Sold by: One Identity
Deployed on AWS
Hackers want access to your privileged accounts, which provide unlimited access to your systems and data. In nearly every recent high-profile breach, lapses in security and user practices were exploited by hackers to get their hands on privileged account credentials.
3.9
Overview
One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and simplifies management. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and with nearly any device. The result is a privileged password management solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
Highlights
- Release control - Manages user password requests via a secure web browser connection with support for mobile devices.
- Discovery - Quickly discover any privileged account or system on your network with host, directory and network-discovery options.
- Approval Anywhere - Leveraging One Identity Starling, you can approve or deny any request without being on the VPN.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Win2016 10.0.14393
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
All fees are non-refundable and non-cancellable except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
Right click Safeguard AWS image. Select "Launch" Select you preferred disk size. For testing 100Gb is fine. For production environments, you will want 1Tb or greater. Choose your preferred network NIC/network etc. review and accept Image will deploy. You can see a progress of the image that is deploying by navigating to the deploying image, "right-click instancesettings -> Get System Log. Instance will deploy and then Safeguard will deploy. This will take several minutes. System log will show the percentage of Safeguard deploy progress. Finished when reaches 100% Compete instructions: https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-passwords/7.0%20lts/appliance-setup-guide/4#TOPIC-1820747
Resources
Vendor resources
Support
Vendor support
One Identity offers an extensive range of services from online resources, 24x7 and premier support. One Identity support provides solution support to suit any business organization.
https://support.oneidentity.com/essentials/support-offerings
Contact support at
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Syteca PAM enables you to manage privileged access across numerous platforms, servers, and endpoints effortlessly. Syteca's thorough privileged user activity controls help reduce the risk of intentional or accidental privilege misuse.
miniOrange's PAM solution ensures robust Privileged Access Management across cloud, on-premises, and hybrid environments. Here’s how it benefits your business: enhances visibility, streamlines deployment, and automated processes, and boosts security, along with risk minimization. It enables companies to securely manage, control, and monitor privileged access anywhere in the digital infrastructure.
LogiZone by Logicata provides a pre-configured and managed AWS Landing Zone, ensuring a secure and compliant foundation for your AWS environment. It automates the deployment of a multi-account AWS Organization with robust security controls and centralised management. LogiZone simplifies AWS adoption and governance, allowing you to focus on innovation.
Next Level3's Just-In-Time (JIT) Access is a top MultiFactor Authentication (MFA) solution, providing superior AWS environment protection against unauthorized access and breaches. Seamlessly integrating with AWS Cognito and IAM, it delivers advanced Identity Verification and robust MFA, surpassing traditional IAM systems.
Our solution addresses key use cases: securing dormant accounts, managing employee transitions, protecting endpoints, legacy, and IoT devices, and offering robust security for cloud-hosted systems and custom applications.
With white-label MFA capabilities, Next Level3's JIT Access integrates with your brand. As a secure, reliable, and versatile IAM solution countering a wide range of cyber threats, choose Next Level3's JIT Access for unmatched AWS security and superior MFA and Identity Verification solutions.
Customer reviews
Vyas Shubham
Centralized controls have improved privileged access and simplified compliant audit workflows
Reviewed on Jan 14, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for One Identity Safeguard is to specifically secure, control, and monitor the privileged accounts across our critical systems. We use this to secure password vaulting for privileged and service accounts, control the privileged access to servers, databases, and network devices, session monitoring and recording for audits and compliance purposes, and meet compliance requirements. We often use it to reduce the risk of potential misuse while maintaining visibility and governance over the privileged access.
We use One Identity Safeguard to manage the privileged access to our production Linux and Windows servers. All admin credentials are stored in Safeguard's password vault and users authenticate through Safeguard instead of knowing their actual passwords. When an admin needs access, they request the privileged access through Safeguard, and then Safeguard grants them time-bounded access, with the session proxied and recorded for auditing. Once the session ends, the password is automatically rotated.
How has it helped my organization?
One Identity Safeguard has impacted our organization in a positive way. Since implementing One Identity Safeguard, we have seen several noticeable improvements across security, compliance, and operations.
