Safeguard for Privileged Passwords
Centralized credential vault has strengthened secure remote access and simplified audits
What is our primary use case?
Currently, for our business case, we have multiple scenarios with One Identity Safeguard, but I haven't used the transparent mode much. The transparent mode that I am aware of is that One Identity Safeguard privileged sessions have that transparent mode where the administrator and target server allow users to continue connecting to servers exactly as they would normally, which can be useful.
This is a good feature to have.
I use the secure remote access for privileged users.
I do not use any physical appliances, virtual appliances, or on-demand versions with One Identity Safeguard. The primary business use case we have for it is secure privileged account management, including credential vaulting, enforcing password rotation, and providing secure privileged session access. These are the proper business use cases on which we implement it. It helps us reduce the risk associated with privileged credentials while supporting compliance and security monitoring.
This is how we utilize it.
What is most valuable?
The best features of One Identity Safeguard are multiple features similar to any PAM solution that we use for our security purposes. The strongest feature of One Identity Safeguard is a centralized privileged credential vault, which eliminates the need for administrators to know or manually manage privileged passwords. The automated password rotation and secure checkout process significantly reduce credential exposure.
This is the best aspect that I have experienced, along with another feature that is session management. The session recording and replay provide excellent visibility for investigation, compliance audits, and insider threat monitoring. These features are the best in One Identity Safeguard that I have seen compared to multiple other PAM solutions.
One Identity Safeguard has improved our organization from the security perspective, which is the main aspect that we have seen in it. VPN elimination and reduced credential exposure have helped us manage credentials in a more secure way. We work in a Security Operations Center, and it has helped us significantly from a SOC perspective.
What needs improvement?
One area that has room for improvement in One Identity Safeguard is native integration with newer cloud platforms and SaaS applications and security tools. We have a SOAR application in our environment, which is Cortex XSOAR, and it would be better if One Identity Safeguard could have native integration with this application so that anyone executing playbooks through the SOAR could request One Identity Safeguard access through it. This would be one improvement that we suggest regarding native integration with newer cloud platforms.
Reporting and dashboard customization with One Identity Safeguard should be better improved. While it is already present, monitoring multiple servers and technologies that we have integrated with One Identity Safeguard could be managed better if more reporting and dashboard customization options were available.
For how long have I used the solution?
I have been using the solution for one and a half years.
What do I think about the stability of the solution?
From a stability perspective, I rate One Identity Safeguard as being stable in our production environment and it performs reliably with minimal unplanned downtime. I would rate it 8 out of 10.
What do I think about the scalability of the solution?
The scalability of One Identity Safeguard is that the solution scales in the enterprise environment with multiple privileged accounts, servers, and administrators. It overall supports growth without any significant performance issues. When deployed according to best practices, I would rate it 9 out of 10.
How are customer service and support?
I use the regular support for One Identity Safeguard. I rate support from 1 to 10 overall as 9 because compared to other customer PAM solutions that we have like iRage PAM and Commvault PAM, this is superior and offers a more advanced procedure.
What other advice do I have?
I use the secure remote access for privileged users.
One Identity Safeguard provides VPN-less remote access where administrators, vendors, and third-party users can securely connect with privileged resources without using traditional VPN. This is the main advantage because having VPN connectivity between these three user types would otherwise present a vulnerability. Additionally, the clientless browser-based access allows users to connect through a web browser without installing client software, which simplifies onboarding and remote administration.
It is not important to me that secure remote access with One Identity Safeguard does not use VPN, because it already eliminates VPN-related risks for privileged users and it was very helpful. VPN usage would be a key concern when connecting in such cases, but this particular secure access eliminates VPN-related risks and provides a complete audit trail for remote administrative activities.
I compare One Identity Safeguard with other vendors based on the features that I have mentioned, such as stability and customer support, as well as scalability. This is the best product that I can recommend. It would be an excellent tool for the medium to large enterprise looking for a mature privileged access management solution. Compared to other solutions, it has a better feature set and better capabilities, which makes it a superior tool.
I am not aware of the pricing for One Identity Safeguard because I am an end user of this product. The pricing must be handled by our finance team, so I am not informed about this aspect.
The deployment of One Identity Safeguard did not disruptively affect my privileged users in any way.
I have integrated One Identity Safeguard with multiple options available, such as our Active Directory.
My experience with integration of One Identity Safeguard was not difficult. The integration with Active Directory or any enterprise infrastructure was straightforward. However, configuring the policies and onboarding privileged assets required careful planning and workflow understanding. Overall, it was straightforward and simple with no complex details.
The amount of training required to start using One Identity Safeguard is minimal. Because in our environment we have multiple PAM solutions or other integrated solutions, One Identity Safeguard was much easier in comparison.
I rate this review 9 out of 10.
Centralized session monitoring has strengthened privileged access control and simplified audits
What is our primary use case?
One Identity Safeguard is used to securely manage privileged accounts and protect administrative credentials sessions across our IT environment. It helps control access to critical systems and enforce security.
A common scenario involves system administrators who need temporary access to Windows or Linux production servers for maintenance or troubleshooting. Instead of sharing privileged passwords, they request access through One Identity Safeguard. One Identity Safeguard securely stores these credentials, grants time-limited access after approval, records the entire privileged session, and automatically revokes access once the maintenance is complete. This reduces the risk of credential exposure while maintaining security.
What is most valuable?
