Try our new research platform with insights from 80,000+ expert users
reviewer2285733 - PeerSpot reviewer
Senior Consultant at a tech vendor with 5,001-10,000 employees
Reseller
Top 20
Stable and has an easy-to-understand interface, even for people new to it
Pros and Cons
  • "I like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor."
  • "Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target."

What is our primary use case?

We introduce One Identity Safeguard to customers, primarily Italian customers who need to partner with solutions that protect their target resources.

What is most valuable?

What I like about One Identity Safeguard is its interface, which is easy to understand, even for people new to the product. I also like that the solution collects data without any access to the machine, plus it has a feature that lets people explore access to machines within a network.

Regarding the usability and functionality of One Identity Safeguard, the most common feedback I receive from users is that the solution is easy to use and can easily move data.

I also like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor.

My customers use the transparent mode for privileged sessions in One Identity Safeguard, and it is easy to use, though it may be more difficult to configure. I haven't received any customer complaints about that feature, so it's not that difficult to use.

To start using One Identity Safeguard in terms of training for people who manage the solution and the end-users, my colleague and I took a course from One Identity. That training was enough for the basic features, but for some other features, my colleague and I had to create some tickets, though he and I know the database and processes. For users, it is easy because my company provides them with a two-page resource manual with screenshots. Then, I spent some time with the managers to show how One Identity Safeguard works, which is very easy because I've used the solution before. 

The analytics interface of One Identity Safeguard is also easy to understand.

What needs improvement?

A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target. For example, in two machines with some applications, I would like to balance traffic between the two machines with the help of One Identity Safeguard. It would be great if the solution allowed users to add some applications to a cluster and balance the traffic between the applications.

For how long have I used the solution?

I've been working with One Identity Safeguard for customers for six months.

Buyer's Guide
One Identity Safeguard
April 2025
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.

What do I think about the stability of the solution?

Stability-wise, One Identity Safeguard is okay. It's been running for almost one year, and there's no problem with its stability, so, in terms of stability, it's a seven out of ten for me.

What do I think about the scalability of the solution?

The scalability, including the clustering for One Identity Safeguard, could be improved. It is fair right now, scalability-wise, and from an engineering perspective, it may not be as easy to do that because the appliance would have to be encrypted, and there's a security requirement. Still, it would be nicer if scalability could be improved in One Identity Safeguard.

How are customer service and support?

Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. Support-wise, it's an eight out of ten for me.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used a different solution previously, but One Identity Safeguard could limit the maximum number of connections to a target. The other solution, on the other hand, could not do that but has a load-balancing feature.

How was the initial setup?

My company deploys One Identity Safeguard for customers, and I found the process easy.

What other advice do I have?

My customers use the One Identity Safeguard virtual appliances.

I have not used the Cloud Assistant feature of the solution.

I have not used the Remote Access feature for privileged users in One Identity Safeguard.

My company does not integrate the solution with any other parts of the business, such as development, operations, and RPA. It was just tested but not rolled out in production.

In terms of how the deployment of One Identity Safeguard affects privileged users may be a complex question because the customer didn't have a previous infrastructure. The customer is now building the infrastructure, so it's a dynamic environment. The customer doesn't have an old environment.

I'm a One Identity Safeguard integrator, and my company also resells it.

Regarding maintenance, usually, it's not required. Still, sometimes a user could complain about not being able to access passwords in One Identity Safeguard or that there is some misconfiguration I need to analyze, and in the end, the issue is with the target appliance and not One Identity Safeguard.

My rating for One Identity Safeguard is eight out of ten overall.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Consultant at a manufacturing company with 11-50 employees
Consultant
Bulk import with templates is helpful, but some competitors' products are better
Pros and Cons
  • "I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier."
  • "The main thing that needs improvement is the slowness. Apart from that, the change password check-in feature also needs improvement because it is not working perfectly accurately."

What is our primary use case?

We use Safeguard for managing privileged passwords only, using physical appliances.

How has it helped my organization?

So far, I haven't seen any type of improvement from using this solution when compared with other products in the identity and access management space. It has been neutral.

