Accelerated Time to Value

Achieve agile privileged password management that proactively manages privileged accounts, credentials, secrets, and sessions for people and machines, ensuring complete control and security, while also enabling zero trust to improve your security posture.

BeyondTrust Professional Services Password Safe packages offer scalable services engagements, with a drive toward providing customer self-sufficiency at all points along the engagement. The outcomes you receive are rooted in our best practices and are delivered in several Tiers, each representing increasingly comprehensive solutions.

  • Tier 1 Outcomes

Delivers essential Password Management & Session Management functionality for the assets in your environment. Reduces time to value as you quickly gain control of your credential and secrets usage. You gain visibility of credential and secrets usage through the Analytics & Reporting engine while satisfying your audit and compliance needs.

  • Tier 2 Outcomes

Delivers expert guidance when integrating installed enterprise systems such as SIEM tools or ITSM Ticketing systems. Implementation leverages structured approaches to developing and deploying advanced use cases for a variety of different asset types.

  • Tier 3 Outcomes

Delivers workshops to accelerate your enterprise-wide roll out using API frameworks and integrating with your Remote Desktop Services environments, for example. Provides working sessions to create customized oversight solutions and build on your self-sufficiency by developing a knowledge base.

Professional Services Criteria Tier 1 Tier 2 Tier 3
Infrastructure and High Availability
Appliances Up to 2 Up to 4 Up to 9
Active/Passive Yes Yes Yes
Active/Active[ 1] Yes Yes Yes
Analytics & Reporting[ 1] Yes Yes Yes
Privileged Account Management
Asset Import from Active Directory or Address Group with Discovery Scan 2500 5000 7500
Automated Password, SSH Management per Account, RDP & SSH Session Management per OS, Retrieve password for database account management 2 5 10
Remote Application Session Management per Application [ 1] 2 5
Define Access Policy, Password Complexity, per OS 1 3 5
Role Based Access Controls and Grouping per Password Safe Use Case
Desired number of completed Password Safe Use cases, from Common Use Case list below 5 10 13
Number of sets of Smart Groups for Assets, Managed Systems and Managed Accounts 5 10 15
Number of User Groups with Password Safe Roles assigned to Smart Groups 5 10 15
Features Configured
AD Integration count for User Security Group, Computer and Account Discovery, or LDAP integration per Domain 1 2 5
MFA (RADIUS or TOTP) integration for Password Safe (1 Provider) Yes
MFA (RADIUS or TOTP or SAML or Smart Card) integration for Password Safe (1 Provider) Yes Yes
Configured Syslog/SIEM connector from available built-in connectors 1 2
SSO (SAML2.0) or ITSM Integration from available connectors (choose one)[ 2] Yes Yes
Create custom platform connector(s) for SSH Sessions 1 3
Password Cache installation, configuration, and example API PowerShell script to pull from Cache Yes Yes
Hardware Security Module integration (Gemalto or Thales) Yes
Assist (Knowledge Transfer) with script development for Remote Applications on existing RDS Yes
Knowledge Transfer
Provide knowledge transfer for daily maintenance of the system Yes Yes Yes
Deployment summary document provided Yes Yes Yes
  1. Requires specific prerequisites in place prior to being able to implement this task
  2. Some connectors may require additional licensing

A custom engagement can be scoped to cover Architect Workshops, for an additional fee.

The numbers above represent the maximum number within each deliverable category. If requirements or critiera fall outside of the typical deliverables noted, a custom scoped engagement is also available.

Based on each Tier, certain Password Safe use cases are available to be configured, as listed below:

Use Case Info Tier 1 Tier 2 Tier 3
Use Case 1 - Rotate password and proxy RDP session - Local Windows Administrator to Windows Server Yes Yes Yes
Use Case 2 - Rotate password and proxy SSH session - Local root/privileged account to Linux/ Unix server Yes Yes Yes
Use Case 3 - Rotate password and proxy SSH session - Local Administrator to Network device Yes Yes Yes
Use Case 4 - Rotate password and proxy RDP session - Active Directory Windows Administrator to Windows Server Yes Yes Yes
Use Case 5 - Rotate password and proxy SSH session - Active Directory Administrator to Linux/ Unix server - requires established Active Directory bridge Yes Yes Yes
Use Case 6 - Rotate password and proxy SSH session - Active Directory Administrator to Network device - requires established Active Directory bridge Yes Yes Yes
Use Case 7 - Rotate and RDP - Dedicated Active Directory Administrator to Windows Server - ensure only the individual can see their administrator account - requires naming convention to match with suffix or prefix Yes Yes Yes
Use Case 8 - Rotate and Retrieve Password - Local Database Administrator on Database Yes Yes Yes
Use Case 9 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Linux/Unix server Yes Yes Yes
Use Case 10 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Network device Yes Yes Yes
Use Case 11 - Rotate password on Windows Services or Scheduled Tasks - Windows Administrator on Windows Server with Service using account as “log on as” Yes Yes
Use Case 12 - Retrieve Password - Administrator on Cloud platform Yes
Use Case 13 - Application Session - Managed local or Active Directory Administrator account - requires established script and Remote App configured on RDS Yes
Prefers reduced motion setting detected. Animations will now be reduced as a result.