Good MFA product if you already have a WatchGuard firewall. Tricky to set up and predominantly app based.
April 20, 2022
Good MFA product if you already have a WatchGuard firewall. Tricky to set up and predominantly app based.
Score 7 out of 10
Vetted Review
Verified User
Overall Satisfaction with WatchGuard AuthPoint
We wanted to improve the security of our VPN solution by implementing MFA. We were already long-term users of WatchGuard products (15 plus years) and it seemed a natural choice to use WatchGuard AuthPoint. We investigated and trialed a number of other MFA options, but for a specific case where all the network traffic is passed through the VPN tunnel, the WatchGuard solution was most appropriate.
- It works consistently
- Integrates with existing WatchGuard firewalls
- Management interface makes user management simple and straightforward
- Set up instructions are poor
- Lack of help setting up product which is very complex with many different components
- I failed to set up the IPsec protocol so in the end gave up using this connection method
- Predominantly can only be used as a phone app, token support is limited
- Hopefully my users are more secure
- It's a small price to pay if it protects even one user
We have implemented both Azure VPN Gateway & Cisco Duo in our environment alongside AuthPoint. Each has a different use case. Azure VPN client (we are using this with O365 MFA) is a split tunnel solution, relatively cost-effective and easy to use - the beauty of the solution is it integrates with our existing O365 MFA Cisco Duo we are using for protecting local admin accounts on both Windows and Linux, we are not using it as part of a VPN solution, we could but that would require buying a Cisco appliance.
It is a cloud product, but requires a gateway server to be installed on-prem. We tried with WatchGuard support to link this to our Azure AD and it failed, so the solution was to use our on-prem AD server. I would question the entirety of it being a cloud solution.
Indeed the app works well; however, since we don't provide every employee with a work phone, a number of people have complained that this is predominantly the only way of connecting. Wider token support would be welcomed.
We still have multiple systems for users to log into which can't be accessed through AuthPoint, so I don't feel we have solved any problems.
Do you think WatchGuard AuthPoint delivers good value for the price?
Yes
Are you happy with WatchGuard AuthPoint's feature set?
Yes
Did WatchGuard AuthPoint live up to sales and marketing promises?
Yes
Did implementation of WatchGuard AuthPoint go as expected?
No
Would you buy WatchGuard AuthPoint again?
Yes