My main use case for One Identity Safeguard has been managing and securing privileged access across critical systems. I primarily use it for password vaulting and automated credential rotation, which helps eliminate manual password handling and improve security. In addition, I work with access request workflows where users request privileged access and approvals are enforced before granting time-bound access. I have been involved in monitoring and reviewing privileged sessions for audit and compliance purposes. Overall, I use One Identity Safeguard to ensure secure, controlled, and traceable access to sensitive systems.

In addition to the core use cases, I also use One Identity Safeguard for day-to-day operational tasks such as onboarding new assets and accounts into the vault, maintaining access policies, and troubleshooting access-related issues. I regularly review audit logs and session recordings to ensure compliance and investigate any unusual activity. I have also worked on integrating One Identity Safeguard with directory services such as Active Directory to streamline user authentication and access control. Overall, my day-to-day usage is focused not just on securing privileged access but also on improving efficiency, enforcing security policies, and ensuring complete visibility and accountability across all privileged activities.

One Identity Safeguard offers several strong features, but the best ones are centered around securing and controlling privileged access. First, password vaulting and automated credential rotation is a key feature. It securely stores privileged credentials and automatically rotates them after use or on a schedule, reducing the risk of password misuse. Second, privileged session management is very powerful. It allows real-time monitoring, recording, and playback of sessions, which helps in auditing and investigating any suspicious activity. It also provides audit and compliance reporting. All activities are logged, indexed, and searchable, making it easier to meet compliance requirements. Finally, privileged analysis and threat detection uses behavior analysis to detect anomalies and identify potential security risks before they become incidents.

One Identity Safeguard has had a very positive impact on our organization, especially in strengthening our security posture and improving operational efficiency. One of the biggest improvements is around privileged access control. Earlier, managing shared admin credentials was a challenge, but with One Identity Safeguard, we now have centralized credential vaulting and automated password rotation, which has significantly reduced the risk of misuse or credential leakage. Another key benefit is session management and monitoring. We now have full visibility into all privileged sessions. Real-time monitoring allows us to identify and respond to suspicious activities instantly. Session recording and playback have helped us resolve incidents faster and maintain accountability across teams. From a compliance perspective, it has been a major advantage. We can easily generate audit trails, which saves a lot of time during audits. It helps us align with standards such as ISO, PCI DSS, and internal governance policies by ensuring complete traceability of privileged actions. Operationally, it has also improved efficiency. Admins no longer need to remember or share passwords. This reduces dependency on manual processes and minimizes human errors.

With One Identity Safeguard, we have seen clear, measurable improvements across security, operations, and compliance. Regarding audit and compliance efficiency, earlier, preparing for audits used to take two to three days, especially when gathering logs from multiple systems. With One Identity Safeguard's centralized reporting and session records, we have reduced that to just a few hours, achieving 60 to 70 percent time savings. Auditors now get direct session playback and detailed reports, which has significantly reduced back and forth queries. Regarding faster incident investigation, before implementation, investigating a privileged activity could take four to six hours. Now, with session playback, we can identify a root cause within 30 to 45 minutes, improving response time by nearly 70 to 80 percent. Regarding reduction in security risk, we have eliminated shared credentials, which reduced the risk of unauthorized access. Automated password rotation and vaulting have led to a noticeable drop in credential-related incidents, around 40 to 50 percent. Real-time monitoring has helped us proactively detect and stop suspicious sessions before escalations. Regarding operational productivity, the admin team saves time as they no longer manually manage or share passwords. Access provisioning is faster, improving efficiency by 30 to 40 percent in daily privileged operations.

While One Identity Safeguard is a strong and reliable PAM solution, there are a few areas where it can be further improved to enhance user experience and scalability. Regarding the user interface and experience, the UI, while functional, can be a bit complex for new users. A more intuitive and modern dashboard with simplified navigation would improve adoption, especially for non-technical stakeholders. Regarding integration flexibility, although it supports major integrations, expanding out-of-the-box connectors for more cloud-native apps, DevOps tools, and SaaS platforms would be beneficial. Faster and simpler API-based integrations could reduce deployment efforts. Regarding scalability and performance in large enterprise environments, performance tuning and scaling can require additional efforts. Enhancing seamless scalability and high availability configuration would improve enterprise readiness.

I have been using One Identity Safeguard for more than two years.

One Identity Safeguard is generally a stable and reliable solution, especially when it is properly implemented and maintained. From our experience, the platform has been consistently stable in day-to-day operations with no major downtime.

One Identity Safeguard is highly scalable and designed to support enterprise environments as they grow. From our experience, scalability is one of the strong points because it uses a cluster-based architecture. You can add multiple appliances to handle increasing workloads in components such as password management. The system can distribute tasks across nodes, improving performance as demand grows.

