Try our new research platform with insights from 80,000+ expert users
IdmArchi90fa - PeerSpot reviewer
IDM Architect at a tech company with 10,001+ employees
Real User
Extensible authentication framework enables use-case-dependent MFA
Pros and Cons
  • "The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable."
  • "Even though we have two nodes, there's no way to do an upgrade without taking everything completely offline. It would be nice if they could improve that."

What is our primary use case?

We use Safeguard for privileged sessions. It's primarily used as a solution for accessing our production environments.

How has it helped my organization?

We were able to take an environment where we had several hosts managed by different people and consolidate that into a single, centrally managed solution.

What is most valuable?

The extensible framework for authentication is one of the most valuable features. We use an MFA plug-in and a lot of different factors, depending on what the business use-cases are. And of course, the auditing functionality is also valuable.

We have also found the solution to be extensible through cloud-delivered services. It's worked out well. The SPS instances we use are located on-premise, but we can still utilize them to access resources in the cloud. That's not a problem. We haven't deployed any SPS itself in the cloud, but it works fine for our cloud environments.

What needs improvement?

Feature-wise, right now, it has most of the features that we're looking for. It could improve a bit on the management side of things. One example would be when doing an upgrade. We have a highly-available appliance spare, and even though we have two nodes, there's no way to do an upgrade without taking everything completely offline. It would be nice if they could improve that.

Buyer's Guide
One Identity Safeguard
November 2024
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

What do I think about the stability of the solution?

The product has generally been stable. We have had some issues, mainly due to the types of traffic. Our end-users are doing different things through SSH tunnels that were not expected on the appliance. We've been working with support to resolve that.

What do I think about the scalability of the solution?

The product is scalable.

How are customer service and support?

Tech support has been great. They've been responsive and knowledgeable, so we've been happy with them.

How was the initial setup?

It took us about three or four weeks for the initial setup and deploy. Part of that was developing a plug-in for the multi-factor authentication. We were able to do it in a way that wasn't disruptive, with our current infrastructure. At their discretion, the end-users were allowed to move over, one-by-one. After we deployed it, it took about two months for all of the users to actually migrate over to using it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1300329 - PeerSpot reviewer
VP Risk Management at a financial services firm with 1,001-5,000 employees
Real User
We can record everything third-party vendors do to ensure that they're only doing the needed changes
Pros and Cons
  • "We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff."
  • "Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this."

What is our primary use case?

The three main use cases that we have are:

  1. Ensure our human and non-human privilege accounts are locked up in a password vault. 
  2. Have workflows to handle the major types of usage, such as break glass and business as usual. 
  3. Changes in usage of the credentials are tied into approved change requests. 

These drive our first goal to take all our privileged users on the help desk, our local accounts on our desktops, our servers (web servers, app servers, or database servers), and individuals in our network group who do our firewalls, then migrate all these human accounts into Safeguard Password Vault. Last Fall, we went group by group and revised their accounts. We took away any type of privilege account that they had, ensuring that all of these accounts were then migrated to the Vault. They could then check out passwords to facilitate any type of privilege activities they needed to do on behalf of the bank.

We use virtual appliances for this solution, which made sense for us, especially if we will plan to perhaps migrate to the cloud. Right now, it's all virtualized on-premise.

How has it helped my organization?

Anytime new tools and technologies are being brought into the bank, the biggest impact is to the process, procedures, and culture. There is a culture change when any new technology gets rolled out. This solution changes the way we have done the business for many years. We're taking a very controlled, conservative approach in how we roll the technology out.

What is most valuable?

It is working as it's supposed to work. We had a lot of good support from the One Identity team who helped us build it and do a test. 

We are able to log and get reporting on all privileged activity that is being performed. We like the fact that we can leverage the session recording feature, which is especially valuable when we're dealing with third-party vendors that have to remote into our our boxes and servers to do any work on behalf of the bank. Now, we can record everything they are doing to ensure that they're only doing the changes that were needed. In addition, we use it to leverage knowledge transfer with our internal staff.

