BeyondTrust Bomgar PRA/PAM/SRA Competitors Comparison

Comparing a purpose-built OT appliance versus one with enterprise level complexity & dependencies

Download Guide

XONA vs. BeyondTrust Bomgar PRA/PAM

A comparison of the XONA Critical System Gateway (CSG) to BeyondTrust Privileged Remote Access (PRA) solution highlights the difference between a self-contained and hardened secure user access solution for OT/CI, versus one that requires numerous software and hardware components and is extremely complex to configure, maintain, and use.

The need for technology that can support secure user access has expanded to embrace the operators responsible for managing critical infrastructure1(CI), and the operational technologies (OT) and industrial control systems (ICS) that enable them to function. Yet, few of the solutions available are purpose-built for OT, with the need for simplicity, and an ability to address OT-specific regulatory compliance requirements, such as ISA99/IEC 62443, NERC-CIP, NIST SP 800-207, NIST 800-53, and TSA SD02C. In fact, while many solutions exist for workers to securely access a network, too often they continue to use legacy access solutions that either inject more cyber risk into OT environments, and/or are too complex to deploy and maintain.

Download a detailed breakdown comparing both solutions in the XONA vs. BeyondTrust Bomgar PRA comparison guide.

Operational Cost & Complexity

BeyondTrust Bomgar PRA

Purpose-built for OT and Critical Infrastructure (CI)

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Simple to deploy. Intuitive to use. Set and forget.

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Frictionless 3rd-party access. Nothing required aside from a device with a modern browser supporting HTTPS.

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Deployment – Easy to Deploy

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Software must be staged on hardware, VM, or cloud

XONA Systems

Not Applicable

BeyondTrust Bomgar PRA

Good
Network/Firewall modifications required

XONA Systems

Not Applicable

BeyondTrust Bomgar PRA

Concerning
Agent (vendor) required

XONA Systems

Not Applicable

BeyondTrust Bomgar PRA

Worst
User/operator must install proprietary client application for full solution functionality

XONA Systems

Not Applicable

BeyondTrust Bomgar PRA

Worst
Time required to install

XONA Systems

Best

BeyondTrust Bomgar PRA

Concerning
Usability

XONA Systems

Best

BeyondTrust Bomgar PRA

Concerning
Manageability

XONA Systems

Best

BeyondTrust Bomgar PRA

Concerning
Network Complexity

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Risk of losing access to OT Asset

XONA Systems

Best

BeyondTrust Bomgar PRA

Concerning
Zero Trust Approach

BeyondTrust Bomgar PRA

Authentication (e.g., 1FA, 2FA/MFA, SAML 2.0)

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
Authorization – Enforces least privilege

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
User access is limited to specific OT/CI systems

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
User access is limited to specifics dates and times

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
Cybersecurity

BeyondTrust Bomgar PRA

Data Stream Protection

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Secure File Transfer

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
OT Protocol Isolation

XONA Systems

Best

BeyondTrust Bomgar PRA

Worst
Risk Introduced based on external dependencies

XONA Systems

Not Applicable

BeyondTrust Bomgar PRA

Concerning
Key Features & Functionality

BeyondTrust Bomgar PRA

User/Operator Session Monitoring

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
User/Operator Session Recording (video)

XONA Systems

Best

BeyondTrust Bomgar PRA

Good
Compliance support for key OT regulations such as ISA99/IEC 62443, NERC-CIP, NIST 800-53, and TSA SD02C

XONA Systems

Best

BeyondTrust Bomgar PRA

Good
High Availability Option

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
Log Management Integrations (e.g., SIEM, etc.)

XONA Systems

Best

BeyondTrust Bomgar PRA

Best
Incident Management Integrations

XONA Systems

Good

BeyondTrust Bomgar PRA

Best

Best Worst

Best
Good
Concerning
Worst
Not Applicable

Conclusion

In evaluating secure user access solutions for OT/CI, it’s important that the solution be flexible enough to address the operational needs and constraints of the environment into which it will be deployed, supports a zero-trust authentication and authorization model, and brings a high degree of security to the OT environment into which it needs to connect.

BeyondTrust Bomgar describes its solution as simple to deploy, manage, and use. However, their administration and remote access manuals illustrate that it’s significantly more complex, and one that is designed for an IT (Enterprise) versus OT environment. BeyondTrust requires the use of Jump Clients (agents), Jumpoints, Jump Hosts, and desktop software such as BeyondTrust Access Console for remote access. BeyondTrust puts a heavy burden on users, operations, and other teams to support from initial deployment to ongoing maintenance and use.

In contrast, the XONA Critical System Gateway (CSG) enables frictionless employee, contractor, and/or vendor access that’s purpose-built for operational technology (OT) and critical infrastructure (CI).

The CSG is the definition of simplicity and can be deployed in less than an hour. It’s approach to data stream protection and protocol isolation mitigates the risk of connecting to a protected OT network, and eliminates common attack vectors, while reducing the overall attack surface. It also enables compliance with OT-specific regulations such as ISA99/IEC 62443, NERC-CIP, NIST SP 800-207, NIST 800-53, and TSA SD02C.

XONA CSG is your secure portal into the cyber-physical world that enables critical operations to happen from anywhere with total confidence and trust.

1 https://www.cisa.gov/critical-infrastructure-sectors

All company and product names, logos, trademarks, service marks and branding are the property of their respective owners. All company, product and service names used in this document are for identification purposes only. Use of these names, logos, and brands does not imply endorsement or criticism. The information included in this document/web page was gathered from publicly available sources and based on our opinion from our research and technical evaluation. This document is intended for general informational purposes.