I use Delinea Secret Server for demonstration purposes while talking to clients, for internet access management, and user monitoring.
Assistant Manager, Cyber Security at BracNet Limited
A user-friendly Privileged Access Management (PAM) solution, but support could be better
Pros and Cons
- "I like that it's user-friendly."
- "Support could be better. I have heard about a lot of problems in the Bangladesh market. People are saying that there are support issues. So, Delinea should focus on support and services."
What is our primary use case?
What is most valuable?
I like that it's user-friendly.
What needs improvement?
Support could be better. I have heard about a lot of problems in the Bangladesh market. People are saying that there are support issues. So, Delinea should focus on support and services.
For how long have I used the solution?
I have been using Delinea Secret Server for one or two months.
Buyer's Guide
Delinea Secret Server
November 2024
Learn what your peers think about Delinea Secret Server. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
Delinea Secret Server is a stable solution.
What do I think about the scalability of the solution?
Delinea Secret Server is a scalable solution.
How are customer service and support?
Technical support could be better. The support centers can't solve the issues.
On a scale from one to five, I will give technical support a two.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is straightforward. For demonstration purposes, it does not take much time. But it takes up to four months to go into production.
What other advice do I have?
I would tell potential users that they should focus on local partners with a local support team. This is becasue Delinea can't resolve the issues these days. I have seen a lot of cases in Bangladesh where the OEM can't resolve the issues. The application server is full of logs, and sometimes it needs to clear all the logs and files because it can become slow.
On a scale from one to ten, I would give Delinea Secret Server a six.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Presales Executive at Bludive technologies
Efficiently configure the solution to have multiple approvals
Pros and Cons
- "One of the features I find most valuable is workflow, which allows you to configure the solution to have multiple approvals."
- "Installation can sometimes be difficult, depending on the environment."
What is our primary use case?
I use it for laboratory practice before implementing it for end-users. Specifically, I use the Linux server to discover related accounts in our domain, pull them into the solution, manage their passwords, carry out session monitoring, and practice workflow, which allows for leading access to better-trained individuals when needed. I also make presentations to clients concerning this type of solution.
What is most valuable?
One of the features I find most valuable is workflow, which allows you to configure the solution to have multiple approvals. For example, if one person approves something, it can be set up so that others must confirm it as well.
What needs improvement?
In terms of the user interface, it's good. However, installation can sometimes be difficult, depending on the environment. We are deploying it in our own private laboratory, not as a secret server cloud.
Additionally, CyberArk has a more robust site and development team compared to Delinea. They also provide more educational resources on recent happenings in cybersecurity, the latest attacks, newsletters that educate people in the field, and how to create two opportunities. Delinea could improve in research and development and educate the public on recent trends in the industry.
For how long have I used the solution?
I have been using Delinea Secret Server for a year now.
What do I think about the stability of the solution?
It is a stable solution. I would rate it an eight out of ten.
What do I think about the scalability of the solution?
For scalability, I would rate it a nine out of ten. Secret Server or Delinea comes with a range of product suites that can complement each other in terms of work. You have Secret Server; you have Business Behavior Analysis; you have Account Spectrum Manager, and all of them work hand in hand. I can say that it's a bit scalable, and, yeah, it's very much scalable.
How are customer service and support?
I had issues with the discovery of a particular service account with a particular dependency during a proof of concept with a client in the past. I had to contact email support for that, but upon further investigation, we discovered that it was an issue with UPS at support dot net, and I think that was what caused the problem.
How was the initial setup?
If you're installing Secret Server, you could pay it up to anything, say, 40 to 60 minutes later.
What's my experience with pricing, setup cost, and licensing?
If you're requesting licenses or pricing, then you have to fill out a questionnaire that they try to gain insight into what your environment is like, what you're trying to discover, and what you're trying to manage. I like this approach.
So I have a client currently using CyberArk and trying to switch to Secret Server. So, according to them, CyberArk is a bit expensive compared to Secret Server.
However, in my personal opinion, Delinea's technology can be costly. Delinea Secret Server is a relatively expensive product due to its advanced capabilities compared to more basic solutions like ManageEngine PAM360, considered a lower-priced option in the industry.
What other advice do I have?