It has reduced the security risks, as privileged credentials are no longer shared or exposed with others, and automated password rotation has significantly lowered the risk of credential misuse. It also improves visibility and accountability. Session recordings and detailed audit logs make it easy to trace who accessed what, when, and why. This has been especially valuable during our audits and investigations. The operational efficiency of automating password management and access workflow has reduced the manual efforts for the IT and security teams.
We have noticed positive metrics after using Safeguard. The automated password rotation replaced our manual password changes for admins and service accounts, saving us three to four hours per day. We no longer need to save this time manually, resulting in a significant amount of time saved for system and security teams and eliminating the coordination emails and spreadsheets. It provides faster onboarding and offboarding for admins. Once roles and policies were defined, granting or revoking privileged access became a policy change rather than multiple manual updates across systems. It has also reduced the audit preparation efforts. Session recordings, access logs, and reports are readily available. Audit evidence that previously took days to compile can now be generated in hours or minutes.
What is most valuable?
We use One Identity Safeguard as a central control point for all our privileged access, which helps standardize the access policies across teams and platforms. We also use it for the approval workflows, which are enforced for high-risk systems and add an extra security layer for production access.
I have been using it for one and a half years. The best feature I appreciate is the session proxying and recording. It provides transparent session access for admins without exposing the real passwords. Another valuable feature is automated password rotation, which changes the credentials automatically after each use or on a schedule. It reduces the risk of leakage and reuse of passwords. Additionally, the approval workflow and the access request feature add governance with multi-level approvals for sensitive systems. These are the features that I appreciate the most.
When we started using the session proxying and recording features, overall, it was a manageable and fairly smooth process for us. However, like most security platform deployments, it had a few learning curves. Session proxying and recording worked with our major systems including Windows, Linux, and network devices with minimal configuration.
Some devices and services required slight changes to firewall rules and configuration to ensure the proxy could connect cleanly. Additionally, our admins needed orientation so they understood they were joining a recorded session, particularly for remote or support use. We spent considerable time adjusting the session filtering, retention settings, and naming conventions so recordings were useful and not overwhelming. These are some areas where we encountered challenges.
What needs improvement?
The user interface and navigation can be improved. Some workflows, particularly the reporting, session review, and policy configuration could be more intuitive. New users often need time to get comfortable with where things are located.
The initial setup can also be better. Deploying One Identity Safeguard in large or hybrid environments can require careful planning and tuning, so more guided setup or templates would speed up the onboarding.
In very high-volume environments, session indexing and retrieval can sometimes feel slow, particularly when searching historical recordings.
For how long have I used the solution?
I have been using One Identity Safeguard for one and a half years.
What do I think about the stability of the solution?
One Identity Safeguard is quite stable. We have seen minimum downtime since deployment, and routine maintenance has been straightforward. The session proxying, password vaulting, and automated workflow run consistently even under high load. Applying the updates has been predictable with no major disruption in ongoing operations. The integration stability, connections to Active Directory, cloud targets, and DevOps pipelines have remained solid and dependable.
What do I think about the scalability of the solution?
One Identity Safeguard is quite scalable and stable in performance. Safeguard handles a growing number of users, systems, and sessions without significant degradation in performance. The virtual appliance and on-demand cloud version allow the environment to expand easily as infrastructure grows. Access policies, approvals, workflows, and session recording rules can be extended to additional systems and users without major configurations. It works well across hybrid and multi-cloud environments, making it suitable for organizations with geographically distributed infrastructure.
How are customer service and support?
The customer support is very good. Whenever we encountered any problem or issue, they are ready to help us.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
Before using Safeguard, we evaluated accounts from CyberArk and Thycotic Secret Server , as well as a previous PAM solution. We switched because of the complexity and usability of those solutions. The previous solution required significant manual efforts to manage the privileged credentials and lacked intuitive session monitoring. There were limited integrations and it did not easily integrate with our cloud environment, DevOps pipelines, or RPA workflows, which was increasingly important for our operations. That is why we chose One Identity Safeguard.
How was the initial setup?
