Sold by: One Identity
Deployed on AWS
Hackers want access to your privileged accounts, which provide unlimited access to your systems and data. In nearly every recent high-profile breach, lapses in security and user practices were exploited by hackers to get their hands on privileged account credentials.
4.1
Overview
One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and simplifies management. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and with nearly any device. The result is a privileged password management solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
Highlights
- Release control - Manages user password requests via a secure web browser connection with support for mobile devices.
- Discovery - Quickly discover any privileged account or system on your network with host, directory and network-discovery options.
- Approval Anywhere - Leveraging One Identity Starling, you can approve or deny any request without being on the VPN.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Win2016 10.0.14393
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
All fees are non-refundable and non-cancellable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Right click Safeguard AWS image. Select "Launch" Select you preferred disk size. For testing 100Gb is fine. For production environments, you will want 1Tb or greater. Choose your preferred network NIC/network etc. review and accept Image will deploy. You can see a progress of the image that is deploying by navigating to the deploying image, "right-click instancesettings -> Get System Log. Instance will deploy and then Safeguard will deploy. This will take several minutes. System log will show the percentage of Safeguard deploy progress. Finished when reaches 100% Compete instructions: https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-passwords/7.0%20lts/appliance-setup-guide/4#TOPIC-1820747
Resources
Vendor resources
Support
Vendor support
One Identity offers an extensive range of services from online resources, 24x7 and premier support. One Identity support provides solution support to suit any business organization.
https://support.oneidentity.com/essentials/support-offerings
Contact support at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Syteca PAM enables you to manage privileged access across numerous platforms, servers, and endpoints effortlessly. Syteca's thorough privileged user activity controls help reduce the risk of intentional or accidental privilege misuse.
miniOrange's PAM solution ensures robust Privileged Access Management across cloud, on-premises, and hybrid environments. Here’s how it benefits your business: enhances visibility, streamlines deployment, and automated processes, and boosts security, along with risk minimization. It enables companies to securely manage, control, and monitor privileged access anywhere in the digital infrastructure.
LogiZone by Logicata provides a pre-configured and managed AWS Landing Zone, ensuring a secure and compliant foundation for your AWS environment. It automates the deployment of a multi-account AWS Organization with robust security controls and centralised management. LogiZone simplifies AWS adoption and governance, allowing you to focus on innovation.
Next Level3's Just-In-Time (JIT) Access is a top MultiFactor Authentication (MFA) solution, providing superior AWS environment protection against unauthorized access and breaches. Seamlessly integrating with AWS Cognito and IAM, it delivers advanced Identity Verification and robust MFA, surpassing traditional IAM systems.
Our solution addresses key use cases: securing dormant accounts, managing employee transitions, protecting endpoints, legacy, and IoT devices, and offering robust security for cloud-hosted systems and custom applications.
With white-label MFA capabilities, Next Level3's JIT Access integrates with your brand. As a secure, reliable, and versatile IAM solution countering a wide range of cyber threats, choose Next Level3's JIT Access for unmatched AWS security and superior MFA and Identity Verification solutions.
Customer reviews
Nishant Patil
Strong access controls have secured privileged accounts and now improve accountability
Reviewed on May 13, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for One Identity Safeguard is securing administrator access to critical infrastructure, like firewall servers, switches, databases, as well as the VMware environments. Earlier, multiple engineers used shared admin passwords for devices and servers, which made it difficult to track who performed what activity. This also increased the risk of password misuse and unauthorized access. We have used One Identity Safeguard to secure all of these resources.
A specific example of how I use One Identity Safeguard to secure access or track activities is when an engineer wanted to log in to a firewall for some configuration changes. One Identity Safeguard provides secure access without exposing the actual password. Once the task was completed, the password could be automatically changed, ensuring better security. This use case helps the organization improve privileged access security, maintain accountability, and reduce insider threats for auditing and compliance purposes.
One Identity Safeguard is deployed in my organization on physical appliances, which are dedicated hardware appliances provided by One Identity.
What is most valuable?
The best features One Identity Safeguard offers include a secure password vault for privileged accounts, Privileged Access Management (PAM) , session monitoring, and session recording. Additionally, MFA support is available. There are different benefits and features, including real-time monitoring of administrator activity, audit logs, and compliance reporting.
Session monitoring is a feature where all privileged user activities are monitored in real-time whenever an administrator accesses critical systems such as servers, firewalls, switches, or databases. For example, if a network engineer logs into a secure firewall using One Identity Safeguard, the complete session can be monitored and recorded, including the commands executed, the configuration changes made, the previous configuration, the login duration, and the logout activity.