We use the solution’s Approval Anywhere feature. We do have the Starling 2FA app on our mobile devices. We haven't rolled out the request and approval yet. We want to get people to use it in their daily functions, whether it's business as usual work, break glass, or any changes that they need to make tied into an approved formal change request. Starting in April, we will be rolling out the request and approval phase. Based on the type of change being requested, break glass will need to be approved, especially if they're doing it during the daytime or off-hours. Then, we will have change requests tied into our change-advisory board. Once there's a change that's approved via our CAB process, then that person will be allowed to check out the credentials they need and tie it back into the ServiceNow ticket that was created. This gives us the audibility between when that change was being made and ensuring that it's being performed for its intended purposes. We are taking a crawl-walk-run approach.

What needs improvement?

Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this.

For how long have I used the solution?

We have been using Safeguard in a production capacity for about nine months now.

What do I think about the stability of the solution?

We haven't had any problems at all. 

There was one issue where we had to put a certain fix on and were able to work with the One Identity people. We downloaded the fix and put it onto our dev environment. After it was baked into our dev environment for a day or so, we then scheduled that change to go live into our production environment. That went very smoothly.

Two people are needed for deployment and maintenance. They're both in the cybersecurity area. There's a manager along with a senior cyber security analyst who runs the platform.

What do I think about the scalability of the solution?

The tool does everything that it is designed to do. It is one of the leading privileged access management products out on the market. They rebuilt the whole product, giving it a nice brand a new clean user interface, which is very user-friendly and easy to use. One Identity has done a very good job taking the old product, TPAM, and doing a whole refresh of that tool. We're very happy with the Safeguard product.

We have approximately 50 to 60 human privilege accounts whose roles are everything, everywhere. From the information security department to the desktop people, there are about 12 users in that area. There are about 20 people who comprise our IT engineering group and another 15 or so who comprise our network team. Then, there are the third-party users who have to login on behalf of the bank to do changes for us, which is another 10 or so privileged accounts which have been setup for a one-time usage when a third-party vendor needs to remote into our system. Crawl-walk-run impacts about 30 percent of all the changes being made. Most changes are made to the production environment and need to be done with a privilege account.

How are customer service and technical support?

I would rate the technical support as very good and strong. We're happy with the support we get from our One Identity team. We see it as something that will be accepted more as the culture changes at the bank. We did the human accounts first because with the non-human service accounts there have been challenges this year. You have to tread water very slowly since you have to do a good analysis and understand what these non-human service accounts are used for. It's not just a simple lock them up in a vault type of scenario. It will take us a bit more time to put a plan together beginning in the second quarter to address the onboarding of these non-human service accounts into the password vault.

There wasn't much training required for those who manage the product. It was pretty straightforward. We did do training though. We had a training manual as well as a hour training class with various user groups. Our hour training, manual, and how-to guide along with being able to support issues/concerns via our cybersecurity team was beneficial to the success of the implementation.

Which solution did I use previously and why did I switch?

We did not use another solution previously.

Prior to this Safeguard implementation, we did not know when somebody was using their elevated privileges to do certain features or functions. We only hoped that it was according to whomever the change request was associated. Now that we're able to audit log and record what is being done, we can play back all the sessions to make sure no type of unattended usage of the privilege or elevated credentials were being used. From securing the bank standpoint, it has helped tremendously.

How was the initial setup?

The team shared with us that the initial setup was pretty straightforward.

The deployment took no more time from when we got the servers brought in to when got the software installed. This took a few weeks to get it up, configured, and customized for our needs. Then, there was some sandbox testing which was done, then we started the pilots within the first three months of having the solution stood up.

Anytime you are putting in a deployment change that affects privilege users, it's going to create some problems. That's why we took a very slow approach of taking one user from all of our various groups. We had one person from each of our teams: desktop, network, and IT engineering. We worked with them for about a month. We tried to shake out any bugs and issues that they would have before we gradually rolled it out to others. 

