Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
$6
per user/per month
WatchGuard AuthPoint
Score 9.0 out of 10
N/A
AuthPoint Total Identity Security provides businesses with a solution to protect user accounts and credentials. With
multi-factor authentication and dark web credential
monitoring, AuthPoint mitigates the risks associated with workforce credential
attacks. AuthPoint adds an extra layer of security by monitoring for
potential credential exposure in the dark web for both personal and corporate
accounts.
Although there can be issues with authentication conflicts that may cause account lock-outs, Microsoft Authenticator is simple and effective. One upside to WatchGuard AuthPoint is the longer timer for the authentication code time length, especially for users that aren't "fast …
I have used Authy, google authenticator, last pass, and a few others; the push notification is definitely more convenient than having to go look for the app and type the token every time.
AuthPoint has better integration with the product stack. Simpler to implement. Less complex of a setup. Easier to explain to customers and easier training for the engineering/support team. Licenses per user are good value and affordable for the majority of our small and …
AuthPoint was a clear choice when comparing these products. With a mixed OS environment, Cisco Duo did not seem to work well. Azure MFA does not work with MAC OS. Watchguard AuthPoint met what we needed.
We use the Microsoft MFA also and I have used the Google Authenticator (only prior to the MS version being released, however). They are similar in terms of functionality of course, but I have not attempted additional integrations using SAML 2.0 or anything like that so cannot …
We selected Authpoint as we already had WatchGuard security appliances in use at our organization. We also began to evaluate the product based on a recommendation from our MSP. They have several customers that use Authpoint, so it was recommended. It was also nice that they had …
It is only worth purchasing because of the cheap price and integration with WatchGuard VPN. The downside in trying to test a MFA product is having to configure your products (Tableau Online, Office365) to use it and therefore all users immediately will have issues unless using …
It is especially good for organizations that are otherwise in the Microsoft ecosystem (Microsoft 365 applications). Microsoft Entra ID is really well supported sign-in method in various SaaS-applications and they often have step-by-step guides how to deploy the SSO with Microsoft Entra ID. It's less suitable for organizations that might use other productivity tools than M365 or do not have Windows-based computers.
We use multiple authenticators at my company. We use WatchGuard AuthPoint just for our VPN for security purposes. The app works very well and over the past year we've only had a handful of issues with the authentication service, and these were resolved relatively quickly. We do have to remind people to enable push notifications from the app, or have the app open when they need to use it to authenticate, otherwise they won't get the push to approve. The biggest issue I've found is that people will forget to do this and then say that the VPN isn't working - the VPN is working, it's just that they didn't get/approve the push from AuthPoint in time.
Single Sign-on helps ease the user experience, allowing users to avoid typing multiple passwords.
The identity and management are straightforward to use and easy to connect to other applications, as well as third-party applications.
The support of remote work. Nowadays, many people work from home and need to access their accounts. Microsoft Enterprise ID gives secure access to the company data.
Works well with the free Authpoint client and the OpenVPN clinet.
Token management is simple and hosted completely in the cloud to reduce overall complexity
Setup was simple and and staighforward
Suppports several authentication methods we have used both RADIUS and SAML effectively, but ADFS, IDP, RDWeb, and RESTful API, and other custom apps are supported.
Geofencing for RDP has been very useful as it is independant of our firewall geofencing. This is quite useful for organizations like us who do not Geofence at at the firewall level so as to provide global access to resources on the DMZ.
Probably the most primary thing is just the interface itself. It's frequently changing and so oftentimes we kind of have to go back and redocument our processes for our IT staff because the steps that they would take to perform a task one month. Now it's a totally different staff, new dashboard, even a new name for the product or the feature. So it would be nice if that stuff was a little bit more consistent.
Email support is SLOW unless I want to allow a stranger to access my production firewall. That is never allowed here, so our hands are tied in terms of being able to get support in less than 48 hours.
Again, support takes far too long because you refuse to employ any staff that works in US time zones during normal business hours.
There has to be another option besides: 1) you take full control of my systems or 2) I wait on SLOW email support that isn't that great.
MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.
Today to ensure our ISO 27001 certification it is important that we maintain this solution. Today it is part of the way any employee within the organization works, we no longer have any other way of working and it is the simplest way to ensure that access to the workstation is done with MFA.
I mean it's pretty good. It is click, click. I mean, oftentimes I can go to the expert or layer two support to get help. Suddenly I go to them. So it has to be pretty useful to be honest. I do a lot of, and there's a lot of, you could do research quickly online to find out how to do certain things. I think that's the only thing we can improve to in terms of kind of a best practice path is setting up it. But because I'm it profess of tons of years in co-management services, I can figure it out. But for others they may not be able to figure it out. You still need an IT person of course to translate all of that. But to me pretty straightforward. I come from the days of directory from 2008, 2000, Microsoft server 2000.
After initial setup, it practically runs itself. Onboarding new users is fast and easy as it should be. The AuthPoint mobile app is small and simple to use. The only reason I do not give it a 10 is that I frequently get complaints from end users that the AuthPoint app is "constantly downloading". In fact, it's not downloading anything and that what the users are seeing in the app is a timer for the 6-digit code that changes every minute.
I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had
WatchGuard support is always quick and reliable. They have urgency levels that you are able to select when creating your support ticket, and they respond in accordance to the severity that you have set. I have never had an issue with getting someone on the phone in the same business day, even for very low priority issues.
It was an Onsite demo at the ditributor with the benefits of Watchguard Authpoint. Was very nice to see the abilities of the product. This Demo was a few years back, since then Authpoint changed allot. It is very nice for partners that you can get this demo without any aditional cost.
We use the online training for all our employees. There are both sales and technical trainings available and there even is a technical certification. You can use this for the Watchguard Partner Program which can give you aditional benefits. Every now and then you have a webinar that discusses multiple Watchguard products.
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
the first time it takes more effort. It is helpful to already understand how each authentication type works. Then it's much easier to understand the MFA solution that you implement. It is useful to check the release notes from time to time and update the key parts of the Watchguard Authpoint. Authpoint Gateway, Logon App, RDWeb... Also, it's useful to set up notifications when something goes wrong or sometimes check the statistics of how many requests are being approved/denied, etc.
We've used other Microsoft products and we've also used some standalone products, like each application you can have its own identity, so we've looked at some of those too, but we try to use the Entra ID as much as possible because it offers a wider range of reliability.
I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard OTP for admin accounts, so it can be managed by a team. Duo support however leaves a lot to be desired and gives Watchguard the edge
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
I think it's had positive. It's enabled us to make authentication easier and more streamlined across the organization from frontline workers to back office workers.
It's allowed us to really adopt authentication policies and methods that suit that user and their work environment.
We currently have 300 users on Authpoint, and most of them use insecure passwords. Authpoint gives us peace of mind that we don't have to police individual employee passwords.
In line with the comment above, with so many people in our organization using insecure passwords, I'm sure that Authpoint has already saved us from many potential security breaches.
Security breaches can cost a lot of money. Preventing them saves the company money and helps to achieve our bottom line.
