate it an eight out of ten. 

• Heart beats – it tells me when passwords on file are no longer working. This could be an oversight, but could also be a sign of hacker activity.
• Secret Expiry – reports on passwords that haven’t been changed and may be out of policy.
• Remote Password Changing – along with Secret Expiry, this enables me to stay compliant with password change policies.
• Network Discovery – scans networked machines for accounts, bringing machines in to password policy compliance, and uncovering unknown or backdoor accounts. It also enables the discovery of the total reach of an account, i.e. a service account for which you dare not change the password as you don’t fully know the implications of missing an instance of the account that could fail critical operations.

We previously had a very lax password policy, and passwords were stored in Excel spreadsheets. Passwords were often not documented, or the documented password was not updated if changed. We now have a much stricter, safer password policy. Secret Server has improved security, productivity and helped achieve a much higher state of compliance.

Session recording could offer more control and block certain actions or commands.

I have experience of other products that focus on session recording, so I’m aware of what advanced functionality can be achieved.
Specifically, I’m referring to:

* blacklisting and/or whitelisting certain commands
* OCR capabilities

Now I know these aren’t currently supported, but they may be available in future releases.

We have used this solution for more than three years.

Very occasionally indexes won’t contain all the search results expected.

We have not encountered any scalability issues as this is a highly scalable product.

Technical support is good. Online and offline documentation is clear and well written. Support technicians are punctual and friendly.

I have worked with customers of other solutions. They found it hard to separate accounts assigned to the same asset for different teams. For example, a server has SQL and database accounts. These credentials would all be visible to anyone with access to the server asset which isn’t a desirable situation. DBA has access to a local administrator account. Server admin has access to the payroll DB account!

Based entirely on the Microsoft stack (IIS, MS-SQL), installation is quick and easy.

Pricing is very flexible. Download the free trial version. You can downgrade to the free version (it’s free for life!) or pay for the exact feature set you require.

We evaluated LastPass Enterprise, RoboForm, Password Manager Pro, Kaspersky Password Manager and CyberArk.

I’d recommend you engage a reseller to discuss your requirements, and download the free trial version.

Our clients use this solution to manage privileged accounts, meaning their administrative accounts. Whether it's active directories, co-banking solutions, or databases, the solution will take over all the privileged accounts on the network or in the infrastructure. 

Number one is the password vault; it's very good. It helps our clients avoid having a lot of passwords out there.

Number two, they have a feature for remote desktops that are created on a per session basis, which is very good for security. They also integrate with service providers. Let's say I'm having Microsoft take a look at the active directory or something that went wrong. I can give them one-time access, and once they're done, the session ends and they don't have access to it anymore. These features are very helpful for my customers.

The setup for this solution is complex. I'm not going to lie, you need a specialized system security engineer to deploy it.

I have been working with this solution for about five years.

The solution is stable. 

The solution is scalable. 

Since I'm speaking as a system security engineer, most of the time we're able to solve any problems the customers have, unless there's a software problem that needs to go to the software development team at Thycotic, but most of the time there are no issues.

On a scale of one to five, with one being the worst and five being the best, I would say that the ease of deployment by a novice would be around a one or two, while a skilled engineer could deploy it around a three or four.  

Licensing depends on a lot of factors, but once they do the proper scoping for you I don't think their pricing is that bad. This is a privileged access management solution, so yes it's expensive, but if the scoping is done right, I think you get a return on your internal investment.

Like most of these solutions, it depends on the engineer who comes and sets it up the first time. If it is done correctly and they integrate the different systems correctly, it'll work fine within your environment and you shouldn't have any issues. Administration of the solution is easy once it is set up. 

I prefer Thycotic because of the security, the fact that it is easy to administer, and the features. I think it has very, very good features, so I'd recommend Thycotic over CyberArk and the rest.

When considering a privileged access management solution, I would advise people to do their homework and find out about the features. People get solutions for different reasons, and the plan is not as straightforward as it would be with a firewall where you know what you want to block or control. Do your homework because it's an expensive solution, regardless of who you're buying it from. Find out what features it has, and make sure that the features work for you so you don't buy an expensive solution just to have it parked.

I would rate this solution as an eight out of ten.

We have used Thycotic Secret Server for some secret management and integrated it with some applications. We mainly used it for Privileged Account Discovery and the management of them.

The discovery engine is really robust and flexible. It had some session management features that are better compared to some other vendors. Overall the GUI is very good and straightforward to operate compared to other solutions. For example, CyberArk and Hitachi tend to be hard to navigate.

When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations.

In an upcoming release, there should be more AI and machine learning features. Some of the competitors are leaning in this direction.

I have been using Thycotic Secret Server for approximately two years.

There can be some stability issues when you use the video record feature. You have to be careful when you turn on the video recording features and what you want to record because the data adds up quickly. There is a performance impact to your network as well, that has to be planned for. Users think it is a fancy feature and they want to use it but you have to plan ahead of time before you use it.

The solution is able to be scaled and it is not too difficult.

The last organization I implemented the solution in they have approximately 900 users using the solution.

The technical support is good. They were able to give us support when we needed it.