The best features of One Identity Safeguard are its secure password vault, automated password rotation, and privileged session monitoring. I also appreciate the approval workflow for granting temporary privileged access, which helps ensure least privilege policies. The session recording and searchable audit logs are especially useful during security reviews and compliance audits, as they provide clear visibility into who accessed critical systems, when they were accessed, and what actions were performed.
The session recording and search features are straightforward to use. Every privileged session is automatically recorded in user activity and commands, so there is no need for manual intervention. When investigating an incident or reviewing administrative actions, I can search sessions using filters such as user, target, system, date, or time range. Finding a specific session usually takes only a few minutes, and the playback feature makes it easy to see exactly what happened during the session. This has been very helpful for troubleshooting, internal audits, and compliance reviews.
What needs improvement?
One Identity Safeguard is a strong privileged access management solution, though there are a few areas in which it could be improved. The initial deployment and configuration can be complex, especially for organizations with larger hybrid environments. The user interface could be more intuitive, particularly for first-time administrators, and some reporting and dashboard customization options could be more flexible. I would also like to see broader native integration with cloud platforms and DevOps tools to simplify privileged access management across modern infrastructure.
For how long have I used the solution?
I have been using One Identity Safeguard for the last eight months.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
The scalability of One Identity Safeguard has been good for our environment. As more systems and privileged users have been added, expanding the deployment has been straightforward without requiring major changes to the existing setup. The virtual appliance architecture has made it easy to grow as needed, and I have not experienced any significant performance issues while onboarding additional servers or accounts. Overall, One Identity Safeguard has scaled well to meet our current requirements.
How are customer service and support?
Customer support is definitely outstanding. I would rate the customer support a ten out of ten.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
The initial deployment took almost three weeks. Most of the time was spent on planning, configuration, policies, integration with other existing directory services, testing privileged access workflows, and validating session recording before rolling it out to the administrators. Once the initial setup was complete, onboarding additional systems and users was relatively straightforward.
The deployment of One Identity Safeguard caused very little disruption to our privileged users. During the rollout, administrators had to learn the new access request and approval process, which required a short adjustment period. After that, the workflow became routine. Instead of using shared administrator passwords, users simplified the request for access through One Identity Safeguard and received time-limited access when approved. Overall, the transition was smooth, and the improved security and accountability outweighed the small learning curve.
What about the implementation team?
The administrators who manage One Identity Safeguard required approximately two to three days of training to become comfortable with the deployment, policy configuration, and ongoing administration. End-users, such as system administrators requesting privileged access, needed only a short onboarding session of around one to two hours to understand the access request processes, approval workflow, and how to start a privileged session. After the initial training, most users were able to use the solution without significant issues.
What was our ROI?
I have seen a positive return on investment from One Identity Safeguard, mainly through time savings and improved operational efficiency rather than reduced headcount. Before implementing One Identity Safeguard, collecting privileged access records for security reviews and audits was a manual process that often took several hours. With centralized audit logs and session recording, I have reduced the effort by approximately thirty to forty percent, and in many cases, I can gather the required evidence in about an hour. I also spend less time managing shared administrator passwords and investigating privileged activities because everything is centrally recorded and searchable. While I have not reduced staff, I have been able to spend more time on proactive security work instead of administrative tasks.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing has been overall positive. One Identity Safeguard is positioned as an enterprise product, so the licensing cost is not inexpensive, but I felt it was justified by the security features and compliance benefits it provides. The licensing process was straightforward, and there were no unexpected setup costs beyond the time required for deployment and configuration. Overall, the total cost of ownership has been reasonable for the value it delivers in securing privileged access.
Which other solutions did I evaluate?
I did not evaluate other options before choosing One Identity Safeguard.
What other advice do I have?
One Identity Safeguard has been deployed in a hybrid environment. The core privileged access management components are hosted on-premises to manage access to critical internal systems, while they also integrate with cloud-based resources. This setup gives us the flexibility to secure both traditional infrastructure and cloud workloads from a single privileged access management platform.
Microsoft Azure is primarily used for our cloud-based resources.
The virtual appliance deployment was chosen because it was easier to deploy in our existing virtualized infrastructure, required less hardware management than physical appliances, and offered the flexibility to scale as our environment grows. It also simplified backup, maintenance, and software updates while providing the same core privileged access management capabilities we needed.
Overall, the feedback from our users regarding One Identity Safeguard's usability and functionality has been positive. Administrators appreciate that they no longer need to know or share privileged passwords, and the approval workflow is straightforward once they become familiar with it. The session recording and audit features are also well-received because they make troubleshooting and compliance review much easier. The main feedback has been that the interface has a learning curve for new users, and the initial setup and policy configuration can be a bit complex. However, after onboarding, most users find the platform reliable and easy to use for their day-to-day privileged access tasks.
At this stage, One Identity Safeguard has not been integrated with DevOps pipelines, RPA platforms, or other advanced business systems. It is primarily used for privileged access management, secure credential storage, password rotation, and session monitoring for our infrastructure.
My advice for others looking into using One Identity Safeguard would be to spend enough time planning the deployment before implementation. Identify your privileged accounts, define clear access policies and approval workflows, and involve both the security and infrastructure teams early in the project. Start with a small group of critical systems to validate the configuration and user experience before expanding across the environment. Also, provide basic training for administrators and end-users so they can understand the new privileged access process. Taking this approach makes the rollout smoother and helps you get the most value from the solution. I rate this solution a ten out of ten overall.
Centralized controls have secured privileged access and improve audit readiness every day
What is our primary use case?
