We are using Microsoft Entra ID every day for SSO authentication for our end users. We sync local active directories with Entra, register applications for SSO, assign licenses with dynamic security groups, and utilize it for enterprise applications.
It leader infrastructure server at a manufacturing company with 1,001-5,000 employees
We could securely enable MFA access on most of our applications
Pros and Cons
- "Entra ID's ability to sync with the local Active Directory provides redundancy, allowing authentication via cloud features even if the local Active Directory faces issues. The SSO features with app registrations are also crucial, as we use Azure globally, allowing role and permission assignments directly from Entra."
- "I would rate Microsoft Entra ID 10 out of 10."
What is our primary use case?
How has it helped my organization?
The solution has improved our application security because we can deploy app registrations on our enterprise applications. We could securely enable MFA access on most of our applications.
What is most valuable?
Entra ID's ability to sync with the local Active Directory provides redundancy, allowing authentication via cloud features even if the local Active Directory faces issues. The SSO features with app registrations are also crucial, as we use Azure globally, allowing role and permission assignments directly from Entra.
For how long have I used the solution?
I have used Entra ID for eight to 10 years.
Buyer's Guide
Microsoft Entra ID
December 2024
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability of Microsoft Entra ID is excellent. We haven't experienced any issues.
What do I think about the scalability of the solution?
At the moment, it accommodates all our needs, and we have not encountered any scalability issues.
Which solution did I use previously and why did I switch?
Previously, we used local Active Directory, specifically an on-premises solution.
How was the initial setup?
The initial setup was straightforward.
What other advice do I have?
I would rate Microsoft Entra ID 10 out of 10. It's a good product that's easy to deploy and manage, with no significant learning curve to adapt to various features.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Dec 17, 2024
Flag as inappropriateVP of IT at a financial services firm with 51-200 employees
Makes user management easy and works very well with the Microsoft ecosystem
Pros and Cons
- "The user management groups are valuable. It is a pretty basic product, but user management, in general, is valuable with the ability to differentiate between business lines and add different policies, group-based management, and dynamic user groups."
- "Allowing for more customization would be very useful. There is a limited metadata capability. When you look at a user, there are only six pieces of information you can see, but organizations are way more complex, so having that metadata available and being able to use that for dynamic user groups and other policies would be very helpful."
What is our primary use case?
We use it for access and identity management.
How has it helped my organization?
Microsoft Entra ID has improved the way we administer the technology. One strong capability is our ability to use single sign-on. Using identity is an important component of our security, so we have been able to consolidate. Instead of having to manage users for different applications, we use single sign-on. We use Microsoft Entra ID to be the core of identity management across all applications. We have the capability to do so, so it reduces the burden of onboarding, offboarding, and giving different permissions because we have a centralized way to handle that.
Microsoft Entra ID does a pretty good job of providing a single pane of glass for managing user access. For zero trust and the more modern security approaches, it is key to have a single pane of glass. We are able to be very regimented and have processes that are repeatable and reproducible. It provides that consistency, so it is easier to be very consistent.
Microsoft Entra ID has helped to save time for our IT administrators, but I would have a hard time quantifying that. We do not have a lot of users. We are dealing with hundreds of users and not thousands or tens of thousands of users. We are able to use logic and rules to handle most permissioning versus having to do administrative things manually. There is less touch. We touch it only when we have to troubleshoot. If we have a good set of rules, it handles what we need to handle.
What is most valuable?
The user management groups are valuable. It is a pretty basic product, but user management, in general, is valuable with the ability to differentiate between business lines and add different policies, group-based management, and dynamic user groups.
What needs improvement?
Allowing for more customization would be very useful. There is a limited metadata capability. When you look at a user, there are only six pieces of information you can see, but organizations are way more complex, so having that metadata available and being able to use that for dynamic user groups and other policies would be very helpful.
For how long have I used the solution?
We have been using Microsoft Entra ID for six years.
What do I think about the stability of the solution?
For the most part, it is very stable. I am not worried about its stability.
What do I think about the scalability of the solution?
It is very scalable.
How are customer service and support?
Typically, the people who provide us support want to provide good service, but overall, there is a lot of room for improvement because the subject matter experts basically follow the script, and sometimes, they neglect to listen to what we are asking for. We would have already gone through the steps, and we explain it, but we have to repeat ourselves multiple times.
Which solution did I use previously and why did I switch?
