1. Home
  2. Authentication Systems
  3. WatchGuard AuthPoint Reviews
  4. User Review of WatchGuard AuthPoint
WatchGuard AuthPoint - The potential is there however so is need for further improvements
Updated March 07, 2024

WatchGuard AuthPoint - The potential is there however so is need for further improvements

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with WatchGuard AuthPoint

WatchGuard AuthPoint is being used in all our company departments, for the authentication of all our users when they connect to our network remotely via SSL VPN. We also use Authpoint for the user authentication on our NextCloud installation. We intend to use it in the future for granting access to specific applications via the WatchGuard Access Portal on our Fireboxes.
  • Only one device allowed to have each token.
  • Online token requirement for push notifications adds extra security.
  • Very fast authentication.
  • Firebox-DB users can't use AuthPoint as second form of authentication e.g., authenticate Firebox-DB users with their local password and then use AuthPoint push notification.
  • AuthPoint authentication responses are not bound to a specific authentication request. The correlation between the authentication response and the authentication request is purely time based. Any authentication response for a specific user that is received in a specific time frame since the request was made is accepted as a valid response, even if it belongs to another authentication attempt!!! This does leave room for error and exploits.
  • There are no AuthPoint password complexity policies that can be enforced to the AuthPoint users.
  • There is no setting for each company to enforce a password reset of all company AuthPoint users every xx days.
  • There is really no value that one can put on security!
  • Just think of what would happen if there was a breach into the company network...
  • There no too much when security is concerned!
  • The peace of mind Authpoint has given us is of great value to us!
We can NOT detect password reuse, so we can't enforce any policies to avoid it. Authpoint does add an extra security layer, thus it is reducing the impact of a possible credentials leak.
Well you can always use solutions from 2 separate suppliers, but as it is obvious an joined / bundled solution has many advantages. You do not need to worry about compatibility issues, or make the extra effort to solve these issues. WatchGuard AuthPoint Total Identity Security just offers all you need without any intergration problems. Also having only one supplier to talk with makes things much easier!
WatchGuard AuthPoint Total Identity Security (TIS) offers a corporate password manager. We used to have a similar solution from another provider, but having one single product instead of two, does make your life easier!At the time we do not have a need to use the dark web monitoring capabilities, but we expected this to get needed more are times go by and the dark web threats get bigger and bigger!
The main reason why we selected WatchGuard AuthPoint is first of all the obvious one. We also have Firebox firewalls from WatchGuard. Aside form that they have very competitive pricing compared to the other available alternatives. Also they offer the online push notification that is way more secure than all those offline tokens.
Things did not use to be that simple at all, when we first used WatchGuard AuthPoint with our SSL VPN connections on the WatchGuard Fireboxes. One would have to setup a radius server on a domain controller and pass all the connection traffic between the Firebox and AuthPoint through an Authentication Gateway on a DC. And then set up at least one more Authentication Gateway to ensure high availability. However since version 12.7 of Fireware this is no longer needed. That was a much expected change that did really make things a lot simpler and did make us very happy!
Most users did like the extra security the mobile token offered, as they are aware of the fact that similar solutions were used by all external partner employees that have visited us. So most of our users recognize that this is a standard way of authentication these days. There were of course a few users that complained about the extra steps needed, but this is really to be expected on any such change. Overall we would consider the reception by our users to be more than positive.
We have not used the Access Portal yet, but plan to do so in the future. So we have no experiences about it so far, but we expect this to be as smooth as the migration to the SSL VPN authentication via WatchGuard AuthPoint and the NextCloud authentication. However the aim here is to make access more secure. we do not expect any reduction the number of involved passwords...

Do you think WatchGuard AuthPoint delivers good value for the price?

Yes

Are you happy with WatchGuard AuthPoint's feature set?

Yes

Did WatchGuard AuthPoint live up to sales and marketing promises?

Yes

Did implementation of WatchGuard AuthPoint go as expected?

Yes

Would you buy WatchGuard AuthPoint again?

Yes

WatchGuard AuthPoint does work well for the authentication of SSL VPN users, as well as our NextCloud user authentication. It will probably also work fine if set up to be used for the user authentication on the Access Portal of the Firebox. It could probably also be used for other remote access scenarios like Citrix remote clients and so on. Windows login security can also be greatly improved when Authpoint is used with it. We are also looking into this scenario at the time.

Using WatchGuard AuthPoint

51 - Our Authpoint users come from all departments that have users that can work remotely, thus the users that have laptops.
1 - Support for Authpoint is rarely needed, but when it is we have 1 person that can provide it.
  • Remote Connections via SSL-VPN
  • Connections to our NextCloud installation
  • Connections to our internal network via Wi-Fi
  • Connection to our internal network via Wi-Fi
  • Windows Login via Authpoint
We are very happy with Authpoint and see no reason to make any change to it. If only there was a policy to set minimum password strength requirements and to force users change their password every xx days, then it would be a 10!!!