I have used other solutions, such as CyberArk and Hitachi.

The setup was straightforward.

When comparing the price of Thycotic Secret Server with other solutions it is reasonable.

My advice to those wanting to implement this solution is they should know their requirements. It is a great solution it fits your requirements. It is important to know what you need to integrate with and how.

I rate Thycotic Secret Server an eight out of ten.

The primary use case is managing access for user groups and individuals in a very large environment.  

One of the best things about Thycotic is that it is very easy-to-use. It is logical, it has well-designed screens and a nice GUI interface. It has good performance and is generally a pleasure to operate.  

If you look at Thycotic, it is a great product that has pretty much all the same features as CyberArk — which will be replacing it. There is not much difference between the two. We will be switching away from using Thycotic, however, before the end of the year.  

The catalyst for the change was a formal comparison of the two products that we did using each to evaluate how we would use it in solving actual use case issues. In the presentation of the scoring over specific categories, CyberArk had slightly better professional service marks and the same price. Besides that, the two products were neck-and-neck and almost identical in the scoring. CyberArk just came out just a little bit better than Thycotic in the details, and not by much at all. Be that as it may, the formal comparison is the reason for the change.  

Thycotic has been in use in our Healthcare system for four years.  

Thycotic is a rock-solid product. Our organization never had any issues with it.  

If you consider the shere physical size of the Healthcare environment, you can tell from that just how scalable the product is. Not every product can handle 55,000 network elements and 15,000 servers.  

The technical support for Thycotic is very good as might be expected. The members of the support team that I have been in contact with are very much on the ball. Thycotic has  excellent service staff.  

This will be the last year Thycotic will be in operation at Healthcare in Norway because it will be replaced by CyberArk at some time this year.  

I think there are some very small things in Thycotic which are a little harder to do, and that is only because the Healthcare environment is so large. Healthcare has 55,000 network elements and 15,000 servers. One of the few things that CyberArk does better than Thycotic is to more neatly group IT assets in smaller bundles using a 'safe' that could be assigned to groups or teams for access. By comparison, Thycotic — at least in the versions leading up to the competition — lists all the assets at one time, no matter how many there are. When there are lists which are 15,000 elements long, it is harder to locate items and divvy up the work. So it was some slight usability things like this that really made the difference in the outcome of our comparison.  

While this organizational feature in Thycotic was not so good, some other parts of the user interface that are included in it are really fabulous. Thycotic is more intuitive and it is more logical in many ways than CyberArk. So I really like the Thycotic product. But for this very large environment, it turned just to be slightly less applicable to our situation than its competition.  

As I probably indicate from my answer, if it was not for the fact that we did a formal comparison and scoring of the products — following the objective measures that we have to follow when we buy things in the public — we probably would have done well just keeping Thycotic. But when you follow the Government process and the idea is to be absolutely impartial, then the way the scoring is set up is the way it goes.  

I think the pricing of Thycotic and CyberArk products are very similar.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Thycotic as probably a nine. That is only because I have to rank them slightly lower after we decided to make the switch to CyberArk, and replacing a product that is a ten would not make a lot of sense. So a nine-out-of-ten it is.  

Thycotic is a product that is so friendly that it can be used by nearly anyone and everyone, and that is a good place to be. As for the limitations in a very large environment, Thycotic could invest in making changes in the product to handle structuring in a segmented way. It would be costly for Thycotic to make that investment, but for Healthcare as a user group, that would have been the difference. We have already bought another product, so we are not going to change our minds again, but it may be worth considering for the team at Thycotic.  

I would probably recommend Thycotic for most businesses because it is simpler and easier to deal with than CyberArk. So really, I would recommend it to all businesses except for the extremely large ones.  

We have implemented the product in our system environment and configured it extensively to manage privileged accounts and enhance security.

The solution's session recording and discovery features have been valuable for us in securing our privileged accounts.

One of the product areas that could be improved is the ease of handling SSL certificates within the application, as it currently requires manual command-line configurations.

I have been working with Delinea Secret Server for one year.

I rate the stability as a nine.

I would rate the product scalability as a nine, as it has effectively scaled to meet our growing needs. 

Our clients range from small to medium-sized businesses.

The technical support services are excellent. 

The initial setup process is easy, around eight on a scale of one to ten. The deployment process took approximately six months.

Delinea Secret Server has provided a return on investment by significantly enhancing our security operations, particularly in managing privileged accounts.

Compared to other solutions like Centrify, Delinea Secret Server is competitively priced but on the higher side.

I would rate the platform as a seven. 

One valuable feature is that it will support a dedicated database. Delinea provides multiple features, like reporting and remote password changes.

The UI needs improvement because the interface is a little clumsy.

I've been using it for almost two years.

It's stable.

It is scalable and is better than other solutions. We have 400 users in our company.

We can't say that technical support is good because they respond according to their time zone, and we are not in the same time zone. I would give them a six out of ten.

Neutral

The deployment was not difficult and took one and a half months.

We have an enterprise license as well as a user license and a support license.

I can recommend this solution and will rate it at eight on a scale from one to ten.