What is most valuable?

I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier.

We also use the Secure Remote Access feature for privileged users. Access is based on group membership and with that membership they connect to the remote machine. It's an easy process to manage. 

What needs improvement?

The main thing that needs improvement is the slowness. Apart from that, the change password check-in feature also needs improvement because it is not working perfectly accurately.

For how long have I used the solution?

I have been using One Identity Safeguard for the last two and a half years. I work as an implementer and provide support operations to our clients.

What do I think about the stability of the solution?

It's not a stable solution, but it's not bad. It's neutral in terms of stability.

What do I think about the scalability of the solution?

It's not scalable.

How are customer service and support?

We are not using their Premier Support, but I am okay with the vendor's regular support. But if the product is running on an unsupported version, that is a very negative point. They should support unsupported versions as well so that their customers are not stuck somewhere in between.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

As an organization, we are using other PAM solutions for other projects, but I'm not sure which other solutions are in use.

How was the initial setup?

The initial setup for Safeguard is straightforward. Because it was deployed a long time ago in our organization, before my tenure, my expertise is based on adding to clusters. If we are going to add clients within a cluster, it depends on the speed, meaning how the network connectivity is between the cluster and the target device.

In terms of the effect of deployment on users, they are provisioned, with the help of group membership, into Safeguard. Once they are assigned to a particular group, they can follow the previous sites. Based on the previous site, they can log in and check out the password of their privileged account.

As for the amount of training needed, it depends on the solution. If the solution is only for privileged passwords, about three weeks' training is required to understand the solution. And if the server for privileges is also integrated with the solution, it will take a month or as much as 45 days.

We have an implementation team and an operations team. Between them, there are a total of five or six people required for this solution to deploy and maintain it.

What's my experience with pricing, setup cost, and licensing?

I'm not aware of the product cost, but if it's going to cost more, first they have to maintain and stabilize the product.

What other advice do I have?

My impression of the form factor of the Safeguard physical appliance is not good and not bad. It's neutral. Similarly, feedback about the usability and functionality is neutral.

My advice, if you have the budget, is to buy other products, like CyberArk Privileged Access Manager or BeyondTrust Endpoint Privilege Management. If you don't have that kind of budget you can use this product.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
One Identity Safeguard
April 2025
Learn what your peers think about One Identity Safeguard. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
Head of Information Security at a financial services firm
Real User
Enables us to implement encryption protocols across channels
Pros and Cons
  • "The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration. In actuality, all the features are valuable. They're good, user-friendly."
  • "Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."

What is our primary use case?

The primary use case for our One Identity Safeguard solution is to optimize security across private accounts, accounts which can be secured upstream and downstream. The solution enables us to implement encryption protocols across channels. It is designed so that depending on the cryptographic case, different policies can be applied in correlation. 

How has it helped my organization?

I don't think it's improved our organization internally. I've had to suspend workflows and focus my time and attention on creating technical, instructional, documentation regarding user procedures and practices.

What is most valuable?

The majority of the features offered with this solution are the same as with other similar systems. The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration.

In actuality, all the features are valuable. They're good and user-friendly.

What needs improvement?

The technical support for this solution needs to be immediate, intuitive, and responsive especially as it refers to supporting ticket submissions and processing.

Furthermore, we've had trouble understanding how certain policy framework applies. I would like to see clearly laid out policies or better support and explanations around policy dynamics.

The stability and downtime of the solution could also be upgraded to include a messaging function which would give users a clear understanding of what's happening without having to navigate to a particular section of the page.

Lastly, I would also like to see the price reduced.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It's very stable. There are about 150 users, mostly administration, currently using this solution in our company. We don't encounter many problems with the system.

What do I think about the scalability of the solution?

I am encountering issues when it comes to the scalability of the solution.

How are customer service and technical support?

Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support.

How was the initial setup?

The initial setup was very easy. We followed the given instruction protocol. We also used white papers when necessary for clarification and better understanding. It only took us one month to implement.

What about the implementation team?

We used an integrator for the deployment. It was a good experience. 

