Cisco Duo is a two-factor authentication system (2FA), acquired by Cisco in October 2018. It provides single sign-on (SSO) and endpoint visibility, as well as access controls and policy controlled adaptive authentication.
$3
per month per user
WatchGuard AuthPoint
Score 8.9 out of 10
N/A
AuthPoint Total Identity Security provides businesses with a solution to protect user accounts and credentials. With
multi-factor authentication and dark web credential
monitoring, AuthPoint mitigates the risks associated with workforce credential
attacks. AuthPoint adds an extra layer of security by monitoring for
potential credential exposure in the dark web for both personal and corporate
accounts.
Cisco Secure Access by Duo, against WatchGuard AuthPoint, is a broader tool with more applicability across applications to my knowledge. I also find it to be faster, and simpler for users to understand. For example, with Authpoint, the tokens that appear and "count down" seem …
As we were on Cisco VConnect mobility client, we felt the ROI of using a Cisco auth client would be much better even though when we took this decision, remote working wasn't in vogue. That's the main business reason for going with Duo / Cisco Secure Access, by Duo--a …
We use different 2FA providers to secure different things. We are actively using Duo now, as well as WatchGuard AuthPoint. Each provider has different strengths, and you must test the applicability of a service in your own environment.
We reviewed and tested Duo, but having already WatchGuard products, and WatchGuard AuthPoint also having more capabilities, we ended up with them. One less vendor to deal with and also knowing them for a long time and having a great relationship was the key factor to move …
Having the Multi-Factor Authentication developed by the same developer of the devices we use is very beneficial when we have to troubleshoot something. Support is great and is very responsive. Clients seem to prefer using their software over another vendor. The app is very …
The biggest reason we selected Watchguard was support. We already use Watchguard firewall products and have received excellent support from our third-party vendor, Watchguard.
I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard …
WatchGuard AuthPoint is less expensive than most competitors, easier to manage through WatchGuard Cloud, and the MFA solutions is rock solid and secure. We do not worry about vulnerabilities with WatchGuard AuthPoint.
AuthPoint integrates with our WatchGuard driven security stack, and is therefor the obvious choice. Competitive pricing. One vendor means streamlined implementation and management, streamlined support.
WatchGuard AuthPoint has similar or more features than both Duo and Microsoft 365 Azure MFA. Its setup guides are much more fleshed out than Microsoft's and it is priced lower than both options. As long as your options for the 3 years licensing.
Duo Secure works in a very similar way. We utilize WatchGuard routers & access points in all our offices. We use the WatchGuard Mobile VPN software too. We knew that the WatchGuard AuthPoint would integrate well with our current equipment.
AuthPoint has better integration with the product stack. Simpler to implement. Less complex of a setup. Easier to explain to customers and easier training for the engineering/support team. Licenses per user are good value and affordable for the majority of our small and …
AuthPoint was a clear choice when comparing these products. With a mixed OS environment, Cisco Duo did not seem to work well. Azure MFA does not work with MAC OS. Watchguard AuthPoint met what we needed.
The product works great but needs more control on the device itself (no jailbroken device, check the local update, etc). The GUI is more clean and simple on the Authpoint side.
We have implemented both Azure VPN Gateway & Cisco Duo in our environment alongside AuthPoint. Each has a different use case. Azure VPN client (we are using this with O365 MFA) is a split tunnel solution, relatively cost-effective and easy to use - the beauty of the solution …
In my opinion, Authpoint is by far the better product for MFA. Firstly, the ease of setup and maintaining the system is 100% easier and simple than DUO. Not having to change random hidden text files to achieve what you need. Install one gateway server and you're away. Simple. …
Cisco Duois is well suited in all kinds of scenarios where you need to ensure proper security measurements, I think. We can't just rely on our passwords only, as they can be easily stolen through phishing or data breaches thus keeping multi factor authentication is quite essential. I always prefer MFA or at least 2FA for any critical system.
While I cannot speak of the functionalities that we do not use, the 2nd factor authentication has been great. It's actually secure, I can control it all remotely, users don't mind the extra step, and management feels more at ease knowing that we have full access control. The VPN for remote connections is fast and stable, it stays connected during network oddities and has plenty of bandwidth.
So outside the obvious of multifactor and it being important, one thing I really like about DUO is the integrations and the options it has for integrations are pretty great. And I'd say versatile. I use Cisco ICE as well and I find I'm more most impressed with Cisco Duo specifically with the weird applications we could come up with for it in using it. So I had say the versatility of authentication and other AAA factors with the Cisco duo are why we like it so much.
Works well with the free Authpoint client and the OpenVPN clinet.