People are very adverse to change. When you have this type of a solution, the technical capabilities of the product along with all the process change creates some issues. However, we expected that.

What about the implementation team?

My role was as head of identity and access management to work in concert with our cybersecurity manager. It is his team who owned and rolled out the technology to the bank. My responsibility was making sure from an identity and access management process that the procedures had been in place and they satisfied our internal and external audit requirements. I'm more of the process guy, not the technician.

What was our ROI?

Being in information security, anytime you can sit down with the board of directors, and say "We now have a more secure bank," there is ROI. The reason: The biggest threat to any bank is an insider threat. Now, with our privileged access, we have them logged, recorded, and locked up in a password vault so we know who's making changes, when they're making change, and why they're making changes. This helps greatly improve the security posture of the bank. That's what we use to sell and justify that it was a good investment for the bank.

Which other solutions did I evaluate?

In addition to Safeguard, we looked at a product by the name of CyberArk and one by the name of BeyondTrust. These were the three products that we brought in for a proof of concept. In the summer of 2018, we made the decision to go with Safeguard. Then, between June and July 2019, we had it up and running, starting pilots and rolling it out accordingly.

When we did our scoring criteria on the three products, all the products were very close. What it came down to was price. We had individuals on the cyber team who had previous experience with the One Identity Privileged Access Management product at that time, which was called TPAM back then. Those individuals had a very good relationship and understanding of that tool. This weighed into our decision as well as cost to go with the One Identity Safeguard solution. It was definitely cheaper than the other two products that we evaluated.

What other advice do I have?

The solution is part of our identity and access management product. We use Saviynt as our identity, governance and administrative tool. We certify all privilege accounts on a schedule basis. There is some integration with our identity and access management platform/program at the bank. It allows us to be in a position where we can identify and detect as well as prevent any type of privilege act that's being used as a threat at the bank. The integration was easy. It didn't pose any problems.

We have had a mixed bag regarding the solution’s usability and functionality. We have had some people who said that the tools worked nicely. They checked out their credentials every morning, use them for the better part of the day. We set the duration for eight hours. Once somebody checks out something in the morning, they pretty much use that password for the entire day. For some groups, this created a problem because of the type of work that they do, such as long running processes. We've had some issues where their password expired while a process was still running. We had to work with our IT engineering group to come up with a different type of the duration for their needs. One Identity has been very good at working with us to help us through these use cases. 

Understand each use case very carefully and thoroughly. This changes the way someone conducts their business. We had to be cognizant of the impact to our day-to-day operations. If I could do it all over again, I would spend more time understanding the impact of a security tool, such as a privileged access management solution. I think we could have done somethings better than we did.

We haven't started to use the solution’s behavior analytics feature, but as we start building up some data, then that puts us in a position to be able to identify any type of exception or anomalous behavior. We haven't built up enough trending data to leverage that functionality at this time.

We are very happy with the tool. I would rate the solution as an eight (out of 10).

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
One Identity Safeguard
November 2024
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
reviewer1242459 - PeerSpot reviewer
Software Solutions Architect at a computer software company with 11-50 employees
Real User
Simple deployment, responsive support, and scalable
Pros and Cons
  • "I have found the most useful feature of One Identity Safeguard to be Privileged Sessions."
  • "When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."

What is most valuable?

I have found the most useful feature of One Identity Safeguard to be Privileged Sessions.

What needs improvement?

When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk. 

Another example is, I have one potential customer that wants to use some feature that is available only in CyberArk. The scenario is one user request a patient, however, that user doesn't have the permissions. In that request, he wants to request more permissions elevation and more rights under the live connection. This can be done in CyberArk and not in One Identity Safeguard.

We need to allow more permissions for the user who requests access for the previous account in a live connection.

CyberArk gives stronger features for safeguarding at this moment.

For how long have I used the solution?

I have been using One Identity Safeguard for approximately one year.

What do I think about the stability of the solution?

One Identity Safeguard is a stable solution.

What do I think about the scalability of the solution?