I haven't used comparable solutions to know if there is any other one better than Delinea Secret Server. But it's a nice solution I'm comfortable with, and I can always give it an eight, which is fair enough because I wouldn't say ten, as I have not used cyber activities or a couple of products to be able to say, yeah, I prefer this about this. It's a nice solution. It can give you what you want and meet compliance requirements.
However, I would recommend using the solution because there is not much of a learning curve with Delinea.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Buyer's Guide
Delinea Secret Server
November 2024
Learn what your peers think about Delinea Secret Server. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
Senior Security Engineer at a insurance company with 10,001+ employees
Plenty of useful features, highly scalable, and readily available documentation
Pros and Cons
- "I have found most valuable the automatic scheduled password rotation and remote desktop monitoring. Additionally, the documentation is readily available and easy to find and the dashboard is straightforward."
- "The technical support needs improvement. For example, if you have any problems on the server configuring the IIS, they would provide you very limited details and they would tell you the problem is on your end."
What is our primary use case?
We use the solution to store all of our secrets. For example, passwords, usernames, and other credentials. These credentials can be from many places, such as service accounts, bank accounts, and key pairs. It also has the functionality if, for example, a contractor requests to log into a specific server, they would use the Secret Server to log in to the server session that is monitored and he or she would be logging in without the actual real credentials. It is also on a rotating password system.
What is most valuable?
I have found most valuable the automatic scheduled password rotation and remote desktop monitoring. Additionally, the documentation is readily available and easy to find and the dashboard is straightforward.
What needs improvement?
I would like to see scheduled reports in a future release.
For how long have I used the solution?
I have been using this solution within the past 12 months.
What do I think about the stability of the solution?
I have found the solution to be very stable.
What do I think about the scalability of the solution?
You can set up two different servers and the process is straightforward. The solution is scalable and we have 70 users using it in my organization.
We might increase usage in the future but it all depends because currently all of the operations teams have been provided for. If the operations team grows, there would be room for more usage.
How are customer service and technical support?
The technical support needs improvement. For example, if you have any problems on the server configuring the IIS, they would provide you very limited details and they would tell you the problem is on your end. They are limited to only supporting their application, even if you have the slightest problem assessing their application through IIS they will refer you to contact Microsoft.
Additionally, the sales team could be more friendly and helpful.
I would rate the technical support of Thycotic Secret Server a seven out of ten.
How was the initial setup?
The installation was straightforward.
What's my experience with pricing, setup cost, and licensing?
There is an annual license fee per user and the price is fair.
What other advice do I have?
I rate Thycotic Secret Server an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director / Engineer at Provincia
Monolithic software that is easy to use but the documentation is insufficient
Pros and Cons
- "Ease of use because of its monolithic software."
- "Documentation could be improved if they were to include more about connectors. There is not enough documentation."
What is our primary use case?
I'm a director/engineer and we partnered with the company. Our primary use case was for a project that we followed from an administrator point of view, not the end-user point of view. My responsibility was to manage the migration-related to the project, installing and configuring the infrastructure, creating policies and so on. Technically speaking, it was at a high level. All of my clients are enterprise companies.
What is most valuable?
The most valuable aspects were its ease of use because the software is monolithic, so you only have to install the web services and then there's a database, so it's very easy to use and to configure. There are no further modules so installation is simple as is configuration. There are a lot of features out of the box. That was an interesting aspect.
What needs improvement?
I think the services could be improved by making it more 'friendly.' Documentation could be improved if they were to include more about connectors. Technically speaking, and in comparison to other software such as CyberArk, the documentation was not enough. CyberArk has extensive documentation and I believe Thycotic doesn't have enough.
The same applies for additional features - improved documentation in the next release would be helpful.
For how long have I used the solution?
I've used the product for five months.
What do I think about the stability of the solution?
It's a very stable solution.
What do I think about the scalability of the solution?
It's very easy to scale the solution because it's a web server. If you want to install more than one server then you just have to add the additional server to the database. So it's very, very easy.
How are customer service and technical support?
Technical support is fine but as I said, it could be a little more friendly.
Which solution did I use previously and why did I switch?
There is a lot of risk management software around. I decided to switch to Thycotic, first of all, because we were starting a new project and it was a challenge for me and a new software I wanted to try. That was the main reason for the move.
How was the initial setup?
Being a web server, the initial setup is very straightforward and easy to understand. It's one of the differences between Thycotic and CyberArk. CyberArk requires some study, it's a modular solution.