Our experience with customer support for One Identity Safeguard has been generally positive with some areas for improvement. Overall, the support team is technically strong and knowledgeable, especially when dealing with complex issues or integrations. During implementation and critical incidents, we found them to be helpful and solution-oriented with ensured minimal disruption to operations.

Before implementing One Identity Safeguard, we were using a more manual and partially tool-based approach for privileged access. We relied heavily on native controls with Active Directory along with some basic password vaulting tools. However, this setup had several limitations: no centralized visibility of privileged sessions, limited or no session recording and playback, manual password management which increases risk, and weak audit capabilities and time-consuming compliance reporting. We needed a comprehensive PAM solution with end-to-end control, and session monitoring and recording was a major requirement. Stronger audit and compliance capabilities were also required. Better support for hybrid environment (on-premises and cloud) was also required. After evaluating multiple options, One Identity Safeguard stood out because it offered a good balance of security, ease of use, and faster deployment compared to more complex solutions.

The deployment of One Identity Safeguard in our organization took approximately four to six weeks end-to-end. The initial setup and basic configuration was completed within the first week. Integration with systems such as Active Directory and initial onboarding of privileged accounts took another one or two weeks. The remaining time was spent on policy configuration and session management setup, testing, and user onboarding.

The deployment of One Identity Safeguard was largely smooth with minimal disruption to privileged users. Initially, there was a small adjustment phase as users had to shift from direct access and shared credentials to a controlled access mode through One Identity Safeguard. This included learning how to request access, use session launchers, and follow approval workflows. However, we managed this transition effectively by conducting user training and awareness sessions, rolling out in a phased manner rather than a big-bang approach, and providing quick support during the initial days. Within a short time, users actually saw the benefits, such as no need to remember or manage passwords, faster and more secure access through centralized control, and clear accountability which improved overall discipline.

We have definitely seen a clear ROI after implementing One Identity Safeguard, both in terms of cost saving and operational efficiency. On the time-saving front, audit preparation time reduced by 60 to 70 percent, from two to three days to a few hours. Incident investigation time reduced by 70 to 80 percent using session playback. Regarding operational efficiency, there was around a 30 to 40 percent reduction in manual efforts for password management and access provisioning. There is no need for multiple teams to coordinate for privileged access. Everything is centralized. Regarding resources optimization, we did not necessarily reduce headcount, but we optimized team productivity. Tasks that earlier required multiple people can be handled by fewer resources more effectively.

My experience with the pricing and licensing of One Identity Safeguard was reasonable considering the value it delivers. Regarding pricing, it may appear slightly on the higher side initially compared to some alternatives, but when we evaluate it against the security benefits, compliance support, and risk reduction, it proves to be cost-effective in the long run. Regarding the licensing model, it is typically based on the number of users, privileged accounts, or appliances, which is quite flexible. It allowed us to scale as per our requirement rather than making a heavy upfront commitment. Regarding setup cost, since we opted for virtual appliances, the setup cost was relatively lower. No major hardware investment was required. Most of the effort was around implementation and integration, which was manageable.

Before finalizing One Identity Safeguard, we evaluated a few leading PAM solutions in the market. Some of the key options we considered were CyberArk, BeyondTrust, and Delinea (formerly ThycoticCentrify). Our evaluation criteria included ease of deployment and implementation, user interface and usability, session management and monitoring capabilities, integration with our existing environment (AD, cloud, or SIEM), and cost and licensing flexibility.

Integrating One Identity Safeguard with systems such as Active Directory, Microsoft Azure, and SIEM tools was fairly straightforward with some learning curve in the initial phase. Active Directory integration is the easiest. It was the most seamless part. One Identity Safeguard has native support for AD, so user import, authentication, and role mapping were quick to configure. We were able to set it up with minimal effort, and it works reliably from day one. Azure integration required moderate effort. Integration with Azure was smooth but required proper configuration of roles, permissions, and connectors. Once configured, it works well for managing privileged access to cloud workloads. From a SIEM perspective, sending logs to SIEM tools such as Splunk and other tools required more fine-tuning. We had to configure log forwarding, normalize data formats, and set up correlation rules on the SIEM side. The initial setup took some time, but once done, it provided strong visibility and alerting capabilities.

Integrating One Identity Safeguard with systems such as Active Directory, Microsoft Azure, and SIEM tools has had a significant positive impact on our operations. It has enabled centralized access control where all privileged users are managed through a single platform, reducing manual efforts and improving governance with Active Directory integration. User provisioning and role-based access became seamless. From a security standpoint, SIEM integration has given us real-time visibility and faster incident response, while session monitoring ensures full accountability of user actions. For cloud workloads such as Azure, it helps us maintain consistent security policies across a hybrid infrastructure, which was a big challenge earlier. Overall, it has improved operational efficiency, reduced security risks, and strengthened compliance, while also saving time in audits and incident investigations.

