Speaking about the use of the product for vendor management, I would say that I am currently working in SSL Wireless, where we work with BeyondTrust Privileged Remote Access for the deployment of products like Asha Cement in Bangladesh for over two months. I joined the team in my company around four weeks ago, after which I have been trying to install BeyondTrust Privileged Remote Access in my lab for testing purposes and use cases so that I can try to figure out what the organization wants to do or try with the solution. The product has improved remote support capabilities since it works fine. In my company, we found some issues with our clients who found it to be time-consuming, especially when they started a session with the help of the product. Our company's clients have concerns related to why it takes too much time when it comes to RDP sessions. If I want to handle multiple sessions at a single point in time and want to access two or three servers at the same time, I have experienced that it closes the sessions after two or three minutes. The clients don't want sessions to be closed when using the product, meaning they want to be able to use three or four servers at the same time since, at times, they want access to network devices while simultaneously being able to work with application servers or any other servers. The feature of the product that I found to be the most effective for controlling remote access stems from the fact that I didn't find any differences between the sessions offered by the solution, but there are some queries related to the sessions from the clients' end. I am waiting to have a session with the product's support team. I have made a checklist before communicating with the product's support team so that I can clear out the confusion related to the solution. Any PAM solutions, like ARCON, Delinea, or BeyondTrust Privileged Remote Access, offer the same features, while there may be some differences. I am checking for the differences between different products and learning about such areas in depth. When I try to access multiple servers with the help of the product, the solution should work properly since I am not someone who works with one server at a time. I may need access to multiple servers, during which I may face issues with BeyondTrust Privileged Remote Access. I have tried to access the product without a VPN in a local environment. I haven't used any VPNs on the servers I use. If given a chance, I can try to use VPNs, along with BeyondTrust Privileged Remote Access. Considering that I have used Delinea in the past, I would choose BeyondTrust Privileged Remote Access in the present. I cannot speak about other PAM solutions in the market. I rate the overall product an eight out of ten.
I advise others to use BeyondTrust if they have an existing PAM solution. It will help them with seamless access to privileged accounts and credentials. I rate the solution a seven out of ten.
Note that we do not use BeyondTrust Vault since it is not an enterprise-grade vaulting solution, which is why we use Password Safe since that is an enterprise-grade vaulting solution. Initially, we only went for the SaaS solution, and customer-related constraints made us deploy it on-prem as well. But when we chose BeyondTrust PRA, we were only considering SaaS. PRA can also be used to manage network devices. It brings the same level of security into managing networks. It eliminates VPNs, especially multiple VPNs. Through the use of PRA, there is no need to share passwords with users, which is critically important. We don't necessarily use PRA as a full solution, but it adds an additional layer of security by having the enterprise vaulting solution, which is Password Safe, and PRA separate. That also makes things more efficient in that when configuring PRA, we only focus on the connectivity and the session from PRA, we don't worry about the account management. If you compare PRA to CyberArk, it's just as good. There is nothing that one solution has over the other. These are the two market solutions that are usually compared since they are pretty much on par. ManageEngine, at least in the incarnation that we were using, was more limited when it came to auditing and reviewing sessions. I advise engineers choosing a PAM solution to be very careful. One important aspect when reviewing is the high availability capabilities, and the second aspect is the integration capabilities with other BeyondTrust products or other products in that customer environment. I rate PRA an eight out of ten.
BeyondTrust Privileged Remote Access was a great product. A consultant was assigned to us. They helped us understand the product with the demo. It does address setting and specific requirements for different clients. It is not a one-size fits all type of solution, but it does address a number of important requirements for specific clients to an extent. I think BeyondTrust Privileged Remote Access should expand its use cases, considering that customers may have ten use cases. The solution should include some of the recommended use cases by customers. I rate the overall solution a ten out of ten.
I rate BeyondTrust Privileged Remote Access an eight out of ten. If you are using a BeyondTrust product and you want to secure that process, you should use PRA, which enables you to skip a step. You don't need to worry about users having direct access to the process.