One Identity Safeguard has positively impacted my organization by tracking admin activities in real time. It records privileged sessions, improves the accountability of engineers and administrators, and detects suspicious or unauthorized actions.
What needs improvement?
I have nothing to improve. The solution is well-designed. I do not have anything at all that I wish could be easier or better, even if it is something small, whether in the user interface, reporting, or integration.
For how long have I used the solution?
I have been using One Identity Safeguard for one year.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
In terms of scalability, One Identity Safeguard can easily grow along with the organization's infrastructure and security requirements. It supports growing infrastructure and handles a large number of privileged accounts because it can support an increasing number of users, privileged accounts, devices, and locations as the organization expands.
How are customer service and support?
The customer support for One Identity Safeguard is good.
Which solution did I use previously and why did I switch?
I have not previously used a different solution. This is the first solution we deployed.
How was the initial setup?
The deployment of the solution took up to one month in my environment.
The deployment was a smooth process for my privileged users. All integrations were executed very well.
What about the implementation team?
Training of approximately ten to twelve days is sufficient for all users, both those new to One Identity Safeguard and those with existing knowledge. Very good training can be delivered within twelve days.
What was our ROI?
The return on investment comes from improving security while reducing operational risk and manual administration. Earlier, the organization managed privileged passwords manually, which increased the chance of password misuse and insider threats. After implementing One Identity Safeguard, privileged access becomes centralized, monitored, and automated. The ROI of One Identity Safeguard is mainly achieved through stronger security, reduced operational effort, automation of privileged access management, and lower risk of security incidents.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that the price is a bit too high. The price could be lower for licenses based on the number of privileged accounts and number of managed access systems. There is a common license factor involved.
Which other solutions did I evaluate?
I have not evaluated other options before choosing One Identity Safeguard.
What other advice do I have?
My advice for others looking into using One Identity Safeguard is that it is very useful in the organization for preventing password issues. I would rate this review as nine out of ten.
Helena Helena
Strong data protection has improved compliance and centralized monitoring for sensitive access
Reviewed on May 13, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for One Identity Safeguard is for strong security, and it also helps me to store my information, to protect my data, and focus on data protection compliance.
One specific example of how I use it for security is to protect my data from external access. Regarding security compliance, I am able to set the metrics and also set the guidelines and the regulations about how my software should be stored and kept.
What is most valuable?
One Identity Safeguard provides multiple features, including data protection services. These tools are able to assess the security demands and compliance requirements. After assessing, I am able to know how data can be saved, and when data is properly saved, everything becomes easier because my data is stored securely and no one can access it.
One of the reasons why I need this is because it has the ability to centralize security monitoring across the entire data infrastructure, and it helps to automate and connect devices in a single platform whereby I can safeguard my data through multiple authentications.
Among the features, there is the AI assistant which helps to verify the quality of data and also verifies the security setups. I appreciate that this tool eliminates the manual process and time-consuming tasks for gathering evidence for compliance by auditing automatically, and it also pulls information from all integrated tools. This helps to ensure that the security of the integrated ecosystem is functioning and protected.
One Identity Safeguard works with One Login, and when they work together, they provide the best outcome which increases the security factors. Cloud integration is another valuable feature that enhances the overall security capabilities.
What needs improvement?
I find it challenging mostly when managing complex work, especially when trying to implement it on a larger scale; sometimes it becomes slow, and the automation process also slows down. I believe it should be improved upon when implementing it on an enterprise scale or with complexity; it should be faster than it currently is.
For how long have I used the solution?
I have been using One Identity Safeguard for two years.
What do I think about the stability of the solution?
One Identity Safeguard is very stable.
What do I think about the scalability of the solution?
The scalability is good; it runs without issues.
How are customer service and support?
The excellent customer support provided during the integration made sure it did not disrupt my users, thanks to the support from both customer service and technicians from the vendor.
Which solution did I use previously and why did I switch?
I previously used a solution called Microsoft Entra ID ; it was expensive and not easy to operate, which is why I decided to switch.
How was the initial setup?
The deployment of the solution took around one to two weeks.
After using One Identity Safeguard, I can say it operates effectively with One Login; when these two tools work together, I find that as a user, I save a lot of funds because they provide extremely high privacy. In this way, they ensure security is maintained, saving time and the costs of employing more workers to oversee increased compliance regulations over personal information. The system is reliable and performs effectively, reducing the need for extensive monitoring and therefore costs.