One Identity Safeguard is used primarily to secure privileged accounts and control administrative access to critical systems. On a day-to-day basis, it is used for password vaulting, access approval, and monitoring privileged sessions to ensure secure and compliant access management.
Password vaulting is a key function in daily operations. When a server administrator needs temporary access to a production system, they request access through One Identity Safeguard, receive approval, and the activity is logged automatically. This approach has improved security and made it significantly easier to track privileged access during audits and reviews.
How has it helped my organization?
Improved control over privileged access across the organization has been achieved. Before One Identity Safeguard, managing administrative credentials and tracking privileged activities involved more manual effort, but after implementation, access became more secure and easier to audit. It has helped reduce the risk of unauthorized access and improved the overall security and compliance posture.
What is most valuable?
The most valuable features of One Identity Safeguard are password vaulting, session monitoring, and approval-based access controls. These features help secure privileged accounts, improve visibility into administrative activities, and ensure that access to critical systems is properly controlled and audited.
Session monitoring has been particularly useful during troubleshooting and audit reviews. When a question arose about a configuration change on a critical server, the recorded session could be reviewed to quickly understand what actions were performed. The approval workflow is another significant feature, as it ensures that privileged access is granted only when needed and follows the appropriate authorization process, which strengthens governance and accountability.
Centralized password management is also greatly appreciated, as it reduces the need for administrators to know or store privileged credentials directly, which improves security and simplifies access management. One Identity Safeguard brings access control, auditing, and credential management together in a single solution, making day-to-day administration more efficient.
One Identity Safeguard has had a very positive impact on operations because it is used in daily activities. Improved control over privileged access across the organization has been achieved. Before One Identity Safeguard, managing administrative credentials and tracking privileged activities involved more manual effort, but after implementation, access became more secure and easier to audit. It has helped reduce the risk of unauthorized access and improved the overall security and compliance posture.
What needs improvement?
There is room for improvement in One Identity Safeguard in several areas. One area for improvement would be reporting and analytics. While the available reports are useful, having more customizable dashboards and deeper insights into privileged access trends would help security teams make faster decisions. A more streamlined user experience for access requests and approvals would be beneficial, especially in large environments where many privileged access requests are processed daily.
Integration and reporting flexibility represent another area where One Identity Safeguard could improve. While the existing capabilities are solid, having more out-of-the-box integrations and easier customization options would reduce administrative effort. More proactive insights around privileged access, users, and security trends would help security teams identify potential risks faster and improve overall visibility across the environment.
More proactive alerting and recommendations would be a valuable addition. Highlighting unusual privileged access patterns or providing suggestions for policy optimization would help administrators respond faster. Additional dashboard customization options would allow teams to tailor views and reports based on their specific operational and security requirements.
For how long have I used the solution?
One Identity Safeguard has been in use for one and a half years.
What do I think about the stability of the solution?
One Identity Safeguard is a stable and dependable platform. It has been used regularly for privileged access management and has performed consistently with very few issues. Most challenges were related to configuration changes or integrations rather than product stability itself.
What do I think about the scalability of the solution?
One Identity Safeguard is scalable. Additional systems, privileged accounts, and users were able to be onboarded without major changes to the platform. The centralized management approach helped keep administrative efficiency even as privileged access requirements expanded.
How are customer service and support?
Customer support for One Identity Safeguard is good.
Which solution did I use previously and why did I switch?
A different solution was used previously. Native administrative tools and manual processes were primarily relied upon for managing privileged accounts and credentials. The switch to One Identity Safeguard was made because stronger security controls, centralized credential management, better auditing, and more visibility into privileged access activities across the environment were needed.
How was the initial setup?
The deployment of One Identity Safeguard took approximately two to three months from initial planning to full production rollout. Most of the time was spent on requirements gathering, onboarding critical systems, configuring access policies, and testing workflows. The actual installation was relatively quick, but proper planning and validation were important for a successful deployment.
What about the implementation team?
The integration of One Identity Safeguard with existing systems was fairly straightforward. Since established identity and infrastructure systems were already in place, connecting One Identity Safeguard to those environments was not particularly difficult. The main effort was around planning access policies, onboarding privileged accounts, and testing workflows. Once configured, the integration worked smoothly and provided a more centralized approach to privileged access management.
What was our ROI?
A return on investment is evident with One Identity Safeguard. A specific benefit has been the reduction in time spent managing privileged credentials and access requests. Before One Identity Safeguard, access approvals and credential management involved more manual coordination. After implementation, this process became centralized and automated, which reduced administrative efforts and improved response times. While headcount was not reduced, the team spent less time on routine access management tasks and more time on security and operational improvements.
What's my experience with pricing, setup cost, and licensing?
Pricing for One Identity Safeguard is at an enterprise level. There is an investment involved, but the security, auditing, and privileged access management capabilities justify the cost. From a setup perspective, the deployment was manageable. Most of the effort was spent on planning access policies, onboarding systems, and configuring workflows rather than the installation itself.
Which other solutions did I evaluate?
Different options were evaluated before selecting One Identity Safeguard. PAM solutions, including CyberArk Privilege Access Manager and BeyondTrust Privileged Remote Access, were considered. One Identity Safeguard was selected because it offered a good combination of privileged access controls, password vaulting, auditing capabilities, and ease of administration that matched the requirements.
What other advice do I have?
One Identity Safeguard provides many helpful benefits. Improved visibility into privileged activities has been achieved, and having a centralized platform for managing access requests, credentials, and session records has made administration more organized and reduced the amount of manual tracking required by the team. It has also helped follow security and compliance requirements more consistently.