We have integrated One Identity Safeguard with multiple parts of our environment to ensure centralized and secure privileged access management. Regarding identity and directory services, we integrated with Active Directory for authentication and role-based access. This helps us enforce least privilege access and centralize user governance. Regarding cloud platforms, we connected with Microsoft Azure for managing privileged access to cloud-hosted VMs and workloads, ensuring consistent security policies across a hybrid environment. Regarding SIEM and security monitoring, we integrated with SIEM tools such as Splunk or similar tools to forward logs and session events. This allows real-time alerting, correlation, and advanced threat detection. Regarding DevOps and automation, we use it in controlled scenarios with scripts and automation tools to manage secure credential injection. While not deeply embedded into CI or CD pipelines yet, it supports secure secrets usage for automation tasks.

In our organization, One Identity Safeguard is deployed in a hybrid model. The core One Identity Safeguard application is hosted in our on-premises data center, which allows us to maintain strict control over privileged credentials and sensitive systems, especially for critical infrastructure. At the same time, we have extended its capability to the cloud environment, such as AWS and Azure workloads, through secure connectors and integration. The hybrid approach gives us the best of both worlds: security and control, and scalability and flexibility. It also helps in managing privileged access across both legacy systems and modern cloud workloads, ensuring consistent policies and centralized governance across environments.

For our cloud workloads, we primarily use Microsoft Azure. Since a large part of our infrastructure is integrated with Microsoft services such as Active Directory and Office 365, Azure fits naturally into our ecosystem. It allows seamless integration with One Identity Safeguard, especially for managing privileged access across cloud-hosted virtual machines and servers. Additionally, Azure's native security controls complement our PAM strategy. It helps us maintain a centralized identity and access governance. Integration with a hybrid environment (on-premises plus cloud) is a smooth and efficient way.

In our setup, we use virtual appliances for One Identity Safeguard. We chose virtual appliances mainly because of the flexibility and scalability they offer compared to physical hardware. Key reasons for this choice include the ease of deployment. Virtual appliances can be deployed quickly within our existing virtual infrastructure without waiting for hardware procurement. Regarding scalability and performance, it is much easier to scale resources (CPU, memory, storage) based on demand, especially as privileged access usage grows. Regarding cost, it avoids the upfront cost and maintenance overhead of physical appliances.

My advice for organizations looking to implement One Identity Safeguard would be to focus on planning, a phased implementation, and user adoption. Start with a clear strategy before implementing. Clearly identify critical systems and privileged accounts, compliance requirements, and access policies. This ensures the solution is aligned with business and security goals. Follow a phased approach. Do not try to onboard everything at once. Start with high-risk systems and then gradually expand. This reduces complexity and helps teams adapt smoothly.

Overall, my experience with One Identity Safeguard has been very positive. It is a well-rounded PAM solution that effectively covers all the core areas such as password vaulting, session monitoring, auditing, and compliance. What stands out is that it brings multiple capabilities into a single platform, from credential management to session analytics, rather than relying on multiple tools. This has not only improved security but also simplified operations. I would rate this product a 9.5 out of 10.

One Identity Safeguard is used for managing privileged passwords and monitoring sessions, which helps track admin activities and enforce secure access policies for the accounts. This is important for protecting critical resources like systems or applications, thereby improving both security and accountability.

Whenever an admin needs server access, they must request it through One Identity Safeguard. Once approval is granted based on the request, they can access the server, and the session is recorded, keeping everything monitored and controlled.

Whenever an admin accesses a server through One Identity Safeguard, they do not need to know the actual password. The system provides temporary access through the vault, ensuring secure and controlled usage of the applications.

The session monitoring and recordings are the best features of One Identity Safeguard, allowing us to review what actions were performed during a session. This helps us in both troubleshooting and audits.

One Identity Safeguard makes compliance easier and really helps in incident investigation as well as visibility.

One Identity Safeguard has impacted our organization positively because it has helped us standardize how privileged access is managed and has also reduced dependency on manual efforts in password handling, improving operational control overall. It has reduced errors, and the manual efforts have been significantly reduced.

One Identity Safeguard does not require any improvements at this time based on our current usage.

The initial setup of One Identity Safeguard is somewhat tricky and requires proper planning, so this aspect could be simplified.

One Identity Safeguard has been in use for more than three years.

One Identity Safeguard is stable.

From a scalability perspective, One Identity Safeguard is excellent and matches our organization's growth. We have seen a good response from the customer team, who are ready to provide support at any time we require it.

