A good solution with one fatal flaw.
Modules Used
- WatchGuard AuthPoint
Overall Satisfaction with WatchGuard AuthPoint
We use Authpoint at various sites for adding MFA to applications like remote desktop, PC Login, and Email access. It does a good enough job, and users are generally able to self-enroll and use it without much issue. The one fatal flaw is that it does not support standard OTP generation, so we are unable to add it to our third-party password/login management solution. That means for all the techs that support the site, there is one shared login on one phone. If that person is unavailable, we are unable to access the site. For the majority of cases, that will be an acceptable compromise and the positives of the product are considerable.
Pros
- Ease of use.
- Lots of options for application support.
- Integrates well with other Watchguard products.
- High Quality Support
Cons
- Lack of OTP support.
- Flexibility for non-standard AD integration.
- Better documentation for third-party VPN integration.
- It has increased security and lowered our Cyber Insurance premiums.
- It has offset that by requiring licensing for each member of our tech team.
- It has very little maintenance costs.
TIS has enhanced ours and ours user's security by making the concept of easy to remember passwords obsolete. Gone are the days of adding a 1 to the end of the password when forced to reset. Will all passwords randomized, complex, and hidden, the instances of the password on a post-it has dropped to zero.
TCO
10
We use TIS's password manager to ensure that all users are complying with password policies regarding complexity and reuse. The reuse of passwords had been an issue in the past where employees were using the same password for almost all personal and professional accounts. We aren't yet taking full advantage of the darkweb features.
In the aforementioned issue regarding password reuse, we had a former user have their personal email password compromised but because they reused said password it allowed them into some work systems and caused some major downtime due to ransomware. TIS will prevent that going forward.
We worked with Vision33 Canada. They were great to deal with.
We have not transitioned our firewalls to the cloud-managed console, so we are currently not using the single pane of glass interface. That is something that we do intend to make use of.
The watchguard products are becoming easier to manage on a single control panel. We are in the planning stages of moving all of our firewalls into clound management.
- Cisco Secure Access by Duo and Eset Secure Authentication
I would slot Authpoint (as a product) as better than ESET but not Duo. ESET has the same limitations as Watchguard in the OTP support. It also is an on-prem installed console rather than a cloud, which increases cost and maintenance requirements. The duo now supports standard OTP for admin accounts, so it can be managed by a team. Duo support however leaves a lot to be desired and gives Watchguard the edge.
Do you think WatchGuard AuthPoint delivers good value for the price?
Yes
Are you happy with WatchGuard AuthPoint's feature set?
Yes
Did WatchGuard AuthPoint live up to sales and marketing promises?
Yes
Did implementation of WatchGuard AuthPoint go as expected?
Yes
Would you buy WatchGuard AuthPoint again?
Yes
Comments
Please log in to join the conversation