One Identity Safeguard is a mature, reliable, and secure PAM solution that has significantly improved our privileged access management, compliance, and operational efficiency. While there is a learning curve for admins and users, continuous improvement in usability, reporting, and integration would make it even stronger. As it stands, it provides excellent security, visibility, and peace of mind.
What was our ROI?
We have seen return on investment after using Safeguard. We have saved approximately seven hours per week by automating the password rotation and access approvals, which has freed the IT security teams to focus on higher-value tasks. It has also reduced the manual efforts. Preparing audit evidence now takes only hours instead of days, reducing both internal labor cost and external audit time.
What's my experience with pricing, setup cost, and licensing?
One Identity Safeguard is positioned as an enterprise-grade solution, so the license is not the cheapest in the market, but it reflects the value and security capabilities provided. Initial deployment costs were moderate, mostly tied to planning, virtual appliance resources, and some consulting support for policy configuration. There were no hidden costs beyond the standard licensing and support.
Which other solutions did I evaluate?
We evaluated CyberArk and Thycotic Secret Server before selecting One Identity Safeguard.
What other advice do I have?
My team and I have been using Safeguard for a considerable time, and the positive feedback I received from them is that they appreciated the automated access workflow. The session proxying and recording gives them the confidence that actions are secure while still letting them work efficiently. Admins appreciate the centralized password vault because it removes the hassle of remembering or sharing passwords.
One Identity Safeguard is a robust, enterprise-grade PAM solution with excellent security and governance capability. The reason it deserves a rating of eight out of ten is because of its robust features and capabilities. However, it does not receive a higher rating due to user interface complexity, reporting limitations, setup and scaling efforts, and integration could be deeper.
I would strongly recommend One Identity Safeguard for enterprises managing privileged access. If an organization needs strong control over admin accounts, session monitoring, and compliance, Safeguard is a robust choice. For deployment and onboarding, the solution is reliable and feature-enriched, so organizations need to take time to plan the initial setup, policy configuration, and user onboarding to get the most out of it. Organizations can expect a learning curve as admins and users may need training to adapt to approval workflows, session recording, and just-in-time access.
I provide One Identity Safeguard a rating of eight out of ten.
Kalpesh Pawar
Privileged access has become just in time and audits are now simplified with full session recording
Reviewed on Jan 06, 2026
Review from a verified AWS customer
What is our primary use case?
We use One Identity Safeguard for privileged access management across multi-client public and private cloud environments. It is mainly used to vault and rotate privileged credentials and provide just-in-time access and enforce least privilege. We also use it to record and audit admin sessions for cloud VMs, databases, and infrastructure services without exposing passwords to the engineers working on-site or contractors.
For one client, we had an Azure environment where multiple support engineers needed temporary access to the production VMs for incident resolution. The challenge was shared admin accounts, no clear audit trails, and client audit perspective. We implemented One Identity Safeguard to vault the Azure VM local admin and service accounts, ensure JIT access via approval, allow engineers to connect via One Identity Safeguard brokered RDP and SSH without seeing passwords. We also record all privileged sessions and forward logs to the client's SIEM for full transparency. We achieved that no passwords were shared, full session recordings were available for audits, and access was faster during incidents.
We use One Identity Safeguard to standardize PAM controls across multiple client tenants and cloud platforms. We automated credential rotation for privileged and service accounts without service impact. We also reduced manual access management and operational risk in large-scale cloud environments across our multi-cloud, multi-client customers across the globe.
The integration with our RPA workflows allowed secure credential access for robots without exposing passwords, enabling automated RPA tasks to run smoothly across multiple client systems, which has reduced manual intervention and errors in repetitive workflows.
What is most valuable?
The best features we appreciate about One Identity Safeguard are privileged credential vaulting, session proxying and recording, and integration with ITSM security tools such as Jira , ServiceNow , SIEMs, and SOAR platforms that our clients have. The integration with these platforms was quite simple. Additionally, we appreciate role-based access control, just-in-time access, and least privilege.