Evaluating WatchGuard AuthPoint and Competitors

  • Integration with Other Systems
  • Ease of Use
Well as are using Watchguard Firewalls, it was an obvious choice to use Authpoint, as it would assure maximum compatibility for the authentication of our SSL VPN users.
Would only change Authpoint if we ever decided to use firewalls from another company... As long as we have our Fireboxes, Authpoint is the only way to go!

WatchGuard AuthPoint Implementation

If we first made the implementation now, score would be at 10. When we first made it, the need for a Radius Server did make it hard for us to implement. However a Radius server is no longer needed in the newer Firebox versions, in order to authenticate SSL VPN users via Authpoint. :))
  • Implemented in-house
Change management was minimal - The adoption of Authpoint was very smooth. All our users did like it and we have not had any complaints about it!
  • At the beginning, when we first deployed Authpoint, the use of an internal radius server was necessary. This gave us a hard time at the initial deployment. This is no longer needed now, so things are much simpler now!

WatchGuard AuthPoint Training

  • No Training
Now that no Radius server is needed for SSL VPN user authentication, if one follows the provided guide, it is easy to make the implementation. No extra training would be needed!

Configuring WatchGuard AuthPoint

We think that Authpoint's configurability is a bit limited. We really hope to get some extra options about a policy that will force the users to reset their password every xx days and another policy that will enforce the complexity level for the passwords users can set in Authpoint.
Don't be afraid of the process. Just start following the guide and everything will fall in place!
No - there is no facility to customize the interface
No - the product does not support adding custom code
We just added the company logo to our Authpoint tokes, to be able to easily differentiate them from the other tokens we store on Authpoint mobile.

WatchGuard AuthPoint Support

ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
No escalation required
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
We have no premium support for Authpoint, as this service as stable as it can be! However we have Gold support (Total Security) for our pair of Fireboxes...
All the times (not many) I needed to contact Watchguard support about Authpoint, the initial response was ultra fast and the issue was resolved very fast.
Yes - Yes, the reported bug was resolved a couple of months later.
When we last renewed our Authpoint licenses, we had 2 activation codes, an older one and a newer one. We wanted to keep the license count of the newer license and add the older license key to extend the duration of the licenses. Also the older license count was higher than the license count of the newer activation key. So we let the older license expire to be able to reduce the license count and then we entered to 2 activation keys. It turns out that we had entered them in the wrong order and the result was that we activated the user count of the wrong activation key (much lees users than we need) and this got a huge duration period! Support resolved this immediately, reset the activations we had made and gave us instructions on how to properly install the license keys!

Using WatchGuard AuthPoint

ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
Familiar
None
  • SSL VPN Authentication via Authpoint is very easy and fast as well
  • NextCloud Authentication is as easy as it gets if you need MFA!
  • It is no possible at all to set a policy to force the users to reset their Authpoint password every xx days.
  • It is not possible at all to set a policy the enforce the complexity level of Authpoint passwords
Authpoint is very easy and very fast to use. Our user have been able to adopt to it right away when we first implemented it...
Yes - Authpoint mobile is great and very easy to use. It also allows adding tokens from other services, which has allowed us to use it as a universal token storage for all the tokens our users have, even the 365 tokens!

WatchGuard AuthPoint Reliability

Never had a problem with Authpoint servers.

Integrating WatchGuard AuthPoint

The Nextcloud integration guide could be a bit better.
  • NextCloud
We followed the provided guide for the NextCloud / Authpoint integration and all worked just fine!
  • Windows Login
Not sure yet, but we are thinking about using Authpoint for Windows Login as well, at least for our laptops.
  • Single Signon
Would like to use Auhpoint for 365 as well, but from what we have read in the guide it seems to complex, so this has made us put off our initial thoughts about 365 integrations.

Relationship with WatchGuard Technologies

We had no issues at all with the vendor. All ran smoothly!
One time we needed help from the vendor at our initial purchase, the vendor was happy to help us and we were happy with the results!
We made no negotiations with the vendor. They were offering the best price in the market, so there was no margin to negotiate about.
Make a good market search before choosing your vendor. There are vendors that are much cheaper than the average and others that have way to high prices...

Upgrading WatchGuard AuthPoint

Yes - Yes, upgrade was without any issues!
  • Just made the upgrade, did not check the version history to see the changes.
  • Really looking forward to an option to force users to change their Authpoint password every xx days
  • Also would like an option to enforce the password complexity level