JumpCloud® delivers a unified open directory platform used to securely manage identities, devices, and access across an organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform.
$11
per month per user
WatchGuard AuthPoint
Score 8.9 out of 10
N/A
AuthPoint Total Identity Security provides businesses with a solution to protect user accounts and credentials. With
multi-factor authentication and dark web credential
monitoring, AuthPoint mitigates the risks associated with workforce credential
attacks. AuthPoint adds an extra layer of security by monitoring for
potential credential exposure in the dark web for both personal and corporate
accounts.
JumpCloud is least suited in situations where you have few devices, but lots of users. JumpCloud heavily focuses on the "One-User-One-Device" type of use, and does lack some of the features things like Active Directory is better suited for when having multiple users accessing one machine. Their Powershell APIs are fantastic and getting only more powerful. Lots of features are hidden behind these APIs, so admins not as familiar with Powershell would have more issues leveraging these tools. BYOD deployments are amazing, especially for macOS devices that are using Apple Business Manager and can leverage Zero Touch deployments. It is especially good at handling mixed systems, whereas other options, such as Jamf, are really suiting only for macOS, or Intune is more suited for Windows; JumpCloud managed to handle both systems well.
While I cannot speak of the functionalities that we do not use, the 2nd factor authentication has been great. It's actually secure, I can control it all remotely, users don't mind the extra step, and management feels more at ease knowing that we have full access control. The VPN for remote connections is fast and stable, it stays connected during network oddities and has plenty of bandwidth.
User Management - The ability to control our users and set password/polices is made easy in the JC console
Device Management - Using JC each user is assigned to their own device with only the rights to do their job - When elevated rights are required, this is done simply via the JC console for the period of time required
SSO - Using JC's SAML SSO integrations we are building out our SSO offering and this is making for a much simpler daily user experience
Works well with the free Authpoint client and the OpenVPN clinet.
Token management is simple and hosted completely in the cloud to reduce overall complexity
Setup was simple and and staighforward
Suppports several authentication methods we have used both RADIUS and SAML effectively, but ADFS, IDP, RDWeb, and RESTful API, and other custom apps are supported.
Geofencing for RDP has been very useful as it is independant of our firewall geofencing. This is quite useful for organizations like us who do not Geofence at at the firewall level so as to provide global access to resources on the DMZ.
SSO via OpenID - Opening up their SSO from just SAML to including OpenID (OAuth) would allow us to make more use of the service and to also incorporate it into some internal testing suites
Time Limited User Elevation - The ability to time limit a users elevation of privileges would be a great addition
Extending device management to include LPA - Least Privilege Access is becoming a bigger ask from our external auditors - Being able to do this via JC would be amazing
We frequently have people locked out because they type their one-time password into the QR code entry box. I wish we could choose to default to a one-time password for the organization. It would be even nicer if the OTP worked in the QR code box.
Being in the IT department, I have to set up many computers, which means I have to use Authpoint codes all the time. I wish there was a way to press a button at the top of the app and instantly refresh your codes. It takes forever when I'm signing into 20 different computers in a row because I have to wait for a new code to generate before I can sign into the next computer.
Today to ensure our ISO 27001 certification it is important that we maintain this solution. Today it is part of the way any employee within the organization works, we no longer have any other way of working and it is the simplest way to ensure that access to the workstation is done with MFA.
It's simple. I like how JumpCloud keeps things simple. Similar to Apple's ecosystem, they give you what you want with some extra features and bells and whistles but it doesn't take a large instruction manual to use it. They have the support system and KB articles to back up their product and learn about a feature and how to implement it
After initial setup, it practically runs itself. Onboarding new users is fast and easy as it should be. The AuthPoint mobile app is small and simple to use. The only reason I do not give it a 10 is that I frequently get complaints from end users that the AuthPoint app is "constantly downloading". In fact, it's not downloading anything and that what the users are seeing in the app is a timer for the 6-digit code that changes every minute.
I have rarely contacted support. When I have, the responses were within expected time frames, and easy to access. Community support is incredible, both from the JumpCloud representatives, and the user base community at large. The support pages on the website also are typically very well written and strike a nice balance between having the technical information needed, and also being easy to understand for the small business types that might not have as much of a technical background as an IT Admin.
WatchGuard support is always quick and reliable. They have urgency levels that you are able to select when creating your support ticket, and they respond in accordance to the severity that you have set. I have never had an issue with getting someone on the phone in the same business day, even for very low priority issues.
It was an Onsite demo at the ditributor with the benefits of Watchguard Authpoint. Was very nice to see the abilities of the product. This Demo was a few years back, since then Authpoint changed allot. It is very nice for partners that you can get this demo without any aditional cost.
We use the online training for all our employees. There are both sales and technical trainings available and there even is a technical certification. You can use this for the Watchguard Partner Program which can give you aditional benefits. Every now and then you have a webinar that discusses multiple Watchguard products.
the first time it takes more effort. It is helpful to already understand how each authentication type works. Then it's much easier to understand the MFA solution that you implement. It is useful to check the release notes from time to time and update the key parts of the Watchguard Authpoint. Authpoint Gateway, Logon App, RDWeb... Also, it's useful to set up notifications when something goes wrong or sometimes check the statistics of how many requests are being approved/denied, etc.
I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard OTP for admin accounts, so it can be managed by a team. Duo support however leaves a lot to be desired and gives Watchguard the edge
Some features would make more sense for us to be bundled by machine, instead of the user. We have fewer machines, and multiple users log into one machine, so doing something like paying per user for services like Patch Management are difficult to warrant the cost. I also feel a more complete package that includes common addon features; Patch Management and Password Manager, would be an improvement. It would also be nice if we could change packages, addons, and other billing services via self-service instead of reaching out to our account manager.
Our end uses found this product very easy to use. Using one overview session, I have not had to follow up with users to access the product.
Once deployed, other users in our environment heard about the ease of use. We then had a 25% increase in requests for the product.
This product has added to the overall satisfaction of users having to work offsite, attend conferences and other travel while still being able to stay connected to their work product.