I have found One Identity Safeguard to be scalable.

How are customer service and support?

I have contacted support. I can create tickets for support and in approximately one hour, I have a response from the support. They are very quick.

Which solution did I use previously and why did I switch?

I have previously used Cyberark.

How was the initial setup?

The initial setup of One Identity Safeguard was simple. In one week we can be ready to fully operate.

What other advice do I have?

My advice to others wanting to implement this solution is to do the implementation slowly and concentrate.

I rate One Identity Safeguard a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer1161345 - PeerSpot reviewer
Works with 10,001+ employees
MSP
Session auditing and replay capabilities help to secure our production environment
Pros and Cons
  • "All sessions are audited and they are indexed/searchable through the GUI."
  • "Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."

What is our primary use case?

We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI. Some of the data are transferred to our SIEM solution. For the moment we use the product for RDP and SSH sessions. We are going to use it for Citrix farms also in transparent mode. 

How has it helped my organization?

All user sessions are going through Safeguard. They are all audited and secured with forcing the minimum security settings on the side of the user. With this setup, you can easily secure all of the connections to the production environment from the office. Especially if you have a lot of different places connecting to the production environment, it is a PCI DSS requirement that you secure the flow. In our company we already audited the product as part of the PCI DSS certification.

What is most valuable?

The most valuable feature is auditing the sessions. All of the sessions (RDP, SSH, Citrix) can be audited and replayed on demand.

Complete indexing on SSH sessions means that all commands are searchable after indexing.

What needs improvement?

Management of the farm of appliances. When you have more than one server to handle the traffic, you need to configure everything on each console and maintain seperately. The cluster feature is coming in the next versions, until then you can handle with some scripts but its not straight forward. In case you want to use a farm of appliances instead of one you should consider this.

Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service. Again when you have a farm of appliances you need to have all the monitoring data centrally so you know what is happening with the overall service. This feature is missing. You have to go on each server to see what is the status there.

For how long have I used the solution?

We have been using this solution for two years.

What do I think about the stability of the solution?

This is an extremely stable product. Outages depend only on your environment. The service can run smoothly forever, depending on your company's setup and possible maintenance outages.

What do I think about the scalability of the solution?

No problem to scale. It's always a good option to use a load balancer in front of the solution to handle the traffic.

How are customer service and technical support?

Our experience with technical support has been extremely good. 

Which solution did I use previously and why did I switch?

This was the first implementation of such a product in the company.

How was the initial setup?

Setup is straightforward as long as you plan correctly.

What about the implementation team?

The initial setup was with the vendor. They have extremely good knowledge of the product and provide good support.

What was our ROI?

This solution provides PCI-DSS compliance, so ROI can be considered very good.

What's my experience with pricing, setup cost, and licensing?

The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible.

Which other solutions did I evaluate?

More options where evaluated, like Centrify and CyberArk, before we choose this solution.

What other advice do I have?

Before you decide, do a full analysis of your requirements and see if the product fulfills them. Performing such an analysis after the fact is going to be difficult.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Consultant at Controlware GmbH
Consultant
There is a very logical, clear user interface, and the integration of scripts is thoughtfully implemented
Pros and Cons
  • "It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."
  • "The technical support is tremendous."
  • "The high availability function of the box requires a long time to switch over from one appliance to another."
  • "The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems."

What is our primary use case?

The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.

How has it helped my organization?

For our customers, it's much easier for them to be in line with audits. A lot of our customers work in the medical field, where it is important for them to keep track of external vendors, e.g., maintaining medical appliances inside of a hospital. This solution gives them real confidence that they can keep their customers safe and their data protected.

What is most valuable?

There are a variety of protocols that it supports.

The video-like stream and audit capabilities, in combination with its indexing capabilities to search for critical events quickly, are valuable features.

The transparent mode for privileged sessions is really nice because it keeps the integration quite smooth. Also, users don't have to change the way that they currently are used to working. 

It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage.

What needs improvement?

There are some features which are still missing compared to other competitors. For example, some customers need legacy VPN authentication capabilities.

