Skip to main content
TrustRadius
BeyondTrust Endpoint Privilege Management

BeyondTrust Endpoint Privilege Management

Overview

What is BeyondTrust Endpoint Privilege Management?

BeyondTrust Endpoint Privilege Management, powered by PowerBroker and Avecto reduces the risk of privilege abuse by eliminating unnecessary privileges, and can elevate rights to Windows, Mac, Unix, Linux and network devices without hindering productivity.

Read more
Recent Reviews

TrustRadius Insights

Snow automation has revolutionized policy management by streamlining the approval process and reducing the need for extensive rules. Users …
Continue reading

Tons of features for a PAM solution

10 out of 10
January 31, 2022
We needed a solution that would allow secure access to our OT/SCADA/DCS network for both internal users and vendors. We evaluated a few …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Product Demos

BeyondTrust Endpoint Privilege Management for Unix - demo

YouTube

BeyondTrust Endpoint Privilege Management for Windows and Mac - demo

YouTube
Return to navigation

Product Details

What is BeyondTrust Endpoint Privilege Management?

BeyondTrust Endpoint Privilege Management suite enables users to eliminate unnecessary privileges and elevate rights to Windows, Mac, Unix, Linux and network devices without hindering productivity.

BeyondTrust Endpoint Privilege Management Features

  • Supported: Least Privilege Enforcement: Elevate privileges for standard users across Windows, Mac, Linux, or Unix through fine-grained policy-based controls, providing just enough access to complete a task.
  • Supported: Audit User Activity: Correlate user behavior against security intelligence and access a complete audit trail of all user activity that speeds forensics and simplifies compliance.
  • Supported: Trusted Application Protection: Stop attacks that take advantage of email attachments, bad scripts, and malicious websites by securing Office, Adobe, and web browsers with built-in, context-based security controls.

BeyondTrust Endpoint Privilege Management Video

BeyondTrust Endpoint Privilege Management Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo
Supported CountriesWorldwide
Supported LanguagesEnglish
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(25)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Snow automation has revolutionized policy management by streamlining the approval process and reducing the need for extensive rules. Users have praised this feature, stating that it saves time and makes policies lightweight. With the ability to approve requests directly from the Snow platform, specific requests for individual users can now be easily addressed. This has been particularly useful in ensuring prompt approvals and enhancing user experience. Another significant use case of Snow automation is its ability to provide detailed insights into privilege levels for applications and processes on users' machines. This feature enables organizations to achieve the principle of least privilege, allowing users to install software or elevate their rights without requiring complete administrator access. Users have found this tool invaluable in managing appropriate privilege levels, thus improving security while maintaining productivity. One of the key challenges faced by organizations is controlling the use of licensed software and preventing the introduction of unlicensed or dangerous software into their environment. Snow automation effectively addresses this problem by monitoring and controlling licensed software usage. By doing so, it eliminates the need for staff to have local administrator permissions, ensuring productivity with security and earning clients' confidence. Granting admin rights to a large number of users can pose significant security risks. However, with Snow automation, the need to provide admin rights has been eliminated, creating a more secure environment. Users have acknowledged that BeyondTrust's tool has played a vital role in addressing this challenge while still enabling end-users to work efficiently. BeyondTrust's privileged access management solution has been widely embraced as an asset that provides comprehensive IT support comparable to having someone physically present. It has proven instrumental in various scenarios such as remote work setups, home offices, and traveling employees. Organizations have successfully utilized this tool to deliver virtual customer service, analyze the market, prepare staff, and manage department customers. Additionally, BeyondTrust helps protect organizations by ensuring compliance with regulations through preventing users from accessing prohibited sites. The Avecto Tools offered by BeyondTrust simplify elevated permission provisioning and access management for system administrators. By effectively preventing malware infections on users' machines, BeyondTrust's security measures have proven highly effective in safeguarding critical resources. Crafting specific rules for tricky applications and ensuring compatibility with new versions of the product or operating systems can pose challenges. However, users have commended BeyondTrust's support for their helpful assistance in addressing such issues and refining rule configurations. BeyondTrust's privileged account management solution has become a go-to choice for organizations aiming to address security concerns and prevent privilege abuse among developers and administrators with server access. Additionally, the Endpoint Privilege Management software has been deployed to all developers and administrators with access to servers, addressing security concerns and preventing privilege abuse. Furthermore, organizations have embraced BeyondTrust's Endpoint Privilege Management software to prevent the installation of malicious software on laptop workstations, bolstering cybersecurity within the enterprise. BeyondTrust PowerBroker has proven effective in auditing transactions from active Oracle Databases, offering tailored reporting for different audiences. This functionality provides organizations with valuable insights and helps ensure compliance with regulatory requirements. Moreover, BeyondTrust's solution has been chosen for secure access to OT/SCADA/DCS networks for both internal users and vendors. With a wide range of features at an optimal price point, it has been deployed globally across all mine sites. Organizations appreciate its ability to enhance network security while providing convenient and controlled access to critical systems. In summary, Snow automation and BeyondTrust's suite of tools have been pivotal in optimizing policy management, maintaining appropriate privilege levels, controlling licensed software usage, and safeguarding against security risks. These offerings have addressed various challenges faced by organizations, ranging from managing admin rights to supporting remote work setups. Users have praised their effectiveness in streamlining processes, enhancing security measures, and improving overall productivity.