For organizations looking into using One Identity Safeguard, the recommendation is to start by clearly defining privileged access policies and identifying the most critical accounts and systems. This makes the implementation process much smoother. Starting with a smaller deployment, validating workflows and access controls, and then expanding gradually is also recommended. This helps users adapt to the platform while allowing the team to realize value quickly.
The deployment of One Identity Safeguard had minimal disruption for privileged users because the solution was introduced in phases. There was a short adjustment period while users became familiar with the new access request and approval process. After the initial onboarding, most users appreciated the centralized access management and improved security controls. Overall, the transition was smooth and did not significantly impact day-to-day operations. The review rating for One Identity Safeguard is eight out of ten.
Centralized controls have secured privileged accounts and simplify monitoring and auditing
What is our primary use case?
My main use case for One Identity Safeguard is managing and securing privileged access accounts, and I mainly use it for password vaulting, controlling access to administrative accounts, and monitoring privileged sessions on a day-to-day basis. It helps ensure that sensitive credentials are protected, that privileged activities are properly controlled and audited.
A common example of how I use it in my daily work is when an administrator needs access to a critical server; instead of sharing credentials directly, they request access through One Identity Safeguard, which provides controlled access and records sessions for auditing purposes. This approach helps improve security while maintaining accountability.
What is most valuable?
The best features One Identity Safeguard offers, which stand out for me, include password vaulting, session monitoring, and privileged access control, which collectively help us secure sensitive accounts, control access to critical systems, and maintain an audit trail of privileged activities. Together, they provide a good balance between security and operational efficiency.
Session monitoring has been very useful for my team from both a security and audit perspective, giving us visibility into privileged activity and ensuring that administrative access is being used appropriately. For example, during troubleshooting or system maintenance, we can review the session record if there are questions about changes made on a server, which has helped improve accountability and made the review much easier.
Another feature I appreciate is the approval-based access workflow, as it gives us more control over privileged access requests without slowing down operations too much. What stands out to me is how the platform combines security, auditing, and access management in one place, making it easier to manage privileged accounts across different systems.
One of the biggest positive impacts of One Identity Safeguard on my organization is the improved control over privileged access; before implementing it, managing administrative credentials and tracking privileged activity required more manual effort. After implementation, access became more structured, and we had better visibility into who was accessing critical systems and when, which helped strengthen our security posture and made audit-related activities easier to manage.
One measurable improvement I observed was the reduction in time spent managing privileged credentials and access requests, as tasks that previously involved manual coordination became more streamlined through the platform. We also improved audit readiness because privileged sessions and access activities were centrally tracked, which reduced the effort required during compliance reviews and investigations.
What needs improvement?
One area for improvement in One Identity Safeguard would be reporting and dashboard customization; while the platform provides useful information, having more flexible and easier-to-customize reports would help with administration and gaining insights more quickly. I would also appreciate a more streamlined user interface for managing access requests and reviewing privileged sessions, especially in larger environments with many users and systems.
Another area I would mention for improvement is integration capability; while the platform integrates with common enterprise systems, expanding out-of-the-box integration options would make deployment faster and reduce customization efforts. I would also appreciate more detailed analytics around privileged access trends and user activity, which could help security teams identify risks and make better access management decisions.
From a governance and security perspective, One Identity Safeguard is very strong; it helps enforce privileged access control, secure credential management, session monitoring, and detailed auditing, which are all important for reducing security risks. Regarding AI capability, I see the platform's strength more in policy-based security and access governance than in advanced AI features. However, adding more intelligent risk analytics, anomaly detection, and access recommendations could further enhance its value for security teams. Overall, the governance and security are among the strongest aspects of the product.
For how long have I used the solution?
I have been using One Identity Safeguard for the last four years, which gives me a very good experience with it as I work with privileged access management, password vaulting, session monitoring, and secure administrative access to critical systems.
What do I think about the stability of the solution?
One Identity Safeguard has been a stable and reliable platform in my experience, performing consistently without significant downtime. I use privileged access management regularly, and most of the issues we encountered were related to configuration or integration changes rather than the product's stability.
What do I think about the scalability of the solution?
From my experience, One Identity Safeguard scales effectively as an organization grows; as we added more systems, privileged accounts, and users, the platform continued to perform reliably. Features such as centralized credential management and policy-based access control have helped us expand without significant increases in administrative overhead, making it well-suited for our organization's evolving privileged access management requirements.
How are customer service and support?
My experience with customer support has been positive overall, as the support team was responsive and knowledgeable whenever we needed assistance with configuration, integration, or troubleshooting issues. For more complex cases, the resolution time sometimes required additional investigation, but the support engineers were helpful and provided clear guidance throughout the process.
Which solution did I use previously and why did I switch?
Before implementing One Identity Safeguard, we relied on manual privileged account management and native administration tools, and we switched because we needed stronger control over privileged credentials, better auditing, and a more centralized approach to managing administrative access across the environment.
How was the initial setup?
We evaluated a few other privileged access management solutions, including CyberArk and BeyondTrust, but we chose One Identity Safeguard because it offered the right balance of privileged access control and password management features.
What about the implementation team?
Overall, the integration with those systems was fairly straightforward since we already had established identity and infrastructure systems in place; connecting One Identity Safeguard to those environments was not particularly difficult. The main challenge was planning access policies and ensuring the correct privileged accounts and systems were onboarded, but once that was completed, the integration worked smoothly and provided a more centralized approach to privileged access management.
