Likelihood to Recommend SAP Identity Management manages organization identities centrally with a great amount of flexibility and efficiency. Compared to the conventional SAP solution of central user administration (CUA), SAP IDM (version 7.2/8.0) delivers a great number of benefits like: 1. Availability of connectors for non-SAP application identity management,
2. Modular/granular access management in the form of context-based business role definition.
3. It can be integrated with the SAP HR system for making entire user identity management automatic.
Read full review It's well suited for large and medium-sized companies looking to increase their security and comply with local regulations. Smaller companies probably wouldn't see the same benefit because the cost of convenience wouldn't be as attractive. Anyone handling credit card information, medical information, or secure customer information could greatly benefit from this solution.
Read full review Pros In my previous organization, to achieve the granularity of access based on organization restrictions, we implemented enabler role-based security roles. Provisioning the enabler roles through the SAP GRC was a great challenge (realistically improbable). Here came the SAP IDM to our rescue. It has a peculiar feature of context-based business role provisioning feature. Customized context & its association with security roles & user HR attributes, give us unique ability to achieve granularity of access provisioning. SAP IDM integrates with the SAP HR system and identity management becomes automatic. Read full review Works well with the free Authpoint client and the OpenVPN clinet. Token management is simple and hosted completely in the cloud to reduce overall complexity Setup was simple and and staighforward Suppports several authentication methods we have used both RADIUS and SAML effectively, but ADFS, IDP, RDWeb, and RESTful API, and other custom apps are supported. Geofencing for RDP has been very useful as it is independant of our firewall geofencing. This is quite useful for organizations like us who do not Geofence at at the firewall level so as to provide global access to resources on the DMZ. Read full review Cons SAP Identity management should come up with connectors for almost all not SAP applications, which will enable the use of SAP IDM as a one-stop solution for organizations' identity management. Read full review Integration with on-premise AD is not working, even after speaking with the support team, it could not get resolved. There is no better documentation on this topic as well Integration with Azure AD is not supported without the presence of on-prem AD Logs information is not precious, it provides a generic code in some cases, making it harder to troubleshoot. The Watchguard AuthPoint App in AppStore has some issues, after it's activated there is no approval request being sent to the phone, and there is no way to troubleshoot this, the only way to make it work is by uninstalling the app and reinstalling it again. Read full review Likelihood to Renew Today to ensure our ISO 27001 certification it is important that we maintain this solution. Today it is part of the way any employee within the organization works, we no longer have any other way of working and it is the simplest way to ensure that access to the workstation is done with MFA.
Read full review Usability After initial setup, it practically runs itself. Onboarding new users is fast and easy as it should be. The AuthPoint mobile app is small and simple to use. The only reason I do not give it a 10 is that I frequently get complaints from end users that the AuthPoint app is "constantly downloading". In fact, it's not downloading anything and that what the users are seeing in the app is a timer for the 6-digit code that changes every minute.
Read full review Reliability and Availability It failed a couple of times for a period of an hour or so, where systems were down.
Read full review Performance Never had a problem with Authpoint servers.
Read full review Support Rating As IDM heavily relies on JAVA/SQL as a development language, finding skills resources sometimes becomes challenging. But SAP has strong support available for this product which makes it reliable for long term use within an organization.
Read full review WatchGuard support is always quick and reliable. They have urgency levels that you are able to select when creating your support ticket, and they respond in accordance to the severity that you have set. I have never had an issue with getting someone on the phone in the same business day, even for very low priority issues.
Read full review In-Person Training It was an Onsite demo at the ditributor with the benefits of Watchguard Authpoint. Was very nice to see the abilities of the product. This Demo was a few years back, since then Authpoint changed allot. It is very nice for partners that you can get this demo without any aditional cost.
Read full review Online Training We use the online training for all our employees. There are both sales and technical trainings available and there even is a technical certification. You can use this for the Watchguard Partner Program which can give you aditional benefits. Every now and then you have a webinar that discusses multiple Watchguard products.
Read full review Implementation Rating the first time it takes more effort. It is helpful to already understand how each authentication type works. Then it's much easier to understand the MFA solution that you implement. It is useful to check the release notes from time to time and update the key parts of the Watchguard Authpoint. Authpoint Gateway, Logon App, RDWeb... Also, it's useful to set up notifications when something goes wrong or sometimes check the statistics of how many requests are being approved/denied, etc.
Read full review Alternatives Considered SAP IDM offers a great deal of benefits/features compared to conventional access provisioning with SAP.
1. Conventional SAP user administration solution like CUA has great limitations. e.g. only SAP systems can be managed. Low-performance issues, unreliable access provisioning, and risk analysis were missing.
2. SAP IDM integrates with SAP GRC solution to perform the reliable risk analysis before access provisioning. Its context feature allows granular access provisioning.
Read full review I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard OTP for admin accounts, so it can be managed by a team. Duo support however leaves a lot to be desired and gives Watchguard the edge
Read full review Scalability We are a medium-sized company. We don't need rapid scaling.
Read full review Return on Investment SAP IDM has the huge potential to minimize risks arising out of disorganized identity management within an organization. As all identities are managed centrally, there is very little room for manipulation of an identity. As this solution has the ability to integrate with SAP GRC, risk analysis becomes mandatory before any access provisioning takes place. As the solution is automatic, hiring to employee exits is managed with a minimal margin of error. Read full review Our end uses found this product very easy to use. Using one overview session, I have not had to follow up with users to access the product. Once deployed, other users in our environment heard about the ease of use. We then had a 25% increase in requests for the product. This product has added to the overall satisfaction of users having to work offsite, attend conferences and other travel while still being able to stay connected to their work product. Read full review ScreenShots WatchGuard AuthPoint Screenshots