The integration with the cloud targets was somewhat complex initially, but it became easier after understanding the entire process of integration. After acquiring an integration specialist, everything became very easy and user-friendly.
The initial deployment was somewhat disruptive, but the excellent customer support provided during the integration made sure it did not disrupt my users, thanks to the support from both customer service and technicians from the vendor.
What about the implementation team?
Since we were using One Login along with One Identity Safeguard, it took us around one week for full training and a few days for practice implementing what we were trained on. Overall, it took around two weeks to fully understand how the tool operates.
We use virtual appliances because they are easier to operate and use compared to physical appliances. Additionally, for those of us who are located remotely, purchasing this tool is easier with the virtual appliance compared to physical appliances.
What was our ROI?
After deploying this tool, it saves time; under policy governance, policy monitoring, and more integrations and configurations, it requires very few users to run and operate, which ultimately saves costs as well.
What's my experience with pricing, setup cost, and licensing?
The pricing and setup cost were negotiable depending on requirements and usage, which made it relatively friendly and accommodating compared to other tools.
Which other solutions did I evaluate?
I evaluated Microsoft Entra ID as well as the CyberArk tool before choosing One Identity Safeguard.
What other advice do I have?
One Identity Safeguard is powerful because it provides beneficial features that support clean integration with different tools, significantly improving security and automation processes. The navigation process is easy, and the platform has been extremely valuable for managing customer relationships as well as tracking and providing a centralized system for managing privacy and protecting accounts, as well as safeguarding data.
The reporting capacity is beneficial because it allows me to deal with customer reports about security purposes and understand what is occurring. Users say it is faster; for example, I can input the name of the information or the device I want to control, and this allows me to access it and do what is needed. The platform is intuitive, operates as demonstrated, and easily integrates with the existing platform.
Regarding integration, I primarily integrate One Identity Safeguard with cloud targets. I give One Identity Safeguard a rating of ten out of ten.
Ujjwal Pal
Privileged access has become tightly controlled and audit trails now improve investigations
Reviewed on May 11, 2026
Review from a verified AWS customer
What is our primary use case?
One Identity Safeguard 's main use case for us is securing and controlling privileged access to critical systems.
A common scenario with One Identity Safeguard is when a system administrator needs to access a production server for troubleshooting. Instead of logging in directly with a shared admin credential, the request is first routed through One Identity Safeguard for approval, which helps us with fine-grained control and accountability for high-risk administrative tasks.
What is most valuable?
The best features of One Identity Safeguard in my experience are its session recording and live monitoring capabilities, which give us visibility into what administrators are doing during privileged access.
Session recording in One Identity Safeguard has been especially useful for troubleshooting and audit purposes, adding a strong layer of accountability and making investigation much faster and more accurate.
The implementation of One Identity Safeguard has had a noticeably positive impact on our security posture and daily IT operations, helping us tighten security and gain operational visibility.
The positive outcomes from One Identity Safeguard have been quite clear for our team. From a security perspective, it has significantly reduced the risk of uncontrolled privileged access by enforcing approvals and session tracking, improving security visibility and operational efficiency at the same time.
For how long have I used the solution?
I have been using One Identity Safeguard for around two years now, and my experience with it so far has been exceptional and reliable.
What do I think about the stability of the solution?
One Identity Safeguard is very much stable in my experience.
What do I think about the scalability of the solution?
One Identity Safeguard's scalability is nice and it handles growth or increased users well.
How are customer service and support?
The customer support for One Identity Safeguard was good, and the process was smooth.
Which solution did I use previously and why did I switch?
We did not use any other solution before choosing One Identity Safeguard.
How was the initial setup?
The deployment of One Identity Safeguard in our environment took roughly a day's involvement.
The deployment of One Identity Safeguard had an initial adjustment phase for privileged users, but overall the transition was fairly smooth.
The training required to start using One Identity Safeguard was straightforward for both those who manage it and for end users.
Feedback from users regarding the usability and functionality of One Identity Safeguard was positive.
What was our ROI?
I have seen a return on investment by using One Identity Safeguard, which has reduced the time spent on managing privileged access and impacted the budget by reducing costs by an estimated 20 to 25 percent.
What's my experience with pricing, setup cost, and licensing?
The overall experience with pricing, setup cost, and licenses for One Identity Safeguard was positive.
Which other solutions did I evaluate?
We did not evaluate any other option before choosing One Identity Safeguard.