What's my experience with pricing, setup cost, and licensing?

Setup cost, pricing and licensing are all very expensive.

What other advice do I have?

We are very pleased with the Safeguard platform feature. You can't find this technology anywhere else.

On a scale from one to ten, one being the worst and ten being the best, I would give this product a nine rating. If the technical support was better I'd give it a 10 out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2299191 - PeerSpot reviewer
Cybersecurity Director at a sports company with 501-1,000 employees
Real User
Top 20
Is unstable, slow, and not user-friendly
Pros and Cons
  • "We don't need to use VPN for remote access."
  • "The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA."

What is our primary use case?

We use One Identity Safeguard to manage our privileged accounts.

We use One Identity Safeguard on both physical and virtual appliances.

How has it helped my organization?

One Identity Safeguard uses a secure remote access feature that does not use a VPN. This is important because it is cheaper and more secure than implementing a VPN for remote access.

People can start using the solution after five days of training.

What is most valuable?

We don't need to use VPN for remote access.

What needs improvement?

One Identity Safeguard is slow and not user-friendly.

Managing remote access for privileged users is difficult because it requires a lot of customization.

Current integration with other solutions requires custom API development. I would like to see out-of-the-box integration built into One Identity Safeguard, similar to other solutions.

The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA.

For how long have I used the solution?

I have been using One Identity Safeguard for nearly three years.

What do I think about the stability of the solution?

One Identity Safeguard is unstable. Many bugs affect its performance, particularly when generating bundle batches and performing discovery.

What do I think about the scalability of the solution?

One Identity Safeguard is scalable, but its performance degrades as it is scaled up.

How are customer service and support?

Customer support is a nightmare. They take a long time to respond to tickets, and when they don't understand the issue, they stall by requesting logs.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

I previously used BeyondTrust Endpoint Privilege Management, which is a better solution because it includes recording and remote access out of the box, whereas One Identity Safeguard requires us to integrate each of those components separately. Additionally, each component is a different appliance.

How was the initial setup?

The initial setup is straightforward. The installation takes a couple of hours. One person is required for the deployment.

What's my experience with pricing, setup cost, and licensing?

One Identity Safeguard is expensive and the cost goes up as we scale.

Licensing fees increase as we expand, as does the cost of basic support, which allows us to open tickets. Additionally, we must pay to update outdated appliances.

What other advice do I have?

I would rate One Identity Safeguard three out of ten.

I only recommend One Identity Safeguard for small businesses.

When using One Identity Safeguard, we need to be patient.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2285244 - PeerSpot reviewer
Cyber Security Engineer at a financial services firm with 5,001-10,000 employees
Real User
Top 20
The snapshot feature enables us to review the last time an application was opened and by whom
Pros and Cons
  • "I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server."
  • "We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."

What is our primary use case?

I work for a bank, and we use Safeguard to manage access to our Internet banking services. We use Safeguard for two things: identity and access management and detection recording. We have our services onboarded on SysTrack doing RDP directly to the servers or station, and we use virtual appliances for collection. The solution covers around 150 users at this organization. 

What is most valuable?

I like Safeguard's snapshot feature that enables us to review the last time an application was opened and by whom. If there are any issues, we can look behind the scenes to see what has been done. We can suspend a user's access or close off a server. 

What needs improvement?

We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what. 

For how long have I used the solution?

I have used Safeguard for one year.

What do I think about the stability of the solution?

Safeguard is stable. 

What do I think about the scalability of the solution?

It's scalable, depending on the solution case. I don't know if it's domain-based because it was not restricted. We're gradually moving to the Azure cloud.

How are customer service and support?

One Identity support is okay. 

How was the initial setup?

Deploying Safeguard was straightforward.

What other advice do I have?

I rate One Identity Safeguard eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Security Consultant at Controlware GmbH
Consultant
There is a very logical, clear user interface, and the integration of scripts is thoughtfully implemented
Pros and Cons
  • "It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."
  • "The technical support is tremendous."
  • "The high availability function of the box requires a long time to switch over from one appliance to another."
  • "The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems."

What is our primary use case?