What was our ROI?
We have seen a positive return on investment mainly through improved operational efficiency and reduced administrative effort in managing privileged credentials, access approvals, and audit activities, which became more streamlined. This change saved time for both security and infrastructure teams; while we did not reduce headcount, the team was able to spend less time on manual access management and more time on higher-priority security tasks.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing and licensing for One Identity Safeguard has been generally positive; for an enterprise security solution, the cost is justified by the value provided in privileged access management, credential security, and audit capabilities. The setup perspective is straightforward, with most of the effort going into onboarding systems, defining access policies, and configuring governance requirements rather than the installation itself.
Which other solutions did I evaluate?
We did not purchase One Identity Safeguard through the Azure Marketplace; the product was acquired through our organization's standard procurement process and integrated with our existing infrastructure and cloud base. Azure is part of our environment, but it was not the purchasing channel for the solution.
What other advice do I have?
One of the biggest positive impacts of One Identity Safeguard on my organization is the improved control over privileged access; before implementing it, managing administrative credentials and tracking privileged activity required more manual effort. After implementation, access became more structured, and we had better visibility into who was accessing critical systems and when, which helped strengthen our security posture and made audit-related activities easier to manage.
We have integrated One Identity Safeguard with our Active Directory environment and various server platforms to manage privileged access centrally. We also use it alongside cloud resources and security tools to help control administrative access and maintain consistent governance across different systems, which streamlines access management and improves visibility into privileged activities.
The integration has positively impacted our operations by centralizing privileged access management and reducing manual processes; one noticeable improvement is that administrators can request and access privileged accounts through a controlled workflow instead of relying on manual credential sharing. This change improved efficiency, strengthened security, and provided better visibility into privileged activities across the environment.
My advice for others looking into using One Identity Safeguard is to clearly define your privileged access policies and governance requirements before implementing the product, as you will get the most value when the access workflow, approval processes, and account ownership are well understood. I recommend starting with the most critical systems and privileged accounts first and then expanding gradually, as this approach helps teams become familiar with the platform while demonstrating value early in the deployment. I would rate this product a nine out of ten.
Centralized privileged access has improved security, compliance, and session oversight
What is our primary use case?
My main use case for One Identity Safeguard is as our centralized privileged access management, which is the PAM system, to safely store administrative passwords and also restrict temporary access and record high-risk sessions.
Whenever our third-party vendor or any internal team engineer needs temporary administrative access to fix any kind of database or One Identity Safeguard issues, a timed credential that automatically expires is issued. The entire troubleshooting session is recorded for security.
What is most valuable?
The best features One Identity Safeguard offers include secure credential vaulting, live session recording and playback, and just-in-time access workflows that prevent engineers from having permanent admin rights.
I find myself relying most on the live session recording feature. Being able to look up a specific command used during an administrative session and jump directly to that video timestamp makes finding security or operational mistakes very quickly, which is valuable for us.
One Identity Safeguard has positively impacted our organization in many ways by providing privileged access security and improving compliance. The overall access management, the better visibility we are getting into user accounts, and the better compliance controls are helping us in many ways.
What needs improvement?
I think the initial setup of One Identity Safeguard could be more simplified, and the dashboard customization could also be improved. Apart from this, the feature sets and the efficiency of the solution are very outstanding.
For how long have I used the solution?
I have been using One Identity Safeguard for more than three years.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
The scalability of One Identity Safeguard is excellent.
How are customer service and support?
Customer support is very helpful in nature, and they provide good support to us in troubleshooting complex issues.
I rate the customer support nine out of ten.
Which solution did I use previously and why did I switch?
We have not switched from a different solution; we have been using One Identity Safeguard since the start.
How was the initial setup?
The deployment of One Identity Safeguard took three to seven weeks.
What about the implementation team?
The deployment of the solution did not affect my privileged users disruptively. It was straightforward because we have not faced any kind of challenge, and it had minimal impact. We just required a brief adjustment period for our team, but overall it was not disruptive. The biggest breakthrough was that it saved our time, and the deployment was very smooth, with the vendor team helping us significantly.
What was our ROI?
We have seen a great return on investment with One Identity Safeguard due to its automation and AI capabilities.
What's my experience with pricing, setup cost, and licensing?
For the end-user training, we provided just a few hours of training, and they started using the solution without needing much training. For the solution management, we provided three to four weeks of training properly so they could manage it easily. Now we are able to handle it smoothly.
Which other solutions did I evaluate?
We have not evaluated other options before choosing One Identity Safeguard.
What other advice do I have?
I would advise anyone looking for or considering One Identity Safeguard to carefully map out your asset hierarchy and account discovery rule before doing the main rollout. Spend time grouping your servers and target databases logically on paper first, and after that, you can go for the deployment.
We have integrated One Identity Safeguard directly into our DevOps. Thanks to its API-first design, we hook it up into tools such as HashiCorp Vault, allowing our automated build system to securely pull hardcoded secrets and API keys dynamically during deployment.
The integration with our DevOps tools was very smooth and easy.
The feedback I have had from users regarding the solution's usability and functionality has been very positive.
I would rate this review nine out of ten.
Privileged access has become tightly controlled and monitoring now strengthens compliance
What is our primary use case?
One Identity Safeguard provides access to all employees who access the server and network equipment.
How has it helped my organization?