What's my experience with pricing, setup cost, and licensing?
I'm a technicial person so I don't know about setup costs.
What other advice do I have?
In general, I would recommend the product. It's very good and is cheaper than CyberArk. It's something that a team leader or project manager would take into consideration because even the cost of the license is something to keep in mind when planning a project. It really depends on the company's requirements.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Technology Infrastructure Senior Analyst at a educational organization with 501-1,000 employees
Feature-rich, easy to scale, stable, and well-developed
Pros and Cons
- "I like the one-way hash, as well as the ability to store it in the cloud and access it from anywhere."
- "Although the password policy was interesting, the default setting was inadequate."
What is our primary use case?
We intend to replace our pairing password management solution with something more enterprise-friendly.
We are currently conducting a demonstration with Thycotic Secret Server.
I've only used this solution a few times as a demo and haven't explored everything it has to offer, but I have experience integrating it with our Active Directory and setting up the server.
What is most valuable?
I like the one-way hash, as well as the ability to store it in the cloud and access it from anywhere.
I like the fact that you don't have to have separate databases for each department in your organization.
They have one central location, that they all go to it.
They all go to the same central location. If they leave, we can disable their account, reset their password, and integrate it with our Active Directory.
At this early stage, and based on my demo experience over the last two weeks, it appears to have more features than we require, but we can grow into it.
It's a great product. It seems that you could do your privileged access and things like that where you do the IEM. You could also make it so that those individuals have access for a set period of time to do their administration. These are the types of features we haven't really used, but I can see them being very useful. I can also see where they're going with this product, which is an all-in-one solution.
It appears to be well-developed.
What needs improvement?
Although the password policy was interesting, the default setting was inadequate. As a result, we had to change it to be 20 characters with symbols. It was an odd process, but it was relatively simple to adjust.
For how long have I used the solution?
I have been using the latest version of Thycotic Secret Server for a couple of weeks.
What do I think about the stability of the solution?
Thycotic Secret Server is a stable solution. We didn't encounter any bugs or glitches.
What do I think about the scalability of the solution?
It appears to be pretty easy to scale.
We have fewer than ten people to test the demo in our organization.
We may decide to use this solution, and we are attempting to budget for it. We must sell the features and show that the extra cost is justified.
How are customer service and support?
I have not contacted technical support. We had our representative involved, and he brought in a technical person to assist with the build, as well as being available to answer questions.
Which solution did I use previously and why did I switch?
We are working with Jira.
How was the initial setup?
The initial setup was fairly simple.
What's my experience with pricing, setup cost, and licensing?
We are going from a free product, which isn't necessarily a fair comparison because it brings many things to the table, but it appears to be reasonably priced.
It would be beneficial if it were reduced.
What other advice do I have?
I haven't tested many other products, but this one appears to be quite good. I believe it is comparable in the industry.
I haven't used this solution a lot, just in a demo capacity. I haven't explored all that it can office. I have worked on the integration with our Active Directory, and we set up the server.
I would rate Thycotic Secret Server an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SE & Manager Of Internal Systems at a tech services company with 51-200 employees
Discovering passwords which are expired or changed and enforcing password policy compliance.
What is most valuable?
- Heart beats – it tells me when passwords on file are no longer working. This could be an oversight, but could also be a sign of hacker activity.
- Secret Expiry – reports on passwords that haven’t been changed and may be out of policy.
- Remote Password Changing – along with Secret Expiry, this enables me to stay compliant with password change policies.
- Network Discovery – scans networked machines for accounts, bringing machines in to password policy compliance, and uncovering unknown or backdoor accounts. It also enables the discovery of the total reach of an account, i.e. a service account for which you dare not change the password as you don’t fully know the implications of missing an instance of the account that could fail critical operations.
How has it helped my organization?
We previously had a very lax password policy, and passwords were stored in Excel spreadsheets. Passwords were often not documented, or the documented password was not updated if changed. We now have a much stricter, safer password policy. Secret Server has improved security, productivity and helped achieve a much higher state of compliance.
What needs improvement?
Session recording could offer more control and block certain actions or commands.
I have experience of other products that focus on session recording, so I’m aware of what advanced functionality can be achieved.
Specifically, I’m referring to:
* blacklisting and/or whitelisting certain commands
* OCR capabilities
Now I know these aren’t currently supported, but they may be available in future releases.