The most relied upon feature we appreciated was the session-based just-in-time privileged access with credential isolation. It made the biggest difference in our organization because the engineers never see or handle privileged passwords, which helped us comply with our customer's compliance requirements. The access is time-bound and approval-based, reducing standing admin access, and all the SSH and RDP sessions are brokered and recorded for audit and troubleshooting.
What needs improvement?
The areas for improvement in One Identity Safeguard would be the UI and UX, meaning the admin console can be more intuitive for complex policy and workflow configuration. Additionally, the reporting can be made more customizable with a real-time dashboard without external SIEM dependency.
More improvements could be made regarding support and upgrades. Faster issue resolution and smoother upgrade paths for complex deployments could be an additional improvement area for this product.
For how long have I used the solution?
We have been using One Identity Safeguard for the last two years.
What do I think about the stability of the solution?
One Identity Safeguard is very stable in my experience.
What do I think about the scalability of the solution?
It is scalable as we have now scaled from serving one customer to multiple customers without any downtime or service interruption.
How are customer service and support?
The customer support for One Identity Safeguard is great. The technical team is responsive and very knowledgeable.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We previously used CyberArk. The reason for switching was that we needed easier multi-client management for our customers with hybrid cloud environments and better integration with Jira , SIEM, and RPA workflows across multiple customer cloud environments.
How was the initial setup?
The deployment of the solution took place in phases. Initially, it took one month, and then we scaled it to the full organization globally.
What about the implementation team?
The admin and managers required one to two weeks of hands-on training for vaulting, policy creation, integrations, and session management. The end users required only one or two days to learn about requesting access, launching sessions, and approvals.
What was our ROI?
We have seen a return on investment because we have saved time, reducing access provisioning from hours to minutes. The efficiency of our team has increased as we have reduced manual credential management, allowing our IT team to focus on higher value tasks.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing was entirely based on the sales cost, while the setup was done by our vendor and our in-house team.
Which other solutions did I evaluate?
Integrating One Identity Safeguard with our RPA workflows was quite easy and not a time-consuming process. However, it did require perfect planning and plotting for the RPA bots to ensure just-in-time privileged access.
What other advice do I have?
One more point worth highlighting from a technical and operational perspective is the central policy enforcement across multi-cloud environments.
We have removed shared admin credentials, enforced just-in-time access management, simplified audits with session recording, and reduced manual access work, all thanks to One Identity Safeguard.
Access provisioning time has been reduced from hours to minutes using just-in-time access. We have zero audit findings related to privileged access after implementing this product and have reduced credential-related incidents by eliminating shared and static admin passwords.
I suggest that others considering using One Identity Safeguard go for it. Plan your vault structure and role-based access policies before deployment, and try to utilize more of its just-in-time access and security recording features from day one. I would rate this product an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Rohan Paul
Privileged access has become more controlled and auditable but the interface still needs simplification
Reviewed on Jan 02, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for One Identity Safeguard is for privileged access management to control, monitor, and secure access to critical systems, servers, and applications used by administrators and IT teams.
A quick specific example of how I use it for privileged access management in my environment is that when an administrator needs access to a critical server, they request access through One Identity Safeguard instead of using shared credentials. The system grants time-bound, approved access, rotates the password automatically after the session, and records the entire activity.
What is most valuable?
The best features One Identity Safeguard offers include Privileged Password Vaulting as the first one. The strongest features are Session Recording and Password Vaulting with rotation and Just-in-Time Access, which together give strong control and visibility and audit readiness.
The Session Recording feature specifically helps my team and makes things easier for audits or investigations by giving a clear, time-stamped playback of privileged activities. It removes guesswork, speeds up audits, and ensures full accountability for admin actions.
One Identity Safeguard has positively impacted my organization by improving our security posture, eliminating shared privileged credentials, increasing visibility into admin activity, and making compliance audits faster and more reliable.
What needs improvement?
One Identity Safeguard could be improved by simplifying the user interface and initial configuration process, especially for first-time users. More customizable reporting and clear in-app guidance would also help teams onboard faster and get deeper insights without additional effort.
For how long have I used the solution?
I have been using One Identity Safeguard for about one year.
What do I think about the stability of the solution?
One Identity Safeguard is very stable and can handle the workload easily; I have not seen any downtime.