One Identity Safeguard has positively impacted our organization by strengthening privileged access security and improving compliance. Before implementing One Identity Safeguard, privileged credentials were managed manually, increasing security risk and making auditing difficult.
After deployment, all privileged accounts are centralized in a secure vault, password rotation is automated, and access is granted through controlled approval workflows.
What is most valuable?
The best feature of One Identity Safeguard is password vaulting combined with session management, which allows us to provide privileged access without exposing actual credentials to users. Users can access critical servers through approved workflows while all sessions are monitored and recorded for auditing and compliance.
The session management feature of One Identity Safeguard has a significant impact on my daily operations and compliance because it allows us to monitor and record all privileged activities performed on critical systems, reducing risk as administrators can access systems without knowing shared privileged passwords. If an incident occurs, we can replay recorded sessions to identify exactly what actions were performed by whom.
From a compliance perspective, One Identity Safeguard helps meet requirements for standards through session recording and audit logs, allowing us to provide evidence of privileged access approvals, session recordings, and user activity during audits without relying on manual documentation.
For how long have I used the solution?
I have been using One Identity Safeguard for three years.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
One Identity Safeguard's scalability is great.
How are customer service and support?
What other advice do I have?
As an administrator, I use One Identity Safeguard to manage access by onboarding servers and their privileged accounts into the vault, creating an access policy requiring manager approval and MFA. When the DBA submits an access request, One Identity Safeguard routes it to approval. Once approved, the DBA launches the RDP or SSH session directly through One Identity Safeguard, ensuring the password is never exposed to the user while the entire session is recorded for auditing.
One Identity Safeguard can also automatically rotate the password.
After the implementation of One Identity Safeguard, I approve and monitor One Identity Safeguard logs.
One Identity Safeguard makes password manageability easy and helps us monitor and reduce manual tasks such as auditing and improving log visibility, while also providing compliance-based reporting for our upper management.
Centralized privileged access has boosted security, accelerated audits, and improved compliance
What is our primary use case?
One Identity Safeguard is used primarily to secure privileged credentials, enforce control over administrative access, and provide visibility into privileged activities.
Whenever a network or server administrator requires access to a production system, access is granted through One Identity Safeguard's approval workflow and credential vault rather than exposing privileged account passwords directly.
What is most valuable?
One Identity Safeguard offers several best features, including its privileged credential vaulting feature, automated password rotation, and privileged session management, along with session recording and playback.
The feature that I rely on the most is automated password rotation because it reduces the risk associated with static or shared privileged credentials and improves security by automatically changing passwords at defined intervals without manual intervention, helping us to meet compliance.
One Identity Safeguard has positively impacted our organization in many ways because it has improved our organization's privileged access security through centralized credential management, enforcing strong password control, and providing complete visibility into privileged user activities.
Since we have deployed this solution, we have experienced many positive outcomes, such as faster audit preparation by fifty to seventy percent and saving operational time by almost forty to sixty percent. We are also experiencing very good visibility and accountability, enabling quick investigation of privileged user activities.
The artificial intelligence-related governance and security capabilities of One Identity Safeguard are very strong because they operate within a framework of strict access control, with analytics and intelligent insights providing detailed monitoring and session tracking.
One Identity Safeguard is very accurate in its output and very reliable, particularly when identifying unusual privileged access behavior and potential security risks, providing insights based on monitoring user activities and established behavior patterns.
What needs improvement?
One Identity Safeguard is a very strong privileged access management solution, and the only thing that needs to be enhanced is its dashboard customization; apart from this, everything is perfect.
For how long have I used the solution?
I have been using One Identity Safeguard for almost two years.
What do I think about the stability of the solution?
One Identity Safeguard is a stable solution.
What do I think about the scalability of the solution?
One Identity Safeguard is very scalable and handles organizational growth effectively.
How are customer service and support?
The customer support is excellent in technical assistance, and they are ready to provide support at any time.
Which solution did I use previously and why did I switch?
We are using One Identity Safeguard since the beginning and have not switched to another solution.
How was the initial setup?
The deployment of One Identity Safeguard took approximately four to eight weeks, including planning, installation, integration, and fine-tuning.
The deployment effect was largely smooth for privileged users with very minimal disruption to day-to-day operations.
What about the implementation team?
The end-user required very minimum training, typically a few hours or short onboarding sessions to understand the privileged access request and workflows. The implementation was very smooth, and all users are now handling it very properly.
What was our ROI?
We have seen a clear return on investment, with time savings of approximately forty to sixty percent, faster audits by fifty to seventy percent, reduced risks, and increased operational efficiency.
What's my experience with pricing, setup cost, and licensing?
Pricing, setup cost, and licensing are managed by the management team.
Which other solutions did I evaluate?
We have not evaluated other options before choosing One Identity Safeguard.
What other advice do I have?
My advice for any organization considering One Identity Safeguard is to deploy it and start by identifying your most critical privileged accounts and administrative users. Implementing credential vaulting and automating password rotation first will provide very good security benefits.
We are getting very positive feedback from the users, and they are very happy and appreciating One Identity Safeguard. I would rate this review a nine.
Centralized authentication has simplified linux access and improved security and audit control
What is our primary use case?
One Identity Safeguard's main use case in our environment is authentication services. It serves as a centralized authentication solution for Linux and Unix servers, including the use of Active Directory credentials. This helps us simplify user access management, reduce local account dependency, improve security, and provide centralized authentication and auditing across servers.