Learn what your peers think about BeyondTrust Privileged Remote Access. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
I would tell others to just go for it. If they are security conscious and are concerned about security within their environment, then just go for it. I would rate this solution a nine out of ten.
It won't hurt to give it a shot. I know they have a virtual trial where they can let you use it to try out things. It is a great product. It simply works once it is all set up and configured. If there is an issue, it is easy to troubleshoot and figure out what the problem is. It is usually pretty easy to figure it out. It is very important that PRA stands on its own as a full product, as compared to some of the competitive products that are add-ons to PAM solutions. We wouldn't want to be forced to set up another system just so that we can use PRA. It is great that it is separated out. So, we can just use one portion of it. I would rate it a ten out of ten. It is a great product that I enjoy using, but they should work out the smart card on the web console.
IT Specialist at a comms service provider with 11-50 employees
Real User
2022-07-11T15:49:00Z
Jul 11, 2022
I would rate this solution an eight out of ten. I would advise potential customers to have an excellent understanding of their requirements and what their landscape will look like five years down the line. Consider if the SaaS offering is appropriate, as I understand switching to a self-hosted instance isn't a straightforward process, so it's essential to plan. If I need a privileged remote access solution in my future endeavors, BeyondTrust's offering will be my go-to, and I recommend it for any size of business. We went with the SaaS version of the solution and had some regrets about that. Pharmaceutical companies must comply with a host of rules and regulations, and one of the requirements was to keep recordings of every session for over 90 days. The SaaS solution's storage did not meet our needs in a large enterprise environment. We had to use a third-party backup tool provided by BeyondTrust to download sessions to our local storage, but it was a poor tool; the error handling and logging functions were sub-standard. The ability to operate without a VPN wasn't particularly a requirement. Our project aimed to secure administrative access, so our focus was more on user accounts than endpoints and connections. During our market research, we discovered that few solutions focus on privileged identity management; they're usually integrated with PAM tools like BeyondTrust PRA. As a technician, I can vouch for both ends of that spectrum. The benefit of PRA being a standalone solution in our case is the ability to quickly and definitively sever that tie into our network. That being said, the solution currently doesn't solve all of our privileged access difficulties; we still have to manage roles and privileges in cloud solutions. I don't think there is a product on the market that allows for efficient management of both worlds; the cloud SaaS product and on-premises remote access. Regarding leveraging service accounts as a password manager, there are better solutions, including BeyondTrust's own Password Safe, which integrates well. In terms of managing remote access accounts, PRA does an excellent job and provides relatively fine-grain policy permissions customization. We can have users operating accounts where they cannot view the password, and other users can access the password if needed to access some legacy applications, for example.
Sr Technical Product Manager (Sr. Consultant at Computronix) at Computronix
Consultant
2022-06-25T18:44:00Z
Jun 25, 2022
The advice I would give to others using the solution is to know what you are trying to accomplish and weigh the product in light of the goals or tasks you need to meet. There are some features or functionalities that may not fit some organizations as well as others. Just do a POC, test the product, and it in front of users. They are the ones that ultimately are going to have to live with your choice. There's always a way if you're crafty. Get plugged in with the company. Through so many different phone calls with BeyondTrust, I ended up with access to one of their directors of product management and that opened a lot of doors. I'd rate the solution nine out of ten. There's a little bit of room for improvement, however, it performs well.
I have got a very good impression of BeyondTrust. It is a very good and booming product across the globe. I have been using this solution for close to three years, and I am still learning about its full capability. There is a lot to be explored. They provide a lot of updates, and I am able to see a lot of fine-tuning happening. We can bring our own tool, and if we have an RDP tool, that can also be integrated. They are adding many features related to reporting, connectivity, and stabilization of connectivity. They are improving their product in every aspect. BeyondTrust has many products such as PAM and PRA. AD bridging is also there. Specifically, with the PRA, you can ignore VPN. You don't have to pay for a license for the VPN. You can use this product. All servers, with privileged activities as well as those without privileged activities, are assets of the organization. They all also should be monitored and should be in the control of the organization. PRA is helpful there because you can also onboard the least privileged servers. This helps a lot because everything is recorded and monitored. The management will have a crystal clear report about who accessed them and for what. Everything will be very clear. I would rate this solution an eight out of ten. It makes the life of end-users easier.