The primary use case for our customers is to monitor and audit external vendors, as well as keep track of internal actions when privileged user accounts are being used to access systems internally.

How has it helped my organization?

For our customers, it's much easier for them to be in line with audits. A lot of our customers work in the medical field, where it is important for them to keep track of external vendors, e.g., maintaining medical appliances inside of a hospital. This solution gives them real confidence that they can keep their customers safe and their data protected.

What is most valuable?

There are a variety of protocols that it supports.

The video-like stream and audit capabilities, in combination with its indexing capabilities to search for critical events quickly, are valuable features.

The transparent mode for privileged sessions is really nice because it keeps the integration quite smooth. Also, users don't have to change the way that they currently are used to working. 

It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage.

What needs improvement?

There are some features which are still missing compared to other competitors. For example, some customers need legacy VPN authentication capabilities.

The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems.

What do I think about the stability of the solution?

The overall stability has improved quite a bit throughout the years. The appliances run well, both virtual and physical. The product is pretty good, especially compared to other vendors and products.

What do I think about the scalability of the solution?

Because of the nature of the connections being monitored, you can load balance it quite well. It is easy to shift the load from one appliance to another. However, the high availability function of the box itself requires a long time to switch over from one appliance to another. So, there is room for improvement

How are customer service and technical support?

The technical support is tremendous. For large projects, we have had some challenges, but we were never left alone by the vendor. Also, in one case for a small customer, One Identity assigned one engineer to help with assessing the AD infrastructure of our customers, which was really helpful.

How was the initial setup?

The install and deployment are quite rapid. For a smaller project, sometimes it only takes us about two to three days to implement and get the policies inline. For larger projects, it's actually also not that long for the appliance itself. The product requires a lot of changes on the management side, how vendors work, and how you need to counsel people how to use it, especially in Germany. Then, they are monitored, which is the quite larger portion of it.

For our implementations in Germany, we implement an explicit model most of the time. Therefore, the transparent mode for privileged sessions has not been used that much in my projects.

What other advice do I have?

Look at the entire portfolio, since it has changed so rapidly. The capabilities have improved quite a bit. You need to make sure not to miss out on any features.

The Approval Anywhere for Privileged Passwords is a really good concept, because it enables admins to do other work, be more flexible, and work from home. However, we don't have any real experience with it yet, as we are looking into it at the moment.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Identity & Access Manager at Reist Telecom
Real User
We are able to demonstrate what has happened on systems and who did what, but we want to be able to generate CSRs from the interface for certificates
Pros and Cons
  • "The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between."
  • "The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."
  • "For some users, the physical appliance has been a bit buggy."
  • "We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates."

What is our primary use case?

We primarily use One Identity Safeguard for Privileged Sessions (SPS) for managing our customers' access to their critical systems.

How has it helped my organization?

We are able to demonstrate what has happened on the systems and who did what, when we have to investigate, in regards to audits using evidence.

What is most valuable?

  • Acting as a proxy
  • Session encryption
  • Flexibility of usage

The transparent mode for privileged sessions is one of the best things for customers, because they don't see the system in-between. Thus, it is transparent for them.

The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests.

What needs improvement?

  • We have not yet found the solution to be extensible through cloud-delivered services.
  • Our external indexers are able to integrate with a hardware security module (HSM), which is good. What we have now requested is the integration of HSM with the SPS solution to be able to not have to manage certificates and the private key outside of any tamperproof system.
  • We would like to be able to generate certificate signing requests (CSRs) from the interface for certificates. 
  • We would like to be able to manage the lifecycle of the archived audit traits. If they are on the box, the cleanup and archiving policies are applied, as soon as they are archived on the external share, this does not apply. We need our customers to not have to manually delete these archives.
  • From a web interface perspective, we would like to be able to duplicate connections, so we can reorder them.

What do I think about the stability of the solution?

We have not had a major issues regarding stability once we migrated our users onto the virtual solution. However, for some users, the physical appliance has been a bit buggy.

What do I think about the scalability of the solution?