What do I think about the scalability of the solution?
One Identity Safeguard scales well as the environment grows. It handles increasing numbers of privileged accounts, sessions, and cloud targets without performance issues, making it suitable for expanding and hybrid infrastructure.
How are customer service and support?
Customer support has been responsive and knowledgeable, being effective at resolving technical issues.
How would you rate customer service and support?
Negative
How was the initial setup?
The integration with my cloud environment and infrastructure systems was moderately easy. Core cloud and infrastructure integrations were straightforward with proper documentation, while fine-tuning policies and access workflows required some initial effort. Once configured, the integrations have been stable and reliable.
Administrators required moderate training to understand configuration, policies, and workflows, while end users needed minimal training since access requests and approvals are straightforward. Overall, onboarding was manageable with some initial guidance.
What was our ROI?
I have seen a return on investment through reduced audit effort and fewer security incidents related to privileged access, along with significant time savings for IT and security teams by automating access control and password management.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that pricing is on the higher side, but aligns with the security and compliance value it provides. Setup costs were mainly related to initial configuration and training, and licensing was straightforward.
Which other solutions did I evaluate?
I evaluated other options such as CyberArk and BeyondTrust before choosing One Identity Safeguard.
What other advice do I have?
User feedback has been generally positive around the solution's security and session recording and access control capabilities. However, some users have mentioned that the interface and initial learning curve could be more intuitive, especially for new or non-specialist users.
My advice for others looking into using One Identity Safeguard is to clearly define your privileged access use cases and policies before implementation. It gives stronger security and audit capabilities, but investing time in proper planning, setup, and training will help you get the most value from the solution. I would rate this review a 7.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Jonas Piliponis
Centralized privileged sessions have improved risk control and strengthened contractor oversight
Reviewed on Dec 22, 2025
Review provided by PeerSpot
What is our primary use case?
My main use case for One Identity Safeguard is using only one module for privileged session, which we use for admins and contractors.
A quick specific example of how my team uses One Identity Safeguard day-to-day is that we use only the second part for our contractors, not for admins in our company, but for companies that help us perform admin work and support our system.
What is most valuable?
The best features One Identity Safeguard offers include video recordings to help us control our support risks.
Accessing and reviewing those recordings when needed is easy, and there are no problems with recording or reviewing.
One Identity Safeguard has positively impacted my organization by helping us manage risk. We have this product as Balabit, which is a good product that is very light and helps us check or assist with our needs.
What needs improvement?
One Identity Safeguard could be improved with a password manager and an identity manager as one big access management system.
I believe improvements could be made around integrating with other tools.
For how long have I used the solution?
I have been using One Identity Safeguard for eight years.
What do I think about the stability of the solution?
I rated One Identity Safeguard nine out of 10 because the stability and control could be better, as there are some problems with stability and errors when we use it.
What do I think about the scalability of the solution?
As my organization grows or my needs increase, it is easy to add more users or expand the use of One Identity Safeguard, and that experience has been good.
How are customer service and support?
I would rate the customer support for One Identity Safeguard as eight on a scale of one to ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not previously use a different solution before One Identity Safeguard.
How was the initial setup?
The deployment of One Identity Safeguard solution took one or two days.
The deployment affected my privileged users in a way that was pretty smooth.
Which other solutions did I evaluate?
Before choosing One Identity Safeguard, I evaluated other options based on simplicity, price, and functionality.
What other advice do I have?
Feedback from users regarding One Identity Safeguard's usability and functionality is that it is a good product and very simple to use.
My advice for others looking into using One Identity Safeguard is that it is a great solution for simple tasks, with a good price and good functionality.
My company does not have a business relationship with One Identity Safeguard vendor other than being a customer.
I rated this review nine out of ten.
reviewer2789601
Modern privileged access workflows have improved user onboarding and secure password management
Reviewed on Dec 19, 2025
Review provided by PeerSpot
What is our primary use case?
Our main use case for One Identity Safeguard is to integrate it to clients that need the SPP functionality, which stands for Safeguard for Privileged Passwords . They do say that we could utilize One Identity Safeguard to its full extent for now, but we're getting there.