What other advice do I have?
For anyone considering One Identity Safeguard, I would suggest starting with a clear plan for what you want to achieve from a security and user access perspective before deployment, as a structured rollout approach makes the adoption much smoother and more effective. I have provided a review rating of 10 for One Identity Safeguard.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Sohan Mulik
Centralized privileged access has improved security, audits, and daily administration
Reviewed on May 06, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for One Identity Safeguard is that it serves as a secure, strong PAM solution, and we are using it for PAM authentication.
In daily work, we use One Identity Safeguard for privilege access management, including secure PAM authentication, password vaulting, access request approval, session monitoring, and automatic password rotation for privileged accounts and service servers.
Apart from PAM authentication, we also use One Identity Safeguard for secure privileged session management, auditing, compliance, tracking, and centralized control for critical administrative accounts. It helps to improve security, accountability, and operational efficiency in daily infrastructure management.
How has it helped my organization?
One Identity Safeguard has improved our organization's security posture by providing centralized privileged access management, secure password vaulting, and session monitoring. It has helped to reduce manual password handling, improve compliance and audit tracking, and increase accountability for privileged access activities. Overall, it enhances operational security, streamlines access management, and reduces risks related to privileged accounts.
We have seen improvements in multiple areas. It helped reduce risks related to privileged account misuse by enforcing secure password management and session monitoring. We also saved operational time through automated password rotation and centralized access control. From a compliance perspective, auditing and session recording made it easier during security reviews and audit processes, improving overall accountability and traceability.
What is most valuable?
One Identity Safeguard offers several strong features for PAM. The best ones are password vaulting, automatic password rotation, privileged session monitoring and recording, role-based access control, and approval workflows. I also appreciate the centralized log management, auditing and compliance reporting, and integration with Active Directory and enterprise environments. Features such as session playback, real-time monitoring, and REST API support are very useful for daily administration and security operations.
The feature that has had the biggest impact on my daily operations is the password vaulting and automatic password rotation. It has significantly improved security by eliminating manual password sharing and reducing the risk of unauthorized access. It also saves operational time because administrators can securely request access through One Identity Safeguard without knowing the actual password. Session monitoring and auditing also help a great deal during troubleshooting and compliance reviews.
One additional advantage is that it provides centralized control and complete audit visibility for privileged access activities.
What needs improvement?
One Identity Safeguard is a strong PAM solution, but there are some areas for improvement. The initial deployment and integration process can be complex in large enterprise environments. The user interface and reporting can be improved to make administration and troubleshooting easier. More simplified integration with cloud platforms and third-party tools would also help.
For how long have I used the solution?
I have been using One Identity Safeguard for the last three years.
What do I think about the stability of the solution?
One Identity Safeguard is a stable and reliable PAM solution in our experience. We have seen good performance with minimal downtime, especially for password vaulting, session monitoring, and privileged access workflows. It handles enterprise environments well when properly configured and maintained.
What do I think about the scalability of the solution?
One Identity Safeguard is highly scalable and works well for enterprise environments. It supports scaling through clustering, distributed architecture, and high availability options, which helps handle growing numbers of privileged accounts, sessions, and users efficiently. In our experience, it has managed increasing workloads and integration without major performance issues.
How are customer service and support?
Customer support has generally been good in our experience. The support team is knowledgeable and helpful, especially for One Identity Safeguard's standard deployment, configuration, and troubleshooting issues. Response times are usually reasonable, although complex enterprise-level issues can sometimes take longer to resolve and require escalation.
Which solution did I use previously and why did I switch?
Earlier, we were using a more manual approach along with basic privileged account management processes. We moved to One Identity Safeguard to improve centralized privileged access control, password vaulting, session monitoring, compliance, and overall security management in a more scalable and enterprise-ready way.
How was the initial setup?
The initial deployment of One Identity Safeguard took a few weeks, including setup, integration with Active Directory, policy configuration, onboarding asset accounting, testing, and user access validation. The timeline mainly depended on the environment size and security requirements.
What about the implementation team?
One Identity Safeguard has been integrated with Active Directory, cloud platforms such as AWS and Azure , and various Windows and Linux servers for privileged access management. It also supports integration with enterprise applications, SIEM , log monitoring tools, and automation workflows to improve security and centralize access control.
The integrations were manageable overall, especially with Active Directory and standard Windows and Linux environments. Cloud integration with AWS and Azure required additional planning and configuration, but the documentation and available connectors helped. Some advanced integration and custom workflows were more complex and required careful testing and coordination with security and infrastructure teams.