Sr Cyber Security Manager at Honeywell International Inc.
Real User
2022-06-01T10:56:00Z
Jun 1, 2022
Know the requirements that you are trying to meet. This way, you purchase the correct module for the requirements that you are trying to meet. PRA is not always the correct module for certain requirements that you need if your environment isn't straightforward with only one operating system. If you are only in Azure and Windows, it probably works very well. However, if you have a hybrid or multiple platforms, then it is not the best tool. For PRA specifically, our requirements weren't understood from point one. Our TAM said it would work, and once we got into it, it did not work. I would rate PRA as five out of 10.
Information Technology Operations Manager at a educational organization with 5,001-10,000 employees
Real User
2022-04-27T18:25:00Z
Apr 27, 2022
I am testing the Vault for service account management, but the problem with it is that the admin credentials on local machines are randomly generated on a randomly generated timeframe. So, the Vault password can't be saved. Every machine is different, and the only way to get that password is to go into another portal, which is frustrating. It is not Bomgar's or BeyondTrust's issue. It is the way we chose to manage that particular account. I'm one of the only ones who utilize it, and I utilize it mainly for testing. If we had a full PAM or our PAM was truly integrated and was BeyondTrust's PAM solution, it would elevate our use of the Vault more, but I am glad that it is there. It allows me to save some passwords that I don't utilize on a regular basis. I don't have to remember those, and I don't have to keep them at multiple different locations. I can just put them there, and I don't have to worry about it. They're safe. They're secure, and they're easy to just have. The system pushes them through. So, I don't even see them anymore. So, it is double secure in my opinion because I don't have to even see the password to remember to type that in somewhere. It just puts it in for me. I appreciate that from the security side. It hasn't had an effect on our network security outside of we had to open a couple of ports when remote happened so that the software gets installed correctly. It wasn't something concerning. It is truly a benefit in the long run. When compared with some competitive products that are add-ons to PAM solutions, it is important that PRA stands on its own as a full solution. It needs to be its own solution but also interlink with other solutions. We don't use the solution to provide access to third-party vendors. It also offers SSO authentication, but I wish it worked with our solution. I know we can do session auditing and monitoring of third-party and remote-worker access, but we just haven't used the capability. We have also not used audio integration during a remote session. I would rate it a 10 out of 10.
Sr. Systems Administrator at Rayburn Country Electric Cooperative, Inc.
Real User
2022-03-02T22:45:00Z
Mar 2, 2022
We are monitoring vendor sessions. We will probably start monitoring our own so we can use it to see what happens in regards to a security incident. We can also go back and use it for troubleshooting or see exactly what somebody did inside of their remote session. At some point, we look forward to turning on the session recording. We just hadn't done it yet, not for internal staff. There is no unattended remote access for vendors that I am aware of, but we know that we can use the solution to do that. Some have done that in the past. We just don't do it all the time and probably not in the last year. My usage of the solution is primarily in the secure network. I don't have any kinds of sounds that I really need to listen to. It is hard for us to roll so much trust into one thing at a time, because what happens when that thing is gone? You need to have an adequate backup plan, and we have not quite gone that far yet. We have an audit coming up this year, because of that it is hard to really decide to do anything new. We kind of have been told, "Hey, stop getting new stuff. You have to get through the audit first." I would rate PRA as 10 out of 10.
Cybersecurity Architect at a tech vendor with 1-10 employees
Real User
2021-11-19T15:26:00Z
Nov 19, 2021
This product is the de facto standard, based on function features, installation, and customer base. There is a reason why so many well-known companies use it. I rate BeyondTrust Privileged Remote Access a nine out of ten, just because there's no such thing as a perfect product.