We have found and seen a good response from the end-user and usability of One Identity Safeguard, as it is seamless and works well in our organization.

One Identity Safeguard has been used since day one.

The deployment of One Identity Safeguard took less than one month. It was straightforward, initially taking one or two days, and from this we have seen a smooth transition to One Identity Safeguard with no issues during the deployment.

One-week training was provided for the users and the IT team to ensure they could manage One Identity Safeguard. The end-user access management is smooth as per usability, making for a great experience.

One Identity Safeguard has provided a good return on investment, which comes from the reduced risk of security incidents. Avoiding even one breach can have a significant cost. It has also reduced the time spent on password management, saving our team time in managing privileged accounts, and is helping with automation that reduces manual efforts.

One Identity Safeguard is highly recommended because it is a wonderful solution, providing great usability, great security, and great visibility. One thing I would advise is to ensure your team is properly trained before deployment and plan the architecture and policies carefully, as this will help you get the best result. This review has been given a rating of nine out of ten.

One Identity Safeguard has been used by our organization for more than three years. The primary use case for One Identity Safeguard is to secure admin access to the servers and the network devices, which helps us to ensure only authorized users can access our critical systems and devices, and it also monitors all the privileged sessions.

One Identity Safeguard offers secure password vaulting, which ensures passwords are not shared or exposed, significantly improving security, and session monitoring and recording, allowing us to track all the admin activities easily.

These features help our team day-to-day by eliminating password sharing among the admins and ensuring secure access to critical systems, which reduces security risks, while tracking and controlling privileged access prevents misuse of admin accounts and improves overall system security.

One Identity Safeguard has positively impacted our organization by increasing visibility into privileged user activities, allowing us to track and audit all actions easily, which helps in compliance and security.

One Identity Safeguard provides great features with a smooth process and a very good amount of stability, so there is no need to improve as of now, but it might be required in the future.

I have been working in my current field for more than eight years.

One Identity Safeguard is stable.

One Identity Safeguard's scalability matches our organization's growth over time with no issues.

Customer support has a very helpful nature and is very responsive to our technical team when they require technical support, providing 24/7 assistance based on the given timeline.

We have not evaluated any other options, as we had confirmed from day one that we were going to procure One Identity Safeguard.

The deployment of the solution has taken less than one month, and it was a great experience. Regarding deployment, we have not faced any disruptive issues; it was very smooth for our privileged users, and after a short initial adjustment, they were able to access the system through One Identity Safeguard without issues, thanks to training and clear communication that minimized disruptions.

The training requirement was very minimal, taking less than one week for training the employees, and once they had a good amount of knowledge about One Identity Safeguard, they were ready to go.

We have seen a good amount of return on investment, saving our employees time and money while providing security; it has helped us reduce manual efforts by around 30 to 40 percent.

The experience with the pricing, setup cost, and licensing was straightforward, and the sales team was very helpful during the procurement and implementation of the solution, making it a great experience.

One Identity Safeguard has been the only solution used since day one.

For any organization, whether mid-size or large, looking into using One Identity Safeguard, it will be a really good solution for managing accessibility to critical devices with great security features and automation. Planning deployment carefully and understanding access requirements is essential, so start with the most critical systems first and then go for the less critical ones. This review has been rated 9 out of 10.

My main use case for One Identity Safeguard is to use it as a PAM tool for managing and monitoring privileged accounts. In every organization, there are special accounts such as admin or root accounts that have a very high level of access, and if these accounts are missed or compromised, it can create problems or damage. One Identity Safeguard helps us to control who uses these accounts and when they can use them.

A quick, specific example of how I use One Identity Safeguard to manage those privileged accounts involves a database administrator needing to make an urgent change to our production database. In the past, we would just use a shared admin password that everyone in the team knows, but now with One Identity Safeguard, the admin logs into the Safeguard portal and raises an access request for the production database. The request automatically goes to his manager, and based on the review, it gets approval. One Identity Safeguard connects the admin to the database without showing him the actual password, so he never knows about the credentials.

The excellent session recording and monitoring stand out as the best features of One Identity Safeguard. It is a compliance-based deployment and can work across on-premises as well as cloud environments.

Session recording and monitoring have benefited my organization by ensuring that every privileged session is monitored in real-time. Whenever any admin logs into the server through One Identity Safeguard, the system records it and the screen is viewed. The security team can watch live sessions if needed or review the recordings whenever they need them.

One Identity Safeguard has saved our compliance efforts, so generating audit reports that used to take days now takes a minute, which is a very good example of its efficiency.

One Identity Safeguard has positively impacted our organization by giving us complete visibility over all privileged access, making compliance audits much easier than before, and ensuring that access is not time-bound, allowing admins access only for the duration they need it.