In my past experiences, I have used Okta and the other ones. In my current organization, I have not used any other solution. When I came in, thankfully, we had Azure AD. We stuck with it, and we made that the primary. It is not perfect for sure, but it works very well in the Microsoft ecosystem. It works well together with Intune and other Microsoft solutions. Because we have a single stack in Microsoft, it works very well with Intune. In the past, I have had different identity and access management, and then you have interoperability issues. Even though Microsoft Entra ID is not perfect, there is less of that. You get one vendor, and usually, things work out eventually.
How was the initial setup?
I was not involved in its deployment in my current organization, but I was spearheaded into bringing from a basic use case to a lot more security and a lot more automation and manageability.
Initially, the initial setup was very basic, and then we modernized it and improved it. We used a lot more policy, and dynamic user groups were a big aspect of that single sign-on in the app management, app registration, and various other aspects.
What about the implementation team?
We took a little bit of external help to make sure that our approach was optimized.
What was our ROI?
It is difficult to quantify that. Because there is the cost of switching, usually, it ends up being a wash.
What's my experience with pricing, setup cost, and licensing?
Pricing could always be better. You pay the premium for Microsoft. Sometimes, it is worth it, and at other times, you wish to have more licensing options, especially for smaller companies.
Which other solutions did I evaluate?
We are currently not evaluating other options.
What other advice do I have?
I would rate Microsoft Entra ID an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Microsoft Entra ID
December 2024
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Senior Technical Architect at a tech vendor with 10,001+ employees
Connects with other SaaS solutions, and SSOs with MFA make authentication much easier
Pros and Cons
- "It's multi-tenant, residing in multiple locations. The authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on."
- "One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level."
What is most valuable?
The most valuable features are
- authentication
- authorization
- two-factor authentication
- I have never had a failure.
It's multi-tenant, residing in multiple locations. Authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on.
It also has a variable extension, which is an added value because in Active Directory, if you have to do a schema, you have to make changes on multiple Active Directory instances. But here, as the extension attribute can be done from the application level, it helps you provide the provisioning.
Another good reason for using Azure AD is that it can connect with other SaaS services. It also has SSOs, which, along with the MFA, makes authentication much easier.
What needs improvement?
One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level.
Also, some of the provisioning filters are not capable enough. You cannot do a date filter on the provisioning.
Perhaps they could also have easy protocols to create the accounts. Instead of just a file upload, they should have an easy connector to do the provisioning part.
For how long have I used the solution?
I work in a service-based company and I've been using Azure Active Directory for my customers for around 10 years now.
What do I think about the stability of the solution?
From 2020 to 2022, there have not been more than two or three outages, and none was more than three to four hours long. And those outages may not have occurred the whole time in the entire environment, they may only have been in certain places.
When there is an outage, the end-user experience is affected, but that happens in AWS and in Azure. It happens with any SaaS product. Overall, it has not affected the end-user experience, but when there is an outage in Azure, it will have an impact on our environment.
What do I think about the scalability of the solution?
It's scalable, but if you need more than one region, you have to pay for it. You have to think about how you want the service to be available.
How are customer service and support?
The technical support is good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is easy and straightforward. Setting up Azure AD doesn't require you to do anything. You buy the product from Microsoft and Microsoft sets it up for you. You just establish the connectivity to it. It does not take more than a week or two to complete the setup.
The number of employees you require for deployment and maintenance of the solution depends on how you have set up your provisioning platform. If it is automated, you can have one resource. If you're still in manual, then it depends on the volume of the workload.
What's my experience with pricing, setup cost, and licensing?
Licenses are based on the usage. There is no cap. It's based on the number of users we provision.
A SaaS solution is the best product. You get it at a better price and you have many Windows-based services that are included for free.
What other advice do I have?
I would definitely recommend using Azure AD. Many companies are moving from other vendors to Azure because every company uses Office 365 anyway for Word, Excel, and PowerPoint. As soon as you use that, by default, you get an Azure AD account. If you have an Azure AD account, you definitely have features to use. Why would you want to go for another product?
Overall, I haven't seen any major issues with the product.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Responsible Systems at Fnac
Easy to install, quick to deploy, and secure
Pros and Cons
- "It offers good Microsoft integration capabilities."
- "The pricing is okay, however, it could always be better in the future."
What is our primary use case?
Microsoft Authenticator is the tool provided to assure that we are using the Microsoft product in the correct way, from the Microsoft point of view.
What is most valuable?