Token management is simple and hosted completely in the cloud to reduce overall complexity
Setup was simple and and staighforward
Suppports several authentication methods we have used both RADIUS and SAML effectively, but ADFS, IDP, RDWeb, and RESTful API, and other custom apps are supported.
Geofencing for RDP has been very useful as it is independant of our firewall geofencing. This is quite useful for organizations like us who do not Geofence at at the firewall level so as to provide global access to resources on the DMZ.
Documentation is oftentimes missing key information for proper implementation. This is circumvented by reading third-party guides or contacting support for additional details.
They do not push Fail-Closed as much as I think they should. Fail-Open is fairly trivial to bypass and it should be made known to the customer during setup how much this will affect overall security.
More vendor integration is something that is always craved by administrators. There are so many third-parties to integrate with.
We frequently have people locked out because they type their one-time password into the QR code entry box. I wish we could choose to default to a one-time password for the organization. It would be even nicer if the OTP worked in the QR code box.
Being in the IT department, I have to set up many computers, which means I have to use Authpoint codes all the time. I wish there was a way to press a button at the top of the app and instantly refresh your codes. It takes forever when I'm signing into 20 different computers in a row because I have to wait for a new code to generate before I can sign into the next computer.
There are a lot of competing solutions on the market; however, Duo "just works", and there is little to no learning curve for the new members to be acclimated to it. As long as that continues I see it as the preferred option moving forward
Today to ensure our ISO 27001 certification it is important that we maintain this solution. Today it is part of the way any employee within the organization works, we no longer have any other way of working and it is the simplest way to ensure that access to the workstation is done with MFA.
La interfaz es intuitiva y fácil de navegar, lo que permite a los usuarios administrar sus dispositivos y acceder a las políticas sin problemas. La integración con las aplicaciones SSO y SaaS facilita aún más el proceso de acceso, mejorando la experiencia del usuario.
After initial setup, it practically runs itself. Onboarding new users is fast and easy as it should be. The AuthPoint mobile app is small and simple to use. The only reason I do not give it a 10 is that I frequently get complaints from end users that the AuthPoint app is "constantly downloading". In fact, it's not downloading anything and that what the users are seeing in the app is a timer for the 6-digit code that changes every minute.
In the last 5+ years we've been using Duo, there may have been 1 outage that impacted us. We do receive periodic notifications of issues but, for the most part, they impact carriers or functionality that we either don't use, or do not care about.
I have not needed direct support for Cisco Secure Access by Duo as I have not had a problem with it, but I have full confidence that the support is outstanding. It is now a core component of the corporate technology stack - a problem would mean a serious degradation in the ability of the company to function.
WatchGuard support is always quick and reliable. They have urgency levels that you are able to select when creating your support ticket, and they respond in accordance to the severity that you have set. I have never had an issue with getting someone on the phone in the same business day, even for very low priority issues.
It was an Onsite demo at the ditributor with the benefits of Watchguard Authpoint. Was very nice to see the abilities of the product. This Demo was a few years back, since then Authpoint changed allot. It is very nice for partners that you can get this demo without any aditional cost.
We use the online training for all our employees. There are both sales and technical trainings available and there even is a technical certification. You can use this for the Watchguard Partner Program which can give you aditional benefits. Every now and then you have a webinar that discusses multiple Watchguard products.
Implementation was straight forward and you can isolate different scenarios in order to test new application setup or add to an existing setup. Gui interface is pretty easy to understand and follow. I had no experience with Duo and still manage to easily set up new policies and rules.
the first time it takes more effort. It is helpful to already understand how each authentication type works. Then it's much easier to understand the MFA solution that you implement. It is useful to check the release notes from time to time and update the key parts of the Watchguard Authpoint. Authpoint Gateway, Logon App, RDWeb... Also, it's useful to set up notifications when something goes wrong or sometimes check the statistics of how many requests are being approved/denied, etc.
It's easier to deploy. When comparing the quality of technical support, Duo Security is the preferred option. Duo has better integration options for out-to-the-box on-premise and cloud applications. The dashboard brings you more reports, and the access event logging is very complete. The quality of end-user training and documentation is superior. I think the relation price vs. value Cisco Secure Access by Duo has the best rating: service & support, integration & deployment, licensing, and capability.
I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard OTP for admin accounts, so it can be managed by a team. Duo support however leaves a lot to be desired and gives Watchguard the edge
Our end uses found this product very easy to use. Using one overview session, I have not had to follow up with users to access the product.
Once deployed, other users in our environment heard about the ease of use. We then had a 25% increase in requests for the product.
This product has added to the overall satisfaction of users having to work offsite, attend conferences and other travel while still being able to stay connected to their work product.