Compliance audits have become much simpler with One Identity Safeguard, as every access request, approval, session, and action is logged automatically. The audit team can ask who accessed what system and when, and we are able to generate those types of reports in minutes, significantly reducing our efforts and costs.

I have not seen any issues with One Identity Safeguard solution. I do not wish to add more about needed improvements related to usability, integration, or support.

I have been using One Identity Safeguard for more than three years.

One Identity Safeguard is stable.

One Identity Safeguard is a very good solution from a scalability perspective, and we have not seen any issues with its scalability so far.

The customer support team for One Identity Safeguard is good, responsive, and we have seen good responses multiple times.

We are using One Identity Safeguard only and did not use a different solution before.

The deployment of the solution took less than one month for my organization.

The deployment affected our privileged users smoothly, as I did not see any challenges or disruptive events with this solution.

The experience during the deployment was very smooth, as I have not seen any kind of challenges with the end-users.

We have integrated our Active Directory with One Identity Safeguard.

The integration with Active Directory was complex during the initial setup, but later we found it to be very smooth, requiring proper planning in advance.

The integration with Active Directory has improved our efficiency and security because our users are syncing properly.

We have seen a good return on investment with One Identity Safeguard because the ROI did not come in a dramatic way; it came through multiple small savings that added up significantly over the years.

I had a great experience with the pricing and setup cost of One Identity Safeguard, and there were no challenges.

We have not evaluated other options before choosing One Identity Safeguard.

I would advise others looking into using One Identity Safeguard to implement it in their environment and not wait for a security incident to occur. Most organizations consider access management only after something goes wrong and an account gets compromised, but by then the damage is already done. One Identity Safeguard is a tool you want in place before something bad happens, so this is highly recommended by us. I have given this review a rating of eight.

Our main use case for One Identity Safeguard is to manage and secure privileged accounts, session monitoring, and recording for audit purposes while also providing controlled access to vendors or our internal team, and enforcing least privilege access.

The best feature of One Identity Safeguard, in my opinion, is its session monitoring, which includes full visibility with session recording, user-friendly access control, and helps in a compliance-ready environment.

The session monitoring feature of One Identity Safeguard stands out because it provides full visibility on which user is accessing which servers at what time, collecting all these logs and also providing data that can be used for audit purposes.

One Identity Safeguard has positively impacted our organization by providing strong security, compliance, and the data required for audits, making it really helpful.

One Identity Safeguard is working perfectly for our organization. The initial setup could be simplified, and more documentation would be needed for faster implementation.

I have been using One Identity Safeguard for more than two years.

One Identity Safeguard is stable.

One Identity Safeguard is excellent regarding scalability.

Customer support is good; they are technical experts and efficiently resolve issues.

The deployment of One Identity Safeguard took less than two weeks to fully implement and use.

We have integrated One Identity Safeguard with Active Directory.

The integration with Active Directory was straightforward.

The integration with Active Directory has simplified our work for managing user data.

There is a very good return on investment from One Identity Safeguard, as we are saving time along with money.

I advise anyone looking for a solution for security audits, session monitoring, or access control to consider One Identity Safeguard as one of the best solutions available in the market, so it is highly recommended.

My main use case for One Identity Safeguard in day-to-day work is to provide identity across all user accounts and domains, and it improves security across the enterprise by providing enhanced features with respect to this identity solution.

I primarily use One Identity Safeguard for protecting security across all user accounts, enterprise data accounts, assets, as well as privileged access, domain user, and admin accounts, giving SSO features and providing security across all user accounts.

One Identity Safeguard offers the ability to identify and revoke access easily for terminated accounts, which reduces risk and simplifies control of access in case of detected threats.

It reduces a lot of risk and saves time; every account is synced, and it can grant access with role-based permissions across all users quickly, alerting us if any threat is detected.

I find that the deployment of One Identity Safeguard is very easy, with good integration and scalability of user accounts, enhancing feature capabilities and providing strong product support.

The user interface can be improved for better searching of user accounts, and if One Identity enhances its support in that area, it would be very helpful.

If One Identity improves integration during migration from other platforms, it will definitely enhance the overall experience.

If the integration and connectivity can be improved during deployment, it would greatly aid the overall experience.

I have been using One Identity Safeguard for more than two years.

As of now, I have not experienced any downtime or reliability issues with One Identity Safeguard.

One Identity Safeguard's scalability features are good, allowing me to improve the scale in terms of resources and user accounts.

For small issues, I have raised support cases with One Identity, and the team has been very cooperative and responsive in providing support and documentation.

I previously used SailPoint, but One Identity Safeguard is better in terms of product features.

The deployment took three phases: first, I got support from the vendor for integration, second, I deployed across all users, and finally, I identified any associated risks.

