Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta helps IT become more secure and maintain compliance. The Okta service provides directory services, single sign-on, authentication, provisioning, workflow, and built in reporting. ment systems.
$6
per month per user
Zscaler Private Access
Score 9.3 out of 10
N/A
Zscaler Private Access™ (ZPA) gives users secure access to private apps and OT devices while enabling zero trust connectivity for workloads.
Should be well-suited for a SaaS business organisation as they have a lot of internal applications and need a role-based authentication system between the various teams, improving security and audit log system to account for any breaches. It integrates well with internal applications such as Salesforce and Oracle. Best when need of SSO.
Zscaler Private Access works really well in environments setup for FQDNs and where you know what users should/shouldn't be accessing on what ports. You can use Zscaler Private Access to figure out these kinds of features but that doesn't always mean you'll be correct. It also provides a consistent experience for users as they can access their materials anywhere. It also makes the user the last line of defense. If a user's account is compromised then the attacker has access to everything they already did. It doesn't work great in OT environments or Server based environments. Flows have to be initiated from the client and not the server for stuff to behave properly.
Connecting users remotely with a secure connection. I am a service desk agent who works with end users, and if there is an issue due to ZPA, it's most likely due to configuration. A really good service.
Logging, I believe, works well as I troubleshoot end users and can gather extra details for my network admin. IP.zscaler.com, and the debug logs are nice. Additionally, I like how it shows the App policy assigned to the user's machine ECT.
I do have to reset my password quite frequently. However, I don't think there is really a way to improve this, as it's a good security measure.
It makes me re-sign in a couple of times a day, sometimes if I haven't used my laptop for a couple of hours, and sometimes just randomly throughout the day.
It doesn't remember my devices, either my laptop or phone. so it always calls that out.
Needs an interface for Support Desk/Help Desk to more easily understand that the problem is a lack of an FQDN or access is not allowed due to policy, not because of a technical shortcoming in ZPA.
Documentation of the BC solution is not well-detailed.
Okta has a passion to provide secure and scalable identity solution. Their passion has come across as advocacy in a way that has deepened my knowledge of the field of authentication. I took identity for granted before but after seeing features such as external authentication I know that Okta can enable my business to reach new heights
The environment feels more secure, and we are seeing that users are adapting to it fast. The fact that we have tools to assist the users with their day-to-day access helps, as we can hand it off to the helpdesk without any escalations to the Network team. It is a work in progress for our agency, but we are seeing the benefits from the solution.
The Okta Identity Cloud advertises 4 9's of reliability and I would go as far to say that it may even do better than that. As a true Global organization that operates in just about every region of the world, we have yet to have an issue with The Okta Identity Cloud that has impacted our business operations.
From my perspective, for the things that my group uses it for, Okta is very fast. It is as least as fast as the local password database methods that it replaces on our campus enterprise services. I do not believe that it slows anything down at all. In fact, not having to think too much about the login, because they all look the same, probably speeds things up somewhat.
We've had a few support cases over the years and every case has been handled by the Okta support team beautifully. We received clear answers to questions we had regarding setup and even were provided simple to follow guides on how to setup their product to use with custom applications.
Okta is far superior in terms of integrations, user interface, automation, and connectivity. Additionally, Okta offers better support and availability, and a more robust solution across every capacity Entra competes in. Okta simply works, whereas Microsoft Entra has a large overhead that is difficult to use when configuring things.
ZPA is where the bulk of zero-trust access is found. While the functionality for ZIA is excellent, the policy we implement for internet access is more focused on threat prevention and not narrowly scoped access.
Being a cloud native application, The Okta Identity Cloud is extremely scalable and easy to setup. By integrating into existing directories and applications via standard techniques and protocols, it is very easy to both initially setup and add additional users as required. Once all the necessary integrations are setup, it's a simple rinse and repeat process to onboard additional users (which can be automated with imports as well)
Increased user productivity - not fighting with IT all the time!
Though there could be a bit more on the 'lost/broken phone' front, the self-service eliminates time that would typically be spent waiting for IT support/admins.
An Okta account under a certain domain allows proper access from the get-go, and under certain apps (such as our HRIS), adding members is easy.
Improved security - deactivating Okta removes all account access across multiple platforms instantly for leavers.
We used to get anywhere from 30 to 50 tickets surrounding our previous VPN solution every month. We now average 3-5 tickets regarding remote connectivity, and of those, only 1 or 2 are actual issues with ZPA.
Using ZPA Access Policies, we can now block endpoints that have outdated security software from ever connecting to our environment. This was simply not possible with our previous solution.
Some of our employee base skews older and had a harder time understanding the change from VPN to Zscaler.
There is significantly less downtime with ZPA when compared to other VPN solutions.