A quick specific example of how we use One Identity Safeguard with a client is that our latest client needed a password vault, so at first, we integrated One Identity Safeguard for Privileged Passwords, and then they asked for a personal vault so they could store their passwords and secrets, much like KeePass, so we integrated One Identity Safeguard Personal Vault as well. Lastly, they figured at some point down the line that they needed SPS as well, but only the primitive version of it, so we just decided to integrate SPS as well and form it into a cluster with SPP, but they don't use any third-party plugins as of now.
What is most valuable?
The best feature One Identity Safeguard offers is that it is a pretty new, modern tool that makes extensive use of its API. In general, it's easier than other tools to just perform maintenance work or perform work using the API of One Identity Safeguard. Also, the way that the access requests are structured—with entitlements and access request policies—makes it easier to govern data and identities. CyberArk, which is essentially the industry standard right now, is doing a very primitive job of helping the administrator with the task, and One Identity Safeguard is a lot better at this.
These features help my team day-to-day by making onboarding new users easier, and they also make it easier to create existing teams that are complete with their own password management, their own password profiles and rotations, password requirements, and who gets access to what, so it all makes it easier and faster.
One Identity Safeguard has positively impacted my organization by being another tool that we have in our arsenal to be able to get other clients as well, because we also sell One Identity IAM , and we can just bundle One Identity Safeguard with it. It also has a nice feature called remote access, which a lot of people want to use for externals in their organization, coupled with its just-in-time requisition, so it makes selling it much easier because One Identity is a company that's been in the field for ages.
What needs improvement?
One Identity Safeguard can be improved by fixing the documentation, which is very convoluted as of now, and addressing versioning, as some major bugs and issues are not documented well enough in the documentation, along with some patches and fixes. Custom plugins need to be introduced as soon as possible.
I give it an eight because it's a nice tool and it's a modern tool, but there are still some issues, not necessarily pertaining to the tool itself, but to the whole philosophy of One Identity and how they have structured their workflows and their knowledge base, which essentially has no knowledge base, just like CyberArk. There are some issues that need to be fixed, plus it does not have a custom option, and a lot of clients are using in-house made applications that also need to be onboarded to One Identity Safeguard to be able to launch a browser session to that application, which One Identity Safeguard has not had any capabilities that could assist with that.
For how long have I used the solution?
I have been using One Identity Safeguard for two and a half years, ever since we pivoted from CyberArk, as we wanted to be more tool-agnostic, and we decided that One Identity Safeguard was our best option because we had a past with One Identity, with us being in an IAM team.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
So far, we haven't had any issues with One Identity Safeguard's scalability; it's been fine, but we generally target smaller to mid-sized implementations.
How are customer service and support?
The customer support for One Identity Safeguard is fine for what it is, even though everything needs to be run through them and there are no knowledge bases, so we have to wait for a response from the One Identity Safeguard company, and they also keep a lot of information, requiring us to make a request and then they would need to reply, but it's acceptable overall. It's not the worst I've seen.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously used CyberArk before switching to One Identity Safeguard.
How was the initial setup?
The deployment of the solution takes about two to four weeks, give or take, but that's not counting waiting for the client to respond and all that.
About a month of training is required for end-users, and for us, it was four months to understand One Identity Safeguard, but that was because we already had experience in other PAM tools like CyberArk.
What about the implementation team?
We are partners, executive partners, and resellers with this vendor.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing has been a good experience overall, as the back and forth with One Identity is something that is acceptable; other tools have options to do this automatically, and they have it, but pricing, presales, and sales is acceptable overall.
Which other solutions did I evaluate?
Before choosing One Identity Safeguard, I evaluated Zero Trust and Delinea, but they were for smaller organizations, so we decided to adopt One Identity Safeguard.
What other advice do I have?
My advice to others looking into using One Identity Safeguard is to get familiar with the concepts of entitlements and access request policies, the keywords One Identity Safeguard uses, and also get familiar with the way that it handles session management and recording because it's a tool that needs a lot of time to get accustomed to. I give One Identity Safeguard an overall rating of eight out of ten.