We are a reseller, not an end-user. While we do use different deployment models, many of our clients are government-related and therefore we deal a lot with on-premises deployments. I'd rate the solution at a nine out of ten. It's definitely on the upper level, well above what else is available. I would recommend that those considering using the solution do a certification course similar to when you install Windows server or something like that from Microsoft where you can become a Microsoft certified professional, and you can attend a class and then you can do an exam about the product. I recommend that a company which uses the product has also a certified admin. It makes it lot easier. That way, they can really profit from all the functionality the product has. The product has many functions however, you need to give it to a person with enough know-how. Otherwise, the company will not use all the features the product offers.
BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.
Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.
Features include:
- Privileged Access Control: Enforce least privilege by giving users the right level...
Speaking about the use of the product for vendor management, I would say that I am currently working in SSL Wireless, where we work with BeyondTrust Privileged Remote Access for the deployment of products like Asha Cement in Bangladesh for over two months. I joined the team in my company around four weeks ago, after which I have been trying to install BeyondTrust Privileged Remote Access in my lab for testing purposes and use cases so that I can try to figure out what the organization wants to do or try with the solution. The product has improved remote support capabilities since it works fine. In my company, we found some issues with our clients who found it to be time-consuming, especially when they started a session with the help of the product. Our company's clients have concerns related to why it takes too much time when it comes to RDP sessions. If I want to handle multiple sessions at a single point in time and want to access two or three servers at the same time, I have experienced that it closes the sessions after two or three minutes. The clients don't want sessions to be closed when using the product, meaning they want to be able to use three or four servers at the same time since, at times, they want access to network devices while simultaneously being able to work with application servers or any other servers. The feature of the product that I found to be the most effective for controlling remote access stems from the fact that I didn't find any differences between the sessions offered by the solution, but there are some queries related to the sessions from the clients' end. I am waiting to have a session with the product's support team. I have made a checklist before communicating with the product's support team so that I can clear out the confusion related to the solution. Any PAM solutions, like ARCON, Delinea, or BeyondTrust Privileged Remote Access, offer the same features, while there may be some differences. I am checking for the differences between different products and learning about such areas in depth. When I try to access multiple servers with the help of the product, the solution should work properly since I am not someone who works with one server at a time. I may need access to multiple servers, during which I may face issues with BeyondTrust Privileged Remote Access. I have tried to access the product without a VPN in a local environment. I haven't used any VPNs on the servers I use. If given a chance, I can try to use VPNs, along with BeyondTrust Privileged Remote Access. Considering that I have used Delinea in the past, I would choose BeyondTrust Privileged Remote Access in the present. I cannot speak about other PAM solutions in the market. I rate the overall product an eight out of ten.
I rate the overall solution an eight and a half to nine out of ten.
I advise others to use BeyondTrust if they have an existing PAM solution. It will help them with seamless access to privileged accounts and credentials. I rate the solution a seven out of ten.
Note that we do not use BeyondTrust Vault since it is not an enterprise-grade vaulting solution, which is why we use Password Safe since that is an enterprise-grade vaulting solution. Initially, we only went for the SaaS solution, and customer-related constraints made us deploy it on-prem as well. But when we chose BeyondTrust PRA, we were only considering SaaS. PRA can also be used to manage network devices. It brings the same level of security into managing networks. It eliminates VPNs, especially multiple VPNs. Through the use of PRA, there is no need to share passwords with users, which is critically important. We don't necessarily use PRA as a full solution, but it adds an additional layer of security by having the enterprise vaulting solution, which is Password Safe, and PRA separate. That also makes things more efficient in that when configuring PRA, we only focus on the connectivity and the session from PRA, we don't worry about the account management. If you compare PRA to CyberArk, it's just as good. There is nothing that one solution has over the other. These are the two market solutions that are usually compared since they are pretty much on par. ManageEngine, at least in the incarnation that we were using, was more limited when it came to auditing and reviewing sessions. I advise engineers choosing a PAM solution to be very careful. One important aspect when reviewing is the high availability capabilities, and the second aspect is the integration capabilities with other BeyondTrust products or other products in that customer environment. I rate PRA an eight out of ten.
BeyondTrust Privileged Remote Access was a great product. A consultant was assigned to us. They helped us understand the product with the demo. It does address setting and specific requirements for different clients. It is not a one-size fits all type of solution, but it does address a number of important requirements for specific clients to an extent. I think BeyondTrust Privileged Remote Access should expand its use cases, considering that customers may have ten use cases. The solution should include some of the recommended use cases by customers. I rate the overall solution a ten out of ten.