For how long have I used the solution?
We have used this solution for more than three years.
What do I think about the stability of the solution?
Very occasionally indexes won’t contain all the search results expected.
What do I think about the scalability of the solution?
We have not encountered any scalability issues as this is a highly scalable product.
How are customer service and technical support?
Technical support is good. Online and offline documentation is clear and well written. Support technicians are punctual and friendly.
Which solution did I use previously and why did I switch?
I have worked with customers of other solutions. They found it hard to separate accounts assigned to the same asset for different teams. For example, a server has SQL and database accounts. These credentials would all be visible to anyone with access to the server asset which isn’t a desirable situation. DBA has access to a local administrator account. Server admin has access to the payroll DB account!
How was the initial setup?
Based entirely on the Microsoft stack (IIS, MS-SQL), installation is quick and easy.
What's my experience with pricing, setup cost, and licensing?
Pricing is very flexible. Download the free trial version. You can downgrade to the free version (it’s free for life!) or pay for the exact feature set you require.
Which other solutions did I evaluate?
We evaluated LastPass Enterprise, RoboForm, Password Manager Pro, Kaspersky Password Manager and CyberArk.
What other advice do I have?
I’d recommend you engage a reseller to discuss your requirements, and download the free trial version.
Disclosure: My company has a business relationship with this vendor other than being a customer: I work as a security consultant for Satisnet Ltd, a Thycotic reseller. We chose to engage with Thycotic after a lot of research in the PAM space for a large corporate customer.
Information Technology Security Specialist at infoark
Great password vault and remote desktop features, but very complicated to set up
Pros and Cons
- "Number one is the password vault; it's very good. Number two, they have a feature for remote desktops that are created on a per session basis, which is very good for security."
- "The setup for this solution is complex. I'm not going to lie, you need a specialized system security engineer to deploy it."
What is our primary use case?
Our clients use this solution to manage privileged accounts, meaning their administrative accounts. Whether it's active directories, co-banking solutions, or databases, the solution will take over all the privileged accounts on the network or in the infrastructure.
What is most valuable?
Number one is the password vault; it's very good. It helps our clients avoid having a lot of passwords out there.
Number two, they have a feature for remote desktops that are created on a per session basis, which is very good for security. They also integrate with service providers. Let's say I'm having Microsoft take a look at the active directory or something that went wrong. I can give them one-time access, and once they're done, the session ends and they don't have access to it anymore. These features are very helpful for my customers.
What needs improvement?
The setup for this solution is complex. I'm not going to lie, you need a specialized system security engineer to deploy it.
For how long have I used the solution?
I have been working with this solution for about five years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
Since I'm speaking as a system security engineer, most of the time we're able to solve any problems the customers have, unless there's a software problem that needs to go to the software development team at Thycotic, but most of the time there are no issues.
How was the initial setup?
On a scale of one to five, with one being the worst and five being the best, I would say that the ease of deployment by a novice would be around a one or two, while a skilled engineer could deploy it around a three or four.
What's my experience with pricing, setup cost, and licensing?
Licensing depends on a lot of factors, but once they do the proper scoping for you I don't think their pricing is that bad. This is a privileged access management solution, so yes it's expensive, but if the scoping is done right, I think you get a return on your internal investment.
What other advice do I have?
Like most of these solutions, it depends on the engineer who comes and sets it up the first time. If it is done correctly and they integrate the different systems correctly, it'll work fine within your environment and you shouldn't have any issues. Administration of the solution is easy once it is set up.
I prefer Thycotic because of the security, the fact that it is easy to administer, and the features. I think it has very, very good features, so I'd recommend Thycotic over CyberArk and the rest.
When considering a privileged access management solution, I would advise people to do their homework and find out about the features. People get solutions for different reasons, and the plan is not as straightforward as it would be with a firewall where you know what you want to block or control. Do your homework because it's an expensive solution, regardless of who you're buying it from. Find out what features it has, and make sure that the features work for you so you don't buy an expensive solution just to have it parked.
I would rate this solution as an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Executive Director at Semaphore
Excellent access management that can serve very large networks
Pros and Cons
- "The GUI interface is well-designed and user-friendly."
- "This product is excellent in every way except minor details in handling extremely large environments."
What is our primary use case?
The primary use case is managing access for user groups and individuals in a very large environment.
What is most valuable?
