Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português

Info icon Announcement: 2026 KuppingerCole PAM Leadership Compass: BeyondTrust recognized as an Overall Leader and top Product Leader among 36 evaluated vendors. Access the Report

  • Home
  • Services & Training
  • Professional Services
  • Password Safe + Privileged Remote Access Implementation Services current page
Link copied

Password Safe + Privileged Remote Access Implementation Services

Overview

Accelerated Time to Value

BeyondTrust Professional Services deliver best practices and a cost-effective path to a successful Password Safe Cloud and Privileged Remote Access implementation. Professional Services security engineers partner with customers on installation, configuration, and knowledge transfer to achieve the desired business outcomes.

The BeyondTrust Password Safe + Privileged Remote Access bundle offers the best-in-class credential management of Password Safe with the best-in-class session management of Privileged Remote Access. This services package delivers both the configuration of Password Safe and Privileged Remote Access as well as the integration that allows Password Safe managed credentials to be injected in Privileged Remote Access sessions and for those credentials to be rotated on session close.

Customer Outcomes

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Each Tier includes our standard Password Safe outcomes as well as deployment, configuration and integration with Privileged Remote Access.

  • Tier 1 Outcomes

Delivers essential Password Management & Session Management functionality for the assets in your environment. Reduces time to value as you quickly gain control of your credential and secrets usage. You gain visibility of credential and secrets usage through the Analytics & Reporting engine while satisfying your audit and compliance needs.

  • Tier 2 Outcomes

Delivers expert guidance when integrating installed enterprise systems such as SIEM tools or ITSM Ticketing systems. Implementation leverages structured approaches to developing and deploying advanced use cases for a variety of different asset types.

  • Tier 3 Outcomes

Delivers workshops to accelerate your enterprise-wide roll out using API frameworks and integrating with your Remote Desktop Services environments, for example. Provides working sessions to create customized oversight solutions and build on your self-sufficiency by developing a knowledge base.

Professional Services Criteria Tier 1 Tier 2 Tier 3
Resource Zones & Brokers
Resource Zones 1 2 4
Resource Brokers 2 4 8
Privileged Account Management
Asset Import from Active Directory or Address Group with Discovery Scan 2500 5000 7500
Automated Password, SSH Management per Account, RDP & SSH Session Management per OS, Retrieve password for database account management 2 5 10
Remote Application Session Management per Application 1 2 5
Define Access Policy, Password Complexity, per OS 1 3 5
Role Based Access Controls and Grouping per Password Safe Use Case 2
Desired number of completed Password Safe Use cases, from Common Use Case list below 5 10 13
Number of sets of Smart Groups for Assets, Managed Systems and Managed Accounts 5 10 15
Number of User Groups with Password Safe Roles assigned to Smart Groups 5 10 15
Password Safe Features Configured
AD Integration count for User Security Group, Computer and Account Discovery, or LDAP integration per Domain 1 2 5
MFA (RADIUS or TOTP) integration for Password Safe (1 Provider) Yes
MFA (RADIUS or TOTP or SAML or Smart Card) integration for Password Safe (1 Provider) Yes Yes
Configured Syslog/SIEM connector from available built-in connectors 1 2
SSO (SAML2.0) or ITSM Integration from available connectors (choose one) 3 Yes Yes
Create custom platform connector(s) for SSH Sessions 1 3
Secrets Cache installation, configuration, and example API PowerShell script to pull from Cache Yes Yes
Assist (Knowledge Transfer) with script development for Remote Applications on existing RDS Yes
Privileged Remote Access Deployment & Configuration
Cloud Tenant Deployed Yes Yes Yes
User Authentication Configured via Local, LDAP, Active Directory or SAML Yes Yes Yes
MFA via SAML / Kerberos / RADIUS / Smart Card (1 Provider) Yes Yes Yes
Privileged Remote Access Features Configured
Integration to Password Safe Vault Yes Yes Yes
Teams Configured Up to 10 Up to 10 Up to 10
Access Consoles and Endpoints Manually Deployed Up to 5 each Up to 5 each Up to 5 each
Access Console and Endpoint Mass Deployment Advised Yes Yes Yes
Knowledge Transfer
Provide knowledge transfer for daily maintenance of the system Yes Yes Yes
Implementation Closure Report Yes Yes Yes
  1. Requires specific prerequisites in place prior to being able to implement this task
  2. Use Cases for this product are specific to platform, to be discussed with Sales team
  3. Some connectors may require additional licensing

FAQ

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

A custom engagement can be scoped to cover Architect Workshops, for an additional fee.

The numbers above represent the maximum number within each deliverable category. If requirements or critiera fall outside of the typical deliverables noted, a custom scoped engagement is also available.

Common Use Cases

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Based on each Tier, certain Password Safe use cases are available to be configured, as listed below:

Use Case Info Tier 1 Tier 2 Tier 3
Use Case 1 - Rotate password and proxy RDP session - Local Windows Administrator to Windows Server Yes Yes Yes
Use Case 2 - Rotate password and proxy SSH session - Local root/privileged account to Linux/ Unix server Yes Yes Yes
Use Case 3 - Rotate password and proxy SSH session - Local Administrator to Network device Yes Yes Yes
Use Case 4 - Rotate password and proxy RDP session - Active Directory Windows Administrator to Windows Server Yes Yes Yes
Use Case 5 - Rotate password and proxy SSH session - Active Directory Administrator to Linux/ Unix server - requires established Active Directory bridge Yes Yes Yes
Use Case 6 - Rotate password and proxy SSH session - Active Directory Administrator to Network device - requires established Active Directory bridge Yes Yes Yes
Use Case 7 - Rotate and RDP - Dedicated Active Directory Administrator to Windows Server - ensure only the individual can see their administrator account - requires naming convention to match with suffix or prefix Yes Yes Yes
Use Case 8 - Rotate and Retrieve Password - Local Database Administrator on Database Yes Yes Yes
Use Case 9 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Linux/Unix server Yes Yes Yes
Use Case 10 - Rotate SSH Key and proxy SSH session - Local Administrator with Password and/or SSH Key to Network device Yes Yes Yes
Use Case 11 - Rotate password on Windows Services or Scheduled Tasks - Windows Administrator on Windows Server with Service using account as “log on as” Yes Yes
Use Case 12 - Retrieve Password - Administrator on Cloud platform Yes
Use Case 13 - Application Session - Managed local or Active Directory Administrator account - requires established script and Remote App configured on RDS Yes

Additional Information

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Cancellation Policy

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.