My main use case for One Identity Safeguard is controlling low-level admin access to systems without directly sharing traditional credentials. Day to day, we allow access through One Identity Safeguard, which automatically handles authentication in the backend instead of giving passwords.

In our setup, we use One Identity Safeguard to control admin access by not sharing admin credentials directly with users anymore. Everything goes through One Identity Safeguard, where if an admin needs access to production servers, they log in to One Identity Safeguard and request access to that particular system instead of receiving the username and password.

Regarding my main use case with One Identity Safeguard, during the session, everything is monitored and recorded, such as what commands we run and what changes we have made. If anything looks suspicious, we can terminate the session or review it later, which is very helpful.

From my experience using One Identity Safeguard, several features really stand out from a practical day-to-day security perspective, particularly the session monitoring and recording, as well as the strong feature of password vaulting and auto-rotation.

With session monitoring from One Identity Safeguard, earlier we only had logs that were not very useful during investigations. Now we can replay full sessions and see exactly what the admin did. The password auto-rotation has removed a lot of manual effort and risk, as previously passwords were shared among multiple admins and rarely changed on time. Now, after every session or based on policy, passwords get rotated automatically.

Overall, One Identity Safeguard has had a pretty positive impact on our environment, mainly around security control, visibility, and accountability. The biggest change has been that privileged access is no longer uncontrolled.

The impact on privileged access after implementing One Identity Safeguard has been quite noticeable, as earlier access was more static. Now everything is controlled and time-bound, significantly reducing unnecessary privileged access.

While One Identity Safeguard is a solid PAM solution, there are definitely a few areas for improvement, particularly the UI and overall user experience, which is fine but not very intuitive sometimes. This causes new users to take time to understand navigation and workflows.

A more modern and simplified UI for One Identity Safeguard would really be helpful.

I have been using One Identity Safeguard for more than one year.

One Identity Safeguard is a very stable and reliable solution in my experience.

The scalability of One Identity Safeguard is quite good and works well for growing environments from my experience.

Customer support for One Identity Safeguard is very nice and quick, with the support team being very experienced.

The deployment of One Identity Safeguard took roughly two to three weeks in our case, end-to-end.

During the initial deployment of One Identity Safeguard, there was a slight impact on privileged users, but it was manageable. Admins had to adjust to a new way of working, having to request access through One Identity Safeguard and follow the approval workflow instead of directly using credentials.

The amount of training required for One Identity Safeguard really depends on the role, as the learning curve is higher for administrators or security teams managing the solution. These roles needed a few sessions to properly understand policy configuration, access workflow, and password vaulting and integration.

We definitely see a positive return on investment after implementing One Identity Safeguard in terms of risk reduction and time saving rather than direct cost savings.

We have not evaluated any other options before choosing One Identity Safeguard, as it was referred to us by a friend.

If you are planning to use One Identity Safeguard, my main advice would be to focus on proper planning before implementation. Take time to understand your environment and identify critical assets while defining clear access policies and approval workflows from the beginning rather than just deploying it and onboarding systems randomly.

Overall, my experience with One Identity Safeguard has been quite positive, as it really shows its value over time. Initially, it may seem an extra layer of IT for users, but once implemented, the importance of that control and visibility becomes clear.

I have no changes to suggest for the future as everything is good. I would rate this review a 10.

One Identity Safeguard serves as our Privileged Access Management solution to enforce session management for administrators and allow them to access our systems in recorded sessions, which secures our environment.

In our daily operations, One Identity Safeguard acts as a centralized privileged credentials manager for our systems including Windows, Linux, network devices, and our database, allowing administrators to access our database systems in critical environments while recorded sessions ensure security and accountability.

We have just-in-time access with approvals, allowing administrative access to our users based on request and approvals, which helps us monitor requests for access to critical systems.

One of the best features One Identity Safeguard offers is its capability to integrate with many systems, which is valuable for us since we have multiple database systems with many vendors in our organization.

One Identity Safeguard positively impacts our organization by reducing the likelihood of breaches from privileged sprawl by removing shared admin passwords and enforcing control checkouts while also improving our investigation times and providing strong forensics from a centralized location.

The most common improvement needed is for upgrades. One Identity Safeguard's desktop client should have a faster and easier upgrade process that ensures compatibility.

I have been using One Identity Safeguard for one year.

One Identity Safeguard is quite stable in my experience.

I previously used One Identity before switching from CyberArk to One Identity Safeguard.

The integration process for One Identity Safeguard was not straightforward. Initially, we faced a complex implementation that took about two months, but after that, we achieved a stable configuration and environment for user access to critical systems.