I performed the deployment in different stages for not all users, ensuring that privileged user accounts transitioned smoothly onto One Identity Safeguard.

I had some formal sessions from the vendor that provided visibility into improved features, capability, enhanced security control, user accessibility, and granting access, and the team is very comfortable now.

I saved both money and time as a result of using One Identity Safeguard.

I did not face any challenges with pricing, setup costs, and licensing, but for improved features, I need to address licensing.

Before choosing One Identity Safeguard, I evaluated Saviynt, Delinea, and Octa, finding One Identity Safeguard to be the most suitable.

In the context of increasing cyber threats across organizations, I would advise others that using One Identity Safeguard is crucial for protection. I would rate this review a 9 out of 10.

I have hands-on experience with One Identity Safeguard and attended the foundation course in the end of last year. My primary goal is to make use of the cross-product capabilities joining IGA (Identity Manager) and Safeguard (PAM) to achieve Privilege Access Governance (PAG) since lots of customers are asking for this. The trend show consolidation within the IAM market and cross-product solutions is becoming the new standard.

Most important, very easy to setup.

Safeguard for Privileged Passwords (SPP)

I have been using asset and account discovery. This means the product will assist in identifying privileged accounts across hosts, directories, and networks.

Other features include workflow and access requests. Typically time-based, which is best practice to restrict access. Workflows can have one or several approvers.

The "activity center" where I can place my custom queries and get automated reports. This will collect over time and you can see what has happened for a certain user.

I like that the upgrades are not complicated, if the appliance is clustered this is handled automatically.

Great variety of support for different platforms and protocols.

Safeguard for Privileged Sessions (SPS)

I have used something called centralized policy enforcement. You can set up a gateway proxy for privileged sessions where you are applying authentication, access controls, and security policies. This is for endpoints such as SSH, RDP, and telnet.

Then I have used session recording and audit trails. When the recording is being made, it actually records at the protocol level, meaning it can capture keystrokes, mouse input, and the GUI. The recordings can be digitally signed.

Real-time monitoring alerts. It can detect violations according to a policy. If there is a destructive command that is dangerous, it can look for those and can trigger an alert. If we want, it can also automatically terminate the session that is ongoing. Everything is indexed and searchable. It is like a forensics investigation and you can do searchable playback.

User behavior analytics. This is some kind of integration where in real time, it can detect anomalies, something that is not normal, and do some deeper insights on that matter.

I have successfully connected Identity Manager (IGA) to Safeguard to achieve Privilege Access Governance. This is being possible by using an OOTB connector in Identity Manager to talk to the Safeguard system. I can govern the data from Safeguard and provision PAM accounts from Identity Manager to achieve a complete lifecycle.

Documentation can be much better and they should provide typical use cases to get started more easily.

SPP and SPS has separate portals (even if they are joined). SPP seems to be a more mature product and the SPS seems to be less updated in its UI and has more technical depth when configuring.

I have been working with it for a couple of months.

Straighforward.

Using the virtual appliance is quite easy. You download the hypervisor file, everything is already included. There is one appliance for the SPP and one for the SPS. SPP requires a Windows license and to activate it you must have internet access. It was a little headache to get it working.

I'm rating the product 8 of 10 out of what I have seen so far, I'm satisfied by the features OOTB and the integration with the Identity Manager. Also the usage of Remote Access (SRA) and Cloud assistant should not be missed.

My use case mainly involves privileged access and access to privileged accounts and privileged systems.

One Identity Safeguard's best features are that it provides easy control over your items and what you manage, and it is generally user-friendly, though we are still working on some issues.

The UI for the privileged passwords in One Identity Safeguard is really good. The support for it has also been excellent, but for the privileged sessions, the UI is not that great. We have it currently locked off, so only the administrators work in there, but it is not optimal. We are also missing a lot of documentation in my opinion for some of the features. Overall, it is acceptable. I would not say it is perfect, but it works.

The cloud assistant feature enables me to add an extra layer of security for critical passwords without needing time-consuming approval. We primarily use it for vendors, not for internal users, but we are moving towards having to use it more for internal use as well.

Since using One Identity Safeguard, we have more control over who accesses what, especially regarding vendors. We have seen billing actually go down because we now know how long vendors have been on the server and how long they have worked on it. Overall, we have a more centralized place to store items and have control over them.

The transparent mode is a seamless approach when using it. We have some issues with it, but we are working on it to make it work for us.

Managing remote access for privileged users with the secure remote access feature is both easy and hard depending on the scenario we face. We have some systems that are easy and take not even a minute to set up, while others take a bit longer.

We are in the middle of integrating One Identity Safeguard with the IGA solution, Identity Manager. We have some A2A setups, but it is not optimal. We are using RPA for developers, not actually RPA accounts, but that is something we are working on. We are also using the service account password rotation on the asset to some degree, and we are exploring options there.