I rate BeyondTrust Privileged Remote Access an eight out of ten. If you are using a BeyondTrust product and you want to secure that process, you should use PRA, which enables you to skip a step. You don't need to worry about users having direct access to the process.
I would tell others to just go for it. If they are security conscious and are concerned about security within their environment, then just go for it. I would rate this solution a nine out of ten.
It won't hurt to give it a shot. I know they have a virtual trial where they can let you use it to try out things. It is a great product. It simply works once it is all set up and configured. If there is an issue, it is easy to troubleshoot and figure out what the problem is. It is usually pretty easy to figure it out. It is very important that PRA stands on its own as a full product, as compared to some of the competitive products that are add-ons to PAM solutions. We wouldn't want to be forced to set up another system just so that we can use PRA. It is great that it is separated out. So, we can just use one portion of it. I would rate it a ten out of ten. It is a great product that I enjoy using, but they should work out the smart card on the web console.
I would rate this solution an eight out of ten. I would advise potential customers to have an excellent understanding of their requirements and what their landscape will look like five years down the line. Consider if the SaaS offering is appropriate, as I understand switching to a self-hosted instance isn't a straightforward process, so it's essential to plan. If I need a privileged remote access solution in my future endeavors, BeyondTrust's offering will be my go-to, and I recommend it for any size of business. We went with the SaaS version of the solution and had some regrets about that. Pharmaceutical companies must comply with a host of rules and regulations, and one of the requirements was to keep recordings of every session for over 90 days. The SaaS solution's storage did not meet our needs in a large enterprise environment. We had to use a third-party backup tool provided by BeyondTrust to download sessions to our local storage, but it was a poor tool; the error handling and logging functions were sub-standard. The ability to operate without a VPN wasn't particularly a requirement. Our project aimed to secure administrative access, so our focus was more on user accounts than endpoints and connections. During our market research, we discovered that few solutions focus on privileged identity management; they're usually integrated with PAM tools like BeyondTrust PRA. As a technician, I can vouch for both ends of that spectrum. The benefit of PRA being a standalone solution in our case is the ability to quickly and definitively sever that tie into our network. That being said, the solution currently doesn't solve all of our privileged access difficulties; we still have to manage roles and privileges in cloud solutions. I don't think there is a product on the market that allows for efficient management of both worlds; the cloud SaaS product and on-premises remote access. Regarding leveraging service accounts as a password manager, there are better solutions, including BeyondTrust's own Password Safe, which integrates well. In terms of managing remote access accounts, PRA does an excellent job and provides relatively fine-grain policy permissions customization. We can have users operating accounts where they cannot view the password, and other users can access the password if needed to access some legacy applications, for example.
The advice I would give to others using the solution is to know what you are trying to accomplish and weigh the product in light of the goals or tasks you need to meet. There are some features or functionalities that may not fit some organizations as well as others. Just do a POC, test the product, and it in front of users. They are the ones that ultimately are going to have to live with your choice. There's always a way if you're crafty. Get plugged in with the company. Through so many different phone calls with BeyondTrust, I ended up with access to one of their directors of product management and that opened a lot of doors. I'd rate the solution nine out of ten. There's a little bit of room for improvement, however, it performs well.
I have got a very good impression of BeyondTrust. It is a very good and booming product across the globe. I have been using this solution for close to three years, and I am still learning about its full capability. There is a lot to be explored. They provide a lot of updates, and I am able to see a lot of fine-tuning happening. We can bring our own tool, and if we have an RDP tool, that can also be integrated. They are adding many features related to reporting, connectivity, and stabilization of connectivity. They are improving their product in every aspect. BeyondTrust has many products such as PAM and PRA. AD bridging is also there. Specifically, with the PRA, you can ignore VPN. You don't have to pay for a license for the VPN. You can use this product. All servers, with privileged activities as well as those without privileged activities, are assets of the organization. They all also should be monitored and should be in the control of the organization. PRA is helpful there because you can also onboard the least privileged servers. This helps a lot because everything is recorded and monitored. The management will have a crystal clear report about who accessed them and for what. Everything will be very clear. I would rate this solution an eight out of ten. It makes the life of end-users easier.