It's two-factor authentication. I personally use several of them, from Google to Microsoft Authenticator to others. It's a solution that works.
The solution is stable.
The product is easy to install and quick to deploy.
The solution is secure.
It offers good Microsoft integration capabilities.
What needs improvement?
For the moment, I don't have any complaints.
The pricing is okay, however, it could always be better in the future.
What do I think about the stability of the solution?
It is a stable, reliable product. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
In terms of scalability, we don't have complaints about this from the users of this kind of solution.
Several people in our company use the product. I am unsure of the exact number.
How are customer service and support?
When we have problems, we don't go to Microsoft; we complain internally to a group that is responsible for keeping this working. I can't speak to how Microsoft's support is. I've never directly interacted with them.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I also use Google Authenticator.
I need to use different services to log on. Microsoft promotes its own solutions. For my bank, for instance, I have a solution imposed by my bank. For Google, I have Google Authenticator. For Microsoft Plus. I have Microsoft Authenticator. For our VPN, we use FortiGate, the authenticator.
How was the initial setup?
The installation is easy. You can do the installation on mobile phones and it can be installed on the web. It's not a problem.
The deployment is fast and only takes about two minutes. It's supposed to be done by the end-user.
What about the implementation team?
I have done the implementation myself. I did not need the assistance of any integrators or consultants.
What's my experience with pricing, setup cost, and licensing?
I don't pay a separate licensing fee. It's already included in the service we buy from Microsoft.
I'd rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Lead at Freelance Consultant
Offers multi-factor authentication, improves the security posture, and is quite stable
Pros and Cons
- "With Azure Conditional Access you can specify network locations where you want some of the services in the organization to be available to users, and where you don't want users to have access."
- "The product needs to be more user-friendly."
What is our primary use case?
I use a Microsoft 365 cloud deployment and I have an organization where users are created. All of these users are hosted in Azure AD. I send emails in Exchange Online.
For collaboration, we use Teams and SharePoint. Basically, all of these Microsoft products are on Azure AD. This is due to the fact that for you to use any of these products, users have to be created and these users are being hosted in Azure Active Directory. Without the users in the first place, the products are not used.
What is most valuable?
The most valuable aspect of the solution is the ability to create users and host them in Azure AD. That is the bedrock - whatever it is you are doing, you're building on the fact that you have users created. We have Microsoft Teams to manage users and also to manage groups which allow us to manage collaborations and do all sorts of things.
Azure AD has features that have helped improve our security posture. It contains the Azure audit logs that allow you to also audit activities in the organization including those that have happened over a period of time. There is Azure sign-in that allows you to check for sign-in over a period of time for users.
From Azure Active Directory you can actually identify the IP address and run checks or maybe block the IP to improve the security posture of the organization.
The Azure sign-on and audit logs are very handy for a regular admin. They offer the most basic admin solutions to carry out activities on Azure security settings to identify potential threats and carry out some corrective actions on it.
We can use Azure Active Directory to deploy enterprise applications to incorporate third-party applications into the organization and make them available to users. You can put in place multilingual authentications and you can specify the kind of authentication you want to be available for your organization.
Most recently, you can use password-based authentication and multi-factor authentication, which allows for the ability to bring on third-party applications and to incorporate them and deploy them for users.
With Azure Conditional Access you can specify network locations where you want some of the services in the organization to be available to users, and where you don't want users to have access. You can customize and define conditional access to whatever suits the organization and based on what you want, including information protection. You can get conditional access depending on the license you have.
What needs improvement?
From my personal experience, I'd say that the features need to be more visible to make the product easier to explore for new users. They need to make it possible for someone with very little knowledge to come in and find things. The product needs to be more user-friendly.
The solution needs to update documentation much more regularly. They need to just come out and update the documentation to reflect new features and make sure the updates are included in the already existing documentation so that someone like me can just pick up the documentation, read it, and know that it is very up-to-date listed and has all the new features contained within it.
For how long have I used the solution?
I have been using Azure Active Directory Office 365 for over two years.
What do I think about the stability of the solution?
The solution is exceptionally stable. It's just a way to go on another solution, however, that said, I've noticed a 99.9% stability.
What do I think about the scalability of the solution?
It's my understanding that the solution is very scalable.
In my experience, I've managed hundreds of users on this product.
How are customer service and support?
We can contact and support directly from the Azure Active Directory if we get stuck. As long as you are actually on the most basic billing subscription, you will be able to access assistance. That said, depending on the Azure license you have, you can get