Alternatives to Perimeter 81

Perimeter 81 is a cloud-based Secure Access Service Edge (SASE) platform that provides centralized access to local networks, applications, and cloud resources. The company takes a security-first approach and aims to disrupt the VPN industry by offering a simple and scalable network access alternative for organizations of all sizes. However, if you're looking for a more reliable and enterprise-ready solution to manage access to infrastructure, Perimeter 81 might not be the best solution for your needs. This blog post will take a look at a few Perimeter 81 alternatives and discuss the strengths and weaknesses of each.

Perimeter 81 Overview

Brief product summary

Businesses use Perimeter 81 to secure their remote workforce. IT Admins can build multiple groups and control team permissions using an intuitive user interface. The software then integrates with popular security information and event management (SIEM) tools to help monitor and log network activity and protect company resources.

Use cases

• Zero trust network access.
• Zero trust application access.

Pluses

• Implements security policies across the network.
• Secures remote access to a variety of resources.
• Access scales with your growth.
• Integrates with systems on all major cloud platforms.
• Provides fully audited access.
• Delivers a zero trust access model.

Minuses

• Resource intensive, causing performance issues.
• SSO integration is erratic.
• Commonly reported problems with disconnection.

1. StrongDM

Brief product summary

StrongDM is a control plane to manage and monitor access to databases, servers, and Kubernetes. Their zero trust model means instead of distributing access across a combination of VPN, individual database credentials, and SSH keys, StrongDM unifies user management in your existing SSO (Google, Onelogin, Duo, Okta, SAML, etc...) and keeps the underlying credentials hidden. Neither credentials nor keys are accessible by end users. Because StrongDM deconstructs every protocol, it also logs all database queries, SSH and RDP sessions, and kubectl activity.

Use cases

• Faster onboarding- no need to provision database credentials, ssh keys, VPN passwords for each new hire.
• Secure off-boarding- suspend SSO access once to revoke all database, server access.
• Automatically adopt security best practices- least privilege, just-in-time access, audit trail.
• Comprehensive observability and visibility- log every permission change, database query, ssh & kubectl command.
• Vendor privileged access management-connect third-party vendors to resources with project-based access that automatically expires.
• Security and compliance teams-simplify HIPAA, SOC 2, SOX, ISO 27001 compliance certification.
• Modern Cloud PAM solution-built to support a variety of cloud networks, including public, private, multi-cloud, and hybrid.

Pluses

• Easy deployment - self-healing mesh network of proxies.
• No change to workflow- use any SQL client, CLI, or desktop BI tool.
• Standardize logs across any database type, Linux or Windows server, and Kubernetes.
• Graphical client for Windows and macOS.
• See and replay all activity with session recordings.
• Manage via a user-friendly web browser interface.
• Simple, straightforward pricing.

Minuses

• Requires continual access to StrongDM API for access to managed resources.

StrongDM’s G2 Reviews

• 51 reviews (at the time of writing)
• 4.8 / 5 stars

Read all of StrongDM’s G2 reviews here.

Pricing Information

StrongDM offers simple per-user pricing, starting at $70/license, including support for all resource types.

Users have the option to sign up for a free 14-day trial.

2. Pomerium

Brief product summary

Pomerium is an "identity-aware proxy" which aims to disrupt the VPN industry. Pomerium works on just about any device, providing remote access management solutions for individuals to enterprise-level companies. Pomerium works as a SASE solution that allows users to manage the authentication and authorization of any internal or third-party application. Essentially, Pomerium adds SSO capabilities to just about any application. However, if you're looking for a more robust way to manage access to databases and Kubernetes clusters, Pomerium might not be the best solution for your needs. This blog post will take a look at a few alternatives and discuss the strengths and weaknesses of each.

Use cases

• Simplifies workflows for DevOps teams.
• Free end-users from having to use a VPN.
• SASE management to support IT.
• Centralizes access and authentication for applications.

Pluses

• Eliminates need for VPN.
• Cloud or on-prem options available.
• Can add SSO to any application.
• Centralized authentication and authorization.
• Remote access from any location.

Minuses

• Relatively new in the space.
• Lacks rich customization.
• Minimum purchase of 50 users.
• Non-comprehensive list of available integrations.

3. Delinea (Thycotic Centrify)

Brief product summary

Delinea’s Privilege Manager is a tool that allows organizations to secure access for privileged administrators (typically systems and database administrators) to Windows Servers, Linux servers, and some database management systems via a centralized authentication method. Delinea does not secure access to modern and cloud-native databases, Kubernetes clusters, cloud CLIs, switches, routers, or internal web applications.

Use cases

• Centralized access to Linux and Windows servers, and some legacy databases.

Pluses

• SSH access available.
• RDP access available.
• Authenticates users via LDAP and Active Directory (AD).
• Integrates with some machine groups.
• Cloud and on-premise deployable.
• Simpler pricing.

Minuses

Delinea is designed for legacy systems and highly privileged administrators. It is designed for Windows-based environments and does best with legacy databases and authentication methods (AD, LDAP).  Delinea is not designed for any cloud-native environments, newer database management systems, nor modern infrastructure tooling like Kubernetes, Docker, and ephemeral environments). Finally, Delinea does not cover all users within a company, most of whom require access to systems that contain privileged information (for example, financial analysts who might need access to transactional information).