The deployment was seamless for our privileged users, thanks to the professional third-party team we hired for the implementation service that helped us properly implement One Identity Safeguard.

The time saved with One Identity Safeguard is significant, and I can affirm that we have seen a return on investment.

We have a separate department that studies setup costs for each product, but as far as my information goes, the pricing and setup costs are very good.

I did not evaluate other options before choosing One Identity Safeguard.

The feedback from users regarding One Identity Safeguard's usability and functionality has been very good. All users have provided positive feedback, and we encourage them to reach out with any issues, but so far, we have had no problems reported.

My advice for those looking into using One Identity Safeguard is to study the integrations between the client and One Identity Safeguard, ensuring the compatibility matrix is visible to all administrators before upgrading the product. I rated this product a ten out of ten.

We use it to link our virtual systems. We have Windows and Linux, and we have some applications. We use One Identity Safeguard to connect to them. We also use Password Vault, and we do session monitoring.

I am one version behind the latest version. I usually wait before doing an update to make sure that there are no problems with the new release.

One Identity Safeguard helps with accountability. We now know which person is accessing which machine. It also helps to make sure that they are secured, and that everyone knows what changes they need.

We have used the transparent mode and non-transparent mode for privileged sessions. The transparent mode is more difficult than the normal mode, but with the help of the documentation, we figured out how to do the necessary configuration and use this mode. Generally, we use the normal mode. We do not use the transparent mode.

We use the Secure Remote Access feature for privileged users. It was very easy to manage remote access for privileged users by using this feature. When our users cannot be physically present at our place, they can access the resources using the Starling account. It is easy.

The Secure Remote Access feature does not make use of a VPN. This is very important for us because there are some problems with using VPN, so it is easier to use something like Starling. We can be sure that our users can access the network even from home and that the sessions are secure.

I have worked with other One Identity solutions. I have used One Identity Defender, One Identity SPP, and One Identity SPS. They worked very well for our users. We also use the authentication service to control the Linux machines with Active Directory accounts. They work well with each other. I have also used Safeguard Remote Access. I tried its features with Safeguard to allow our users to connect to the sessions by using the cloud so that they do not need to log in to the company servers.

One of the most important aspects is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product. Our end-users find it easy. They have a web application. They only need to enter the credentials, and they can access the Safeguard session. They can use it very fast without any problems. Its learning curve is very low.

We can discover Windows and Linux machines, but we would also like to discover databases. It is very important for us. I have heard that in the new version, we can discover databases, but I have not tried it yet, so I am not sure if the new version does it properly or still needs some work.

We would like to have the option of importing assets by using the CSV file. It was available in the earlier versions, but it is not available now.

I have been using this solution for about two years.

It is very stable. They always release new updates if there are any issues. For example, for the Log4j issue that happened a couple of months ago, they released an update to solve the issue and make sure that no user is affected by it. It is based on the Linux machine, so it is very stable.

I did not face any problems. It is very scalable, and it can be used for a small company or a big company without any problems.

Currently, there are about 20 users who are using it.

We have used their regular support, not the premier support. When we have any problems related to it, we open a ticket. They always help us. We might have to provide them with additional things so that they are able to troubleshoot better, but they are always helpful. I would rate their support a 9 out of 10.

We did not use any other solution.

The initial setup is straightforward. We have two installation types. We have Safeguard for Privileged Passwords and Safeguard for Privileged Sessions. For Safeguard for Privileged Passwords, we just need to import and the whole organization will be done. The process for Safeguard for Privileged Sessions is also simple. There are no problems.

The deployment duration depends on the number of systems, the number of users, and the number of applications. In a small company, it might take about two weeks or three weeks.

The deployment did not affect our privileged users. We just needed some time to get used to it. We were not using any PAM product before, so it took some time to get used to using it. It is more restrictive than the Active Directory system, but it is for the best.

For managing and deploying the solution, I took technical training. It was about five-day training with One Identity. After that, I started its deployment. In case of any problem, we could check several resources. We could check the administration guide or forums. We could also open a support ticket with One Identity. For the end-users, I gave the training, and it took one or two days at the most.

I deployed it myself.

We checked out a couple of solutions, but I was not a part of the selection process.

It is a very easy solution. In case of any problem, you can contact the distributor or the vendor, and they will help you.

I have worked with physical and virtual appliances. We went for virtual appliances because they are easy for us. We have servers in our company, so we have the space and resources to install them.

I would rate One Identity Safeguard a 10 out of 10. I have used it for some time, and I enjoyed working with it.