A specific example of using One Identity Safeguard is for Linux and Unix server access management. Instead of maintaining separate local accounts on servers, users can log in using their Active Directory credentials. This simplifies access management, reduces password-related issues, and improves audit visibility.
What is most valuable?
The best features of One Identity Safeguard authentication services are seamless Active Directory integration, centralized integration, authentication and single sign-on for Linux and Unix systems, policy enforcement, and centralized auditing.
The Active Directory integration in One Identity Safeguard allows for seamless integration in our environment because Linux and Unix systems can directly use AD credentials for authentication without maintaining separate local user profiles. Once it is integrated properly with AD, user access management becomes much easier and centralized.
One Identity Safeguard has positively impacted our environment by simplifying Linux and Unix authentication, reducing dependency on local accounts, improving centralized access control, and making user onboarding and offboarding much easier from a security and operational perspective.
One example where One Identity Safeguard services helped us was during employee offboarding. Before, administrators had to manually remove or disable local accounts from multiple Linux servers, which was time-consuming and sometimes risky if something was missed. By integrating with Active Directory through Safeguard, disabling the AD account automatically blocks access across connected Linux and Unix systems, which improves security and reduces manual effort.
From an accuracy and reliability perspective, One Identity Safeguard has been generally consistent in our environment.
What needs improvement?
One Identity Safeguard can be improved in areas such as UI modernization. Debugging authentication issues across Linux, AD, DNS, and Kerberos sometimes still requires manual investigation and Linux expertise.
Additionally, better real-time monitoring, clearer authentication error reporting, and simpler troubleshooting tools in One Identity Safeguard would be helpful, especially when working in large and complex environments.
One area where One Identity Safeguard still needs improvement is troubleshooting and visibility during authentication failures in a real environment. Issues related to Kerberos, DNS, SSH, or AD synchronization can sometimes take time to diagnose. Better real-time monitoring and clearer error reporting would help significantly.
For how long have I used the solution?
I have been using One Identity Safeguard for four years.
What do I think about the stability of the solution?
One Identity Safeguard is stable.
What do I think about the scalability of the solution?
Scalability is good.
How are customer service and support?
Support is very good.
Which solution did I use previously and why did I switch?
Before implementing One Identity Safeguard, we mainly relied on local Unix accounts and manual authentication. Managing access across multiple servers was time-consuming and inconsistent, especially during onboarding, offboarding, and audit cycles.
How was the initial setup?
The deployment of One Identity Safeguard in our environment took around two to four weeks, including planning, Active Directory integration, Linux server onboarding, testing, and phased rollout. The core deployment was manageable, but troubleshooting authentication dependencies such as DNS, Kerberos, and SSH configuration took additional effort during implementation.
What was our ROI?
We saw good ROI with One Identity Safeguard mainly through reduced manual Linux account management, centralized authentication, faster onboarding and offboarding, and improved audit and compliance visibility. It also reduced operational effort because disabling a user account automatically removes access on multiple systems.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup, and licensing was generally good for an enterprise environment, although the initial setup and license cost can be somewhat high for smaller organizations. The deployment requires some planning around Active Directory and Linux integration, but overall, the solution has reduced manual administration effort and improved centralized access management, so the value was justified in our environment.
Which other solutions did I evaluate?
We did evaluate other options before choosing One Identity Safeguard.
What other advice do I have?
The training requirement for this was moderate in our environment. Experienced Linux and Active Directory administrators were able to manage daily operations after a few days of hands-on training and documentation review. The bigger learning curve was mostly around troubleshooting Kerberos, DNS, SSH, and Linux authentication-related issues in hybrid environments.
Integration of One Identity Safeguard has positively affected our operations by centralizing authentication across Linux and Unix, reducing manual account management, and simplifying user access control through Active Directory integration. It also improved security and audit visibility because access management became more consistent across the environment instead of managing separate local accounts on individual servers.
One Identity Safeguard positively affected privileged users by improving centralized authentication and more controlled access management for Linux and Unix systems. Instead of managing multiple local privileged accounts, administrators could use centralized AD-based authentication and policies, which improved security, simplified access management, and increased audit visibility for privileged activities.
The integration difficulty for One Identity Safeguard was moderate in our environment. The Active Directory integration was straightforward, but challenges came during Linux authentication configuration, Kerberos, DNS synchronization, and integrating across multiple Unix distributions and hybrid environments.
One Identity Safeguard service was integrated with applications and services of Microsoft Active Directory, Linux and Unix servers, SSH-based access systems, VMware infrastructure, and some DevOps-related environments for centralized authentication and access management. The main advantage was centralized credential management and consistent access control across multiple platforms.
In our environment, One Identity Safeguard authentication services was mainly deployed on-premises, so cloud dependency was minimal. Although we had some integration with Microsoft Azure for hybrid infrastructure and identity-related operations, One Identity Safeguard was mainly deployed as virtual appliances on VMware infrastructure. We use virtual deployment because it is easier for scaling, backup, disaster recovery, and maintenance compared to physical appliances.
I would rate this solution an overall eight out of ten.
Privileged access has become more secure and threat behavior analysis improves client trust
What is our primary use case?
With our privileged accounts, the main issue we face is doing any sort of integration through API, as that becomes very susceptible to threat attacks. We are using PAM tools during our API integration to ensure security.
What is most valuable?
As I mentioned earlier, this past trend analysis of all these threat attacks, flagging up the red issues, is something very good and happens in a proactive manner. One Identity Safeguard has definitely strengthened our operational security because what they do is combine your password with a secure solution and analyze any deviations such as unusual password activity.