As of now, we use mainly virtual and have not tested the scalability and high availability, because it is a new thing.

How are customer service and technical support?

The technical support is good. There has been great improvement to all the knowledge base articles available. Therefore, we are able to find a lot of solutions already when we create support requests.

It takes us a long time to make the people from product management and development to understand our needs, e.g., integrating this product with HSM.

Which solution did I use previously and why did I switch?

Because we are a service provider, we have to demonstrate that our systems are really tamperproof. We had that experience previously, and now again, with One Identity SPS, as the product fits our needs.

How was the initial setup?

The initial setup is quite simple, not complex. The installation documentation is good, so the installation is okay. You just need to read the documentation, understand how it works, and how it has to be integrated. Once you do your homework, it's quite easy.

What about the implementation team?

We are the integrator for the deployment.

To install and deploy the solution for the customers, we count one day for a workshop with all the people involved: network, business users, IT, support, etc. Then, for the implementation, it can take another one to five days.

What was our ROI?

It is the life of our customers because it brings a lot of security. So, the return on investment is really on all aspects of compliance, security, and audit.

Which other solutions did I evaluate?

We implement this solution upon customer request.

What other advice do I have?

Test it and its competitors. You will probably choose SPS.

Both the search functionality and speed have been greatly improved.

We are not using privileged passwords.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
reviewer1161345 - PeerSpot reviewer
Works with 10,001+ employees
MSP
Session auditing and replay capabilities help to secure our production environment
Pros and Cons
  • "All sessions are audited and they are indexed/searchable through the GUI."
  • "Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."

What is our primary use case?

We use this solution to separate the office environment from the production environment with a secure network zone. All user sessions go through One Identity Safeguard before they can reach the production environment. All sessions are audited and they are indexed/searchable through the GUI. Some of the data are transferred to our SIEM solution. For the moment we use the product for RDP and SSH sessions. We are going to use it for Citrix farms also in transparent mode. 

How has it helped my organization?

All user sessions are going through Safeguard. They are all audited and secured with forcing the minimum security settings on the side of the user. With this setup, you can easily secure all of the connections to the production environment from the office. Especially if you have a lot of different places connecting to the production environment, it is a PCI DSS requirement that you secure the flow. In our company we already audited the product as part of the PCI DSS certification.

What is most valuable?

The most valuable feature is auditing the sessions. All of the sessions (RDP, SSH, Citrix) can be audited and replayed on demand.

Complete indexing on SSH sessions means that all commands are searchable after indexing.

What needs improvement?

Management of the farm of appliances. When you have more than one server to handle the traffic, you need to configure everything on each console and maintain seperately. The cluster feature is coming in the next versions, until then you can handle with some scripts but its not straight forward. In case you want to use a farm of appliances instead of one you should consider this.

Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service. Again when you have a farm of appliances you need to have all the monitoring data centrally so you know what is happening with the overall service. This feature is missing. You have to go on each server to see what is the status there.

For how long have I used the solution?

We have been using this solution for two years.

What do I think about the stability of the solution?

This is an extremely stable product. Outages depend only on your environment. The service can run smoothly forever, depending on your company's setup and possible maintenance outages.

What do I think about the scalability of the solution?

No problem to scale. It's always a good option to use a load balancer in front of the solution to handle the traffic.

How are customer service and technical support?

Our experience with technical support has been extremely good. 

Which solution did I use previously and why did I switch?

This was the first implementation of such a product in the company.

How was the initial setup?

Setup is straightforward as long as you plan correctly.

What about the implementation team?

The initial setup was with the vendor. They have extremely good knowledge of the product and provide good support.

What was our ROI?

This solution provides PCI-DSS compliance, so ROI can be considered very good.

What's my experience with pricing, setup cost, and licensing?

The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible.

Which other solutions did I evaluate?

More options where evaluated, like Centrify and CyberArk, before we choose this solution.

What other advice do I have?

Before you decide, do a full analysis of your requirements and see if the product fulfills them. Performing such an analysis after the fact is going to be difficult.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free One Identity Safeguard Report and get advice and tips from experienced pros sharing their opinions.