One of the best things about Thycotic is that it is very easy-to-use. It is logical, it has well-designed screens and a nice GUI interface. It has good performance and is generally a pleasure to operate.
What needs improvement?
If you look at Thycotic, it is a great product that has pretty much all the same features as CyberArk — which will be replacing it. There is not much difference between the two. We will be switching away from using Thycotic, however, before the end of the year.
The catalyst for the change was a formal comparison of the two products that we did using each to evaluate how we would use it in solving actual use case issues. In the presentation of the scoring over specific categories, CyberArk had slightly better professional service marks and the same price. Besides that, the two products were neck-and-neck and almost identical in the scoring. CyberArk just came out just a little bit better than Thycotic in the details, and not by much at all. Be that as it may, the formal comparison is the reason for the change.
For how long have I used the solution?
Thycotic has been in use in our Healthcare system for four years.
What do I think about the stability of the solution?
Thycotic is a rock-solid product. Our organization never had any issues with it.
What do I think about the scalability of the solution?
If you consider the shere physical size of the Healthcare environment, you can tell from that just how scalable the product is. Not every product can handle 55,000 network elements and 15,000 servers.
How are customer service and technical support?
The technical support for Thycotic is very good as might be expected. The members of the support team that I have been in contact with are very much on the ball. Thycotic has excellent service staff.
Which solution did I use previously and why did I switch?
This will be the last year Thycotic will be in operation at Healthcare in Norway because it will be replaced by CyberArk at some time this year.
I think there are some very small things in Thycotic which are a little harder to do, and that is only because the Healthcare environment is so large. Healthcare has 55,000 network elements and 15,000 servers. One of the few things that CyberArk does better than Thycotic is to more neatly group IT assets in smaller bundles using a 'safe' that could be assigned to groups or teams for access. By comparison, Thycotic — at least in the versions leading up to the competition — lists all the assets at one time, no matter how many there are. When there are lists which are 15,000 elements long, it is harder to locate items and divvy up the work. So it was some slight usability things like this that really made the difference in the outcome of our comparison.
While this organizational feature in Thycotic was not so good, some other parts of the user interface that are included in it are really fabulous. Thycotic is more intuitive and it is more logical in many ways than CyberArk. So I really like the Thycotic product. But for this very large environment, it turned just to be slightly less applicable to our situation than its competition.
As I probably indicate from my answer, if it was not for the fact that we did a formal comparison and scoring of the products — following the objective measures that we have to follow when we buy things in the public — we probably would have done well just keeping Thycotic. But when you follow the Government process and the idea is to be absolutely impartial, then the way the scoring is set up is the way it goes.
What's my experience with pricing, setup cost, and licensing?
I think the pricing of Thycotic and CyberArk products are very similar.
Which other solutions did I evaluate?
What other advice do I have?
On a scale from one to ten where one is the worst and ten is the best, I would rate Thycotic as probably a nine. That is only because I have to rank them slightly lower after we decided to make the switch to CyberArk, and replacing a product that is a ten would not make a lot of sense. So a nine-out-of-ten it is.
Thycotic is a product that is so friendly that it can be used by nearly anyone and everyone, and that is a good place to be. As for the limitations in a very large environment, Thycotic could invest in making changes in the product to handle structuring in a segmented way. It would be costly for Thycotic to make that investment, but for Healthcare as a user group, that would have been the difference. We have already bought another product, so we are not going to change our minds again, but it may be worth considering for the team at Thycotic.
I would probably recommend Thycotic for most businesses because it is simpler and easier to deal with than CyberArk. So really, I would recommend it to all businesses except for the extremely large ones.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Delinea Secret Server Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
CyberArk Privileged Access Manager
Azure Key Vault
AWS Secrets Manager
HashiCorp Vault
One Identity Manager
CyberArk Endpoint Privilege Manager
BeyondTrust Endpoint Privilege Management
WALLIX Bastion
One Identity Safeguard
BeyondTrust Privileged Remote Access
BeyondTrust Password Safe
BeyondTrust Remote Support
ARCON Privileged Access Management
Buyer's Guide
Download our free Delinea Secret Server Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- What are some best practices to implement for secure employee password management?
- What advice do you have for an enterprise user on Password Day 2021?
- When evaluating Enterprise Password Managers, what aspect do you think is the most important to look for?
- What should one take into account when selecting an enterprise password manager?