One Identity Safeguard is a game changer for us, especially for rapid business expansion and building trust with our clients.
What needs improvement?
I need more improvement on the product trials and the signup features. Easing the initial deployment would benefit new users. We have requested that real-time privileged threat analytics be made very customizable to the specific business and IT environments.
For how long have I used the solution?
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
How are customer service and support?
Which solution did I use previously and why did I switch?
How was the initial setup?
What about the implementation team?
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
Which other solutions did I evaluate?
What other advice do I have?
Centralized logins have simplified unix access and improved security and compliance
What is our primary use case?
In day-to-day work, I use One Identity Safeguard to manage centralized login for Linux and UNIX servers, troubleshoot login access issues, enforce security policies, manage AD-based permissions, monitor authentication logs, and ensure secure and compliant access across the systems.
Additionally, I use One Identity Safeguard for operational tasks like on-boarding and off-boarding users, reducing dependency on local accounts, improving audit and visibility, and simplifying administration through centralized access control and policy management.
What is most valuable?
The best features of One Identity Safeguard are centralized authentication, seamless Active Directory integration, single sign-on on Linux and UNIX systems, role-based access control, policy enforcement, and auditing capability, which improve security and simplify administration and enhance compliance across the enterprise environment.
The most valuable feature is seamless integration with Active Directory, allowing Linux and UNIX systems to use centralized AD authentication, enabling single sign-on, centralized user management, consistent security policy, and easier access control without maintaining separate local accounts.
Additionally, the auditing, policy enforcement, and centralized access management features of One Identity Safeguard are very valuable as they improve security, visibility, simplify compliance management, and reduce administrative effort across Linux and UNIX environments.
One Identity Safeguard has positively impacted my organization by reducing manual user management efforts, improving security through centralized authentication, eliminating most local account-related issues, simplifying access management, and improving audit and compliance visibility across Linux and UNIX systems.
What needs improvement?
One Identity Safeguard can be improved with a more modern and intuitive interface, better troubleshooting and diagnostic tools, enhanced real-time monitoring and reporting, and stronger integration with cloud and hybrid identity platforms to simplify administration and improve operational visibility.
Additionally, One Identity Safeguard could improve policy synchronization speed, provide clearer error messages during authentication failures, simplify complex configurations, and enhance automation and self-service capabilities to reduce administrative overhead in large enterprise environments.
For how long have I used the solution?
I have been using One Identity Safeguard for the last two years.
What do I think about the stability of the solution?
One Identity Safeguard is generally stable and reliable in an enterprise environment with consistent authentication performance and minimal downtime when properly configured and maintained.
What do I think about the scalability of the solution?
One Identity Safeguard scales well in enterprise environments, as it can efficiently handle a large number of Linux and UNIX systems and users through centralized authentication and policy management without significant performance impact.
How are customer service and support?
Customer support for One Identity has been generally good, with knowledgeable technical teams and effective guidance for most deployment and troubleshooting issues; although response times for complex cases can sometimes be slow.
Customer support for One Identity Safeguard is around a seven out of ten for strong technical expertise and helpful guidance, with some room for improvement in response and escalation times.
Which solution did I use previously and why did I switch?
Previously, I used local authentication and manual account management for Linux and UNIX systems, but I switched to One Identity Safeguard to achieve centralized authentication, better security, simplified administration, and improved compliance.
How was the initial setup?
The deployment of One Identity Safeguard took approximately two to four weeks, including planning, Active Directory integration testing, policy configuration, and phased rollout across Linux and UNIX systems.
What about the implementation team?
One Identity Safeguard required moderate training, especially for administrators managing Active Directory integration, authentication policies, and troubleshooting; typically, a few days of hands-on training and documentation review is enough for experienced system administrators to manage daily operations effectively.
What was our ROI?
I achieved a good ROI with One Identity Safeguard through approximately thirty to forty percent reduction in manual user management effort, fewer password and local account issues, faster access management, and improved audit and compliance efficiency, which saved administrative time and improved security operations.
What's my experience with pricing, setup cost, and licensing?
Pricing and licensing for One Identity Safeguard are generally enterprise-based and depend on the number of users and systems; while setup costs are moderate due to deployment, integration, and training requirements, overall the solution provides good value through centralized authentication, improved security, and reduced administrative overhead.
Which other solutions did I evaluate?
I evaluated solutions including CyberArk Privilege Access Management, BeyondTrust Remote Access, and Microsoft Entra ID before selecting One Identity Safeguard due to strong Active Directory integration and simplified Linux and UNIX authentication management.
What other advice do I have?
The feedback for One Identity Safeguard has generally been positive, especially regarding simplified login, single sign-on experience, and reduced password-related issues; while administrators appreciate the centralized authentication and improved security, some users mentioned that troubleshooting and advanced configuration could be more user-friendly.
One Identity Safeguard is integrated with tools and platforms including DevOps environments, Linux, UNIX applications, SSH-based systems, and Active Directory services, helping provide centralized authentication, role-based access control, and security management across infrastructure.
The integration of One Identity Safeguard with Active Directory was moderately easy; the core AD integration is straightforward, but advanced configuration, policy mapping, and troubleshooting in a complex hybrid environment require careful planning and some expertise.
I recommend One Identity Safeguard for organizations seeking centralized authentication, strong Active Directory integration, improved security, and simplified Linux and UNIX access management in enterprise environments. I would rate this product an eight out of ten overall.