Functionality of Smart Rules and Scripting: Several users have praised the functionality of smart rules and scripting in BeyindTrust, stating that it is very good for managing tasks before, during, and after execution. They appreciate the ability to perform tasks from the script without interfering with or affecting the user.

All Logs in One Place with Rule Creation: Many reviewers have mentioned that having all logs in one place and being able to create rules based on them has been extremely helpful. This feature has aided in identifying and fixing most issues, while also providing control over the applications used by their business.

Effective Radius and SNOW-Automation Features: Users have highlighted the effectiveness of the Radius and SNOW-Automation features in BeyindTrust. These features provide an additional layer of security, ensuring a robust system for managing privileges.

Cons:

  1. Lack of Failover Option for Radius Setting: Some users have suggested that the Radius setting should have a failover option to add two addresses and route the traffic to the other if one is not working, enhancing reliability and ensuring uninterrupted service.
  2. Expensive Training Costs: Several reviewers find the training provided by the company to be very costly compared to other vendors, which may deter potential customers from investing in the necessary knowledge and skills required to effectively use the tool.
  3. Steep Learning Curve and Limited Support: Some users feel that the tool requires an intermediate to advanced level of knowledge of the Windows OS platform. They suggest complimentary training should be offered by the company to its paying customers. Additionally, getting an engineer from the product team to discuss and resolve issues can be difficult, indicating a need for improvement in technical support processes.

Attribute Ratings

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
Score 10 out of 10
Vetted Review
Verified User
We needed a solution that would allow secure access to our OT/SCADA/DCS network for both internal users and vendors. We evaluated a few vendors but decided on BeyondTrust since their solution provided a wide variety of features at the optimal price point. We have it deployed globally at all mine sites using distributed environments.
  • Reporting capabilities for user activities, including complete session recordings
  • Integration with SAML for SSO and secure LDAP authentication
  • Jump point servers for central isolated access from outside the network
  • There is an extremely steep learning curve.
  • To set this up effectively, you will need their professional services.
  • Web Jump (HTTPS) is not included in the base license. This should have been included by default, as it is a standard remote access method.
If you need secure monitoring of access to an OT network, this is the solution for you. It tracks and records everything. This is not recommended for standard remote access VPN for end users, as there is a learning curve. I would only recommend it for access to networks that need to be fully secure.
  • RDP, SSH, and Web Jump
  • Session recordings
  • Approval for starting sessions
  • We are able to securely monitor activity from vendors accessing our network.
  • This meets our cybersecurity objectives of securing our OT networks.
  • The benefits far outweigh the initial cost of the software.
BeyondTrust Endpoint Privilege Management has more features than CyberArk and more detailed options for configurations. BeyondTrust Endpoint Privilege Management is more focused on setting up access-related endpoints, which requires some fine tuning and understanding for use cases where a single endpoint has to be shared with multiple vendors. CyberArk's setup is more geared to users' accounts and then endpoint management under the user accounts.
Return to navigation