A moderate level of training was required initially, mainly for administrators handling deployment, policy management, integration, and troubleshooting. For end-users, only basic guidance was needed for the access request and password retrieval workflows. Overall, the team adapted quickly after hands-on usage.
What was our ROI?
We have seen a positive return on investment. One Identity Safeguard helped reduce the manual effort for password management and privileged access handling, which saves operational time for administrators. It also improved compliance and audit readiness, reducing time spent during security reviews. While it did not directly reduce headcount, it improved efficiency and centralized control and reduced security risks related to privileged accounts.
What's my experience with pricing, setup cost, and licensing?
One Identity Safeguard is positioned as an enterprise-grade PAM solution, so the cost is on the higher side.
Which other solutions did I evaluate?
During the evaluation phase, we also looked at other PAM solutions such as CyberArk, BeyondTrust, and Delinea. We compared them on security features, integration, deployment complexity, session monitoring, password vaulting, scalability, and overall operational requirements before selecting One Identity Safeguard.
What other advice do I have?
The deployment was relatively smooth with minimal disruption for privileged users. Initially, users needed some adaptation to the access request and approval workflow. After onboarding and training, the process became streamlined and improved overall security.
The integration improved operational efficiency and security by centralizing privileged access management, reducing manual password handling, and improving visibility through auditing and session monitoring. It also helps streamline access workflows across multiple platforms and environments.
The advice would be to properly plan the PAM implementation before deployment, especially around privileged account discovery, access policies, integration, and user onboarding. Start with the critical systems first and then gradually expand across the environment. Also, involve security, infrastructure, and compliance teams early in the process. I have given this review an overall rating of ten.
Kartik Swami
Privileged access has become more secure and password management saves significant time
Reviewed on Apr 30, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for One Identity Safeguard is to manage and control privileged accounts and store passwords. For example, if an IT admin needs access to a server, I use One Identity Safeguard to manage and control privileged accounts. One Identity Safeguard helps companies avoid data breaches regarding my main use case, influencing other teams and types of users who interact with it.
What is most valuable?
One best feature One Identity Safeguard offers is multi-factor authentication, which adds extra security by requiring more than one verification step. When I mention requiring more than one verification step, I am referring to multi-factor authentication, and it helps to secure systems because it will protect the data. One Identity Safeguard has positively impacted my organization by helping to increase security because of password vaulting.
Password management has improved as it is easier now; for example, I experienced improved efficiency when my IT team needs to access a production server. I have noticed measurable outcomes regarding reduced time to access servers and fewer security incidents since using One Identity Safeguard because it helps me to secure my data and it is reliable.
What needs improvement?
One Identity Safeguard could be improved, and some user tools can be enhanced. I would add more about the needed improvements related to user tools or any other area. The improvement I suggest is to add AI and smart automation; One Identity Safeguard already uses analytics to detect risks, but there is room for enhancement. I believe One Identity Safeguard can be improved by enhancing the user experience.
For how long have I used the solution?
I have been working in my current field for one and a half years.
What do I think about the stability of the solution?
One Identity Safeguard is stable, and this is actually expected by most organizations, commonly compared with CyberArk.
What do I think about the scalability of the solution?
For scalability, instead of one system handling everything, multiple systems are used.
How are customer service and support?
Customer support is good and meets my expectations. I would give a rating of 4.5; I think it is good for customer support.
Which solution did I use previously and why did I switch?
I have previously used a different solution and it was a good experience.
How was the initial setup?
The training required to use the solution is straightforward and effective. It took about one to two weeks for deployment of the solution.
What about the implementation team?
I typically integrate One Identity Safeguard with several parts of the business to make access more seamless. The integration process was balanced because of moderate challenges but manageable overall.
What was our ROI?
For ROI, I have seen a return on investment based on time saved, which is nearly a 50 to 70% reduction.
What's my experience with pricing, setup cost, and licensing?
A strong and honest answer about pricing is that it shows both cost and value.
Which other solutions did I evaluate?
I evaluated other options before choosing One Identity Safeguard.
What other advice do I have?
The feedback regarding the solution's usability and functionality is positive; from my perspective, it is easy to use. I have additional thoughts about One Identity Safeguard. I find this interview very appreciating; it is very helpful, and overall it is a good experience.
I can provide a short poem: Locked doors, silent keys, access flows, watched and secure. This poem captures my sentiments regarding the solution. My overall review rating for One Identity Safeguard is 8.5.