The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems.

What do I think about the stability of the solution?

The overall stability has improved quite a bit throughout the years. The appliances run well, both virtual and physical. The product is pretty good, especially compared to other vendors and products.

What do I think about the scalability of the solution?

Because of the nature of the connections being monitored, you can load balance it quite well. It is easy to shift the load from one appliance to another. However, the high availability function of the box itself requires a long time to switch over from one appliance to another. So, there is room for improvement

How are customer service and technical support?

The technical support is tremendous. For large projects, we have had some challenges, but we were never left alone by the vendor. Also, in one case for a small customer, One Identity assigned one engineer to help with assessing the AD infrastructure of our customers, which was really helpful.

How was the initial setup?

The install and deployment are quite rapid. For a smaller project, sometimes it only takes us about two to three days to implement and get the policies inline. For larger projects, it's actually also not that long for the appliance itself. The product requires a lot of changes on the management side, how vendors work, and how you need to counsel people how to use it, especially in Germany. Then, they are monitored, which is the quite larger portion of it.

For our implementations in Germany, we implement an explicit model most of the time. Therefore, the transparent mode for privileged sessions has not been used that much in my projects.

What other advice do I have?

Look at the entire portfolio, since it has changed so rapidly. The capabilities have improved quite a bit. You need to make sure not to miss out on any features.

The Approval Anywhere for Privileged Passwords is a really good concept, because it enables admins to do other work, be more flexible, and work from home. However, we don't have any real experience with it yet, as we are looking into it at the moment.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
reviewer2283744 - PeerSpot reviewer
IT Specialist at a tech services company with 201-500 employees
Real User
Top 20
Fast to implement and has good pricing but lacks documentation
Pros and Cons
  • "The monitoring system is very good."
  • "There is a lack of documentation and many problems with the plugins."

What is our primary use case?

We use the on-demand version. We use the solution for monitoring and connection to the customer's server for Windows and Linux.

How has it helped my organization?

It's easier to connect to the server and it makes it more secure. We've seen about a 40% improvement in that regard.

What is most valuable?

The monitoring system is very good.

It has a very nice user interface.

The product is very fast to implement.

We use the solution's transparent mode for privileged sessions.

What needs improvement?

There is a lack of documentation and many problems with the plugins.

I did run into problems with transparent mode for privileged sessions. We didn't connect correctly to the server. It was an issue we had with the customer's server, not the product itself.

The security of the connection could be improved. 

For how long have I used the solution?

I've been using the solution for one year. 

What do I think about the stability of the solution?

It's not completely stable. Sometimes the newest version does not support an older version.

What do I think about the scalability of the solution?

The solution is not so scalable. 

Mabe 20 or so users are leveraging it in our organization. They are admins. 

How are customer service and support?

We use regular support. The response times are too long. Sometimes it could take days. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I previously used CyberArk. I changed companies, and now I work with this product. I find Safeguard to be easier to implement, however, it does lack documentation.

How was the initial setup?

It is fast to implement. 

While the process is not technically complex, there was a lack of documentation and we had to figure out how to do it ourselves. The deployment took three weeks. We had two people working on the process.

What was our ROI?

We have yet to witness an ROI.

What's my experience with pricing, setup cost, and licensing?

The solution is offered at a good price. We pay a monthly fee. I'm not sure of the exact cost we pay.

What other advice do I have?

I'm a product partner. 

We are using the latest version of the solution. 

I have yet to use the cloud assistant feature, so I can't say much about that aspect of the solution. We also do not use the solution's secure remote access feature for privileged users. We don't have it integrated with DevOps or RPA.

While basic knowledge is important, there isn't much training required to start using the solution. 

I'd rate the solution six out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Identity & Access Manager at Reist Telecom
Real User
We are able to demonstrate what has happened on systems and who did what, but we want to be able to generate CSRs from the interface for certificates
Pros and Cons
  • "The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between."
  • "The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."
  • "For some users, the physical appliance has been a bit buggy."
  • "We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."