Know the requirements that you are trying to meet. This way, you purchase the correct module for the requirements that you are trying to meet. PRA is not always the correct module for certain requirements that you need if your environment isn't straightforward with only one operating system. If you are only in Azure and Windows, it probably works very well. However, if you have a hybrid or multiple platforms, then it is not the best tool. For PRA specifically, our requirements weren't understood from point one. Our TAM said it would work, and once we got into it, it did not work. I would rate PRA as five out of 10.
I am testing the Vault for service account management, but the problem with it is that the admin credentials on local machines are randomly generated on a randomly generated timeframe. So, the Vault password can't be saved. Every machine is different, and the only way to get that password is to go into another portal, which is frustrating. It is not Bomgar's or BeyondTrust's issue. It is the way we chose to manage that particular account. I'm one of the only ones who utilize it, and I utilize it mainly for testing. If we had a full PAM or our PAM was truly integrated and was BeyondTrust's PAM solution, it would elevate our use of the Vault more, but I am glad that it is there. It allows me to save some passwords that I don't utilize on a regular basis. I don't have to remember those, and I don't have to keep them at multiple different locations. I can just put them there, and I don't have to worry about it. They're safe. They're secure, and they're easy to just have. The system pushes them through. So, I don't even see them anymore. So, it is double secure in my opinion because I don't have to even see the password to remember to type that in somewhere. It just puts it in for me. I appreciate that from the security side. It hasn't had an effect on our network security outside of we had to open a couple of ports when remote happened so that the software gets installed correctly. It wasn't something concerning. It is truly a benefit in the long run. When compared with some competitive products that are add-ons to PAM solutions, it is important that PRA stands on its own as a full solution. It needs to be its own solution but also interlink with other solutions. We don't use the solution to provide access to third-party vendors. It also offers SSO authentication, but I wish it worked with our solution. I know we can do session auditing and monitoring of third-party and remote-worker access, but we just haven't used the capability. We have also not used audio integration during a remote session. I would rate it a 10 out of 10.
We are monitoring vendor sessions. We will probably start monitoring our own so we can use it to see what happens in regards to a security incident. We can also go back and use it for troubleshooting or see exactly what somebody did inside of their remote session. At some point, we look forward to turning on the session recording. We just hadn't done it yet, not for internal staff. There is no unattended remote access for vendors that I am aware of, but we know that we can use the solution to do that. Some have done that in the past. We just don't do it all the time and probably not in the last year. My usage of the solution is primarily in the secure network. I don't have any kinds of sounds that I really need to listen to. It is hard for us to roll so much trust into one thing at a time, because what happens when that thing is gone? You need to have an adequate backup plan, and we have not quite gone that far yet. We have an audit coming up this year, because of that it is hard to really decide to do anything new. We kind of have been told, "Hey, stop getting new stuff. You have to get through the audit first." I would rate PRA as 10 out of 10.
This product is the de facto standard, based on function features, installation, and customer base. There is a reason why so many well-known companies use it. I rate BeyondTrust Privileged Remote Access a nine out of ten, just because there's no such thing as a perfect product.
We are a reseller, not an end-user. While we do use different deployment models, many of our clients are government-related and therefore we deal a lot with on-premises deployments. I'd rate the solution at a nine out of ten. It's definitely on the upper level, well above what else is available. I would recommend that those considering using the solution do a certification course similar to when you install Windows server or something like that from Microsoft where you can become a Microsoft certified professional, and you can attend a class and then you can do an exam about the product. I recommend that a company which uses the product has also a certified admin. It makes it lot easier. That way, they can really profit from all the functionality the product has. The product has many functions however, you need to give it to a person with enough know-how. Otherwise, the company will not use all the features the product offers.
I would rate BeyondTrust Privileged Remote Access a nine out of ten.
I would rate this solution a nine out of ten.