For integrating One Identity Safeguard, figuring out how password rotation works is a bit difficult because we have to make custom integrations. After that, it was no problem really. For the A2A use, it is not as easy as using something like HashiCorp's password management tools.

It is mostly for certain features in One Identity Safeguard that I would like some improvements. Some of the things you can do in entitlements, there is a lot you can do there, but not everything is optimal. You have to have duplicates of a lot of things to make it work the way you want.

I have been using One Identity Safeguard for four years.

For the SPPs, I would rate stability at ten. We have never had any issues other than on the upgrades, but those are planned. For the SPS, making a simple config change puts the downtime at about five minutes, so you cannot use any or create new sessions. That is a bit annoying because we have to plan every little change we do. Other than that, I do not think there is really that much.

I would rate the scalability of One Identity Safeguard at maybe seven.

The general use for One Identity Safeguard is why I rate it seven. For the SPPs, we need to have a separate cluster for highly privileged items to access. For the SPSs as well, we need multiple clusters to reach multiple different items. It is a lot to set up instead of just having central management.

We had the premier support for some time, but we are now currently on normal support.

I did not see any value in the premier support, which was the biggest issue and the reason we moved away from it.

I would rate the technical support for One Identity Safeguard at five from my experience, though some may have had other or better experiences.

We had some issues before that took an extremely long time to get fixed. However, I have also had some issues where I sent them a support ticket and they gave me the solution instantly. When we had a tier one ticket, it took about a month before we got it back up and running again.

One Identity Safeguard was purchased through a partner purchase, and my experience with our partner was that it went pretty well. I am not directly part of the acquisition team, so I do not know how that works.

Deploying One Identity Safeguard with just the bare minimum was no problem, but knowing everything you need to get in there takes time because we did not really have control over what existed. That was the main issue for us.

One Identity Safeguard was quite easy for the initial setup. The overall configuration with all the items, all the assets, and all the accounts is what takes time.

It took about a week to set up the appliance itself and configure it, but we are talking about maybe a year to get everything configured the way we wanted it for the initial phase.

One reason we decided to have HashiCorp still and try to use SPP to push passwords to the HashiCorp setup is the password vault feature. We mainly use HashiCorp for retrieval of passwords because it is a much more built-out environment with APIs and other tools to connect to it. For that, we prefer HashiCorp. However, for overall user experience for less DevOps tasks, One Identity Safeguard or PAM is better in that regard.

It is not really that important to me that the secure remote access feature does not use a VPN because we only have it available internally. The goal is to make it easier for us to start a session, but we have some internal regulations making it not viable for us to make it available externally.

At the start, people thought One Identity Safeguard was hard to use. However, over time when they got used to it, they saw the benefit and the ease of use improved. We still have some people that are a bit harder to get to use it.

For the end user, there is really no issue in using One Identity Safeguard. They are told how to use it and usually figure it out for themselves. For the administrators, it takes a bit longer because there are quite a lot of options and things you can do. We currently have two in training, and they have been working with us for quite some time and still are not fully comfortable working with this PAM solution.

We have physical SPPs and virtual SPSs in One Identity Safeguard. I have no problem with the form factor of One Identity Safeguard's physical appliances, as they seem quite good for the use case.

One Identity Safeguard is deployed on-premises. The only maintenance we have is the upgrades, which happen every half a year I believe. Other than that, we just perform normal day-to-day tasks.

I would recommend One Identity Safeguard, but I would also recommend that they know everything they have before they actually start and prepare the users to be ready for a bit of change.

My main use case for One Identity Safeguard is using only one module for privileged session, which we use for admins and contractors.

A quick specific example of how my team uses One Identity Safeguard day-to-day is that we use only the second part for our contractors, not for admins in our company, but for companies that help us perform admin work and support our system.

The best features One Identity Safeguard offers include video recordings to help us control our support risks.

Accessing and reviewing those recordings when needed is easy, and there are no problems with recording or reviewing.

One Identity Safeguard has positively impacted my organization by helping us manage risk. We have this product as Balabit, which is a good product that is very light and helps us check or assist with our needs.

One Identity Safeguard could be improved with a password manager and an identity manager as one big access management system.

I believe improvements could be made around integrating with other tools.

I have been using One Identity Safeguard for eight years.

I rated One Identity Safeguard nine out of 10 because the stability and control could be better, as there are some problems with stability and errors when we use it.

As my organization grows or my needs increase, it is easy to add more users or expand the use of One Identity Safeguard, and that experience has been good.

I would rate the customer support for One Identity Safeguard as eight on a scale of one to ten.

I did not previously use a different solution before One Identity Safeguard.

The deployment of One Identity Safeguard solution took one or two days.

The deployment affected my privileged users in a way that was pretty smooth.

Before choosing One Identity Safeguard, I evaluated other options based on simplicity, price, and functionality.

Feedback from users regarding One Identity Safeguard's usability and functionality is that it is a good product and very simple to use.

My advice for others looking into using One Identity Safeguard is that it is a great solution for simple tasks, with a good price and good functionality.

My company does not have a business relationship with One Identity Safeguard vendor other than being a customer.

I rated this review nine out of ten.

Our main use case for One Identity Safeguard is to integrate it to clients that need the SPP functionality, which stands for Safeguard for Privileged Passwords. They do say that we could utilize One Identity Safeguard to its full extent for now, but we're getting there.

A quick specific example of how we use One Identity Safeguard with a client is that our latest client needed a password vault, so at first, we integrated One Identity Safeguard for Privileged Passwords, and then they asked for a personal vault so they could store their passwords and secrets, much like KeePass, so we integrated One Identity Safeguard Personal Vault as well. Lastly, they figured at some point down the line that they needed SPS as well, but only the primitive version of it, so we just decided to integrate SPS as well and form it into a cluster with SPP, but they don't use any third-party plugins as of now.

The best feature One Identity Safeguard offers is that it is a pretty new, modern tool that makes extensive use of its API. In general, it's easier than other tools to just perform maintenance work or perform work using the API of One Identity Safeguard. Also, the way that the access requests are structured—with entitlements and access request policies—makes it easier to govern data and identities. CyberArk, which is essentially the industry standard right now, is doing a very primitive job of helping the administrator with the task, and One Identity Safeguard is a lot better at this.

These features help my team day-to-day by making onboarding new users easier, and they also make it easier to create existing teams that are complete with their own password management, their own password profiles and rotations, password requirements, and who gets access to what, so it all makes it easier and faster.

One Identity Safeguard has positively impacted my organization by being another tool that we have in our arsenal to be able to get other clients as well, because we also sell One Identity IAM, and we can just bundle One Identity Safeguard with it. It also has a nice feature called remote access, which a lot of people want to use for externals in their organization, coupled with its just-in-time requisition, so it makes selling it much easier because One Identity is a company that's been in the field for ages.

One Identity Safeguard can be improved by fixing the documentation, which is very convoluted as of now, and addressing versioning, as some major bugs and issues are not documented well enough in the documentation, along with some patches and fixes. Custom plugins need to be introduced as soon as possible.

I give it an eight because it's a nice tool and it's a modern tool, but there are still some issues, not necessarily pertaining to the tool itself, but to the whole philosophy of One Identity and how they have structured their workflows and their knowledge base, which essentially has no knowledge base, just like CyberArk. There are some issues that need to be fixed, plus it does not have a custom option, and a lot of clients are using in-house made applications that also need to be onboarded to One Identity Safeguard to be able to launch a browser session to that application, which One Identity Safeguard has not had any capabilities that could assist with that.

I have been using One Identity Safeguard for two and a half years, ever since we pivoted from CyberArk, as we wanted to be more tool-agnostic, and we decided that One Identity Safeguard was our best option because we had a past with One Identity, with us being in an IAM team.

One Identity Safeguard is stable.

So far, we haven't had any issues with One Identity Safeguard's scalability; it's been fine, but we generally target smaller to mid-sized implementations.

The customer support for One Identity Safeguard is fine for what it is, even though everything needs to be run through them and there are no knowledge bases, so we have to wait for a response from the One Identity Safeguard company, and they also keep a lot of information, requiring us to make a request and then they would need to reply, but it's acceptable overall. It's not the worst I've seen.

I previously used CyberArk before switching to One Identity Safeguard.

The deployment of the solution takes about two to four weeks, give or take, but that's not counting waiting for the client to respond and all that.

About a month of training is required for end-users, and for us, it was four months to understand One Identity Safeguard, but that was because we already had experience in other PAM tools like CyberArk.

We are partners, executive partners, and resellers with this vendor.

My experience with pricing, setup cost, and licensing has been a good experience overall, as the back and forth with One Identity is something that is acceptable; other tools have options to do this automatically, and they have it, but pricing, presales, and sales is acceptable overall.

Before choosing One Identity Safeguard, I evaluated Zero Trust and Delinea, but they were for smaller organizations, so we decided to adopt One Identity Safeguard.

My advice to others looking into using One Identity Safeguard is to get familiar with the concepts of entitlements and access request policies, the keywords One Identity Safeguard uses, and also get familiar with the way that it handles session management and recording because it's a tool that needs a lot of time to get accustomed to. I give One Identity Safeguard an overall rating of eight out of ten.