What is our primary use case?

We primarily use One Identity Safeguard for Privileged Sessions (SPS) for managing our customers' access to their critical systems.

How has it helped my organization?

We are able to demonstrate what has happened on the systems and who did what, when we have to investigate, in regards to audits using evidence.

What is most valuable?

  • Acting as a proxy
  • Session encryption
  • Flexibility of usage

The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between. Thus, it is transparent for them.

The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests.

What needs improvement?

  • We have not yet found the solution to be extensible through cloud-delivered services.
  • Our external indexers are able to integrate with a hardware security module (HSM), which is good. What we have now requested is the integration of HSM with the SPS solution to be able to not have to manage certificates and the private key outside of any tamperproof system.
  • We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates. 
  • We would like to be able to manage the lifecycle of the archived audit traits. If they are on the box, the cleanup and archiving policies are applied, as soon as they are archived on the external share, this does not apply. We need our customers to not have to manually delete these archives.
  • From a web interface perspective, we would like to be able to duplicate connections, so we can reorder them.

What do I think about the stability of the solution?

We have not had a major issues regarding stability once we migrated our users onto the virtual solution. However, for some users, the physical appliance has been a bit buggy.

What do I think about the scalability of the solution?

As of now, we use mainly virtual and have not tested the scalability and high availability, because it is a new thing.

How are customer service and technical support?

The technical support is good. There has been great improvement to all the knowledge base articles available. Therefore, we are able to find a lot of solutions already when we create support requests.

It takes us a long time to make the people from product management and development to understand our needs, e.g., integrating this product with HSM.

Which solution did I use previously and why did I switch?

Because we are a service provider, we have to demonstrate that our systems are really tamperproof. We had that experience previously, and now again, with One Identity SPS, as the product fits our needs.

How was the initial setup?

The initial setup is quite simple, not complex. The installation documentation is good, so the installation is okay. You just need to read the documentation, understand how it works, and how it has to be integrated. Once you do your homework, it's quite easy.

What about the implementation team?

We are the integrator for the deployment.

To install and deploy the solution for the customers, we count one day for a workshop with all the people involved: network, business users, IT, support, etc. Then, for the implementation, it can take another one to five days.

What was our ROI?

It is the life of our customers because it brings a lot of security. So, the return on investment is really on all aspects of compliance, security, and audit.

Which other solutions did I evaluate?

We implement this solution upon customer request.

What other advice do I have?

Test it and its competitors. You will probably choose SPS.

Both the search functionality and speed have been greatly improved.

We are not using privileged passwords.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
MohamedEladawy - PeerSpot reviewer
Service Security Lead at Salam Technology
Real User
Scalable, reliable, and simple implementation
Pros and Cons
  • "I have found One Identity Safeguard to be stable."
  • "One Identity Safeguard can improve by having more integration with multiple devices."

What is our primary use case?

One Identity Safeguard is used by administrators to access their devices. They will log in using identity management in order to secure the administrator's login.

What needs improvement?

One Identity Safeguard can improve by having more integration with multiple devices.

For how long have I used the solution?

I have been using One Identity Safeguard for approximately one year.

What do I think about the stability of the solution?

I have found One Identity Safeguard to be stable.

What do I think about the scalability of the solution?

The scalability of One Identity Safeguard is good, we can add multiple devices.

We have approximately 40 administrates using this solution in my organization.

We plan to increase usage in the future.

How are customer service and support?

I have not contacted support.

How was the initial setup?

The initial installation was simple.

The full deployment took approximately a couple of months. Not because of the One Identity Safeguard, but because of us, we were busy doing other projects in parallel.

What about the implementation team?

We used a third-party vendor for the implementation and we had a good experience with them.

What other advice do I have?

My advice to others is One Identity Safeguard is a must to have because it's part of the cybersecurity framework, such as Nest ISO. We should have an identity management solution to manage the whole identity, such as privileged users.

I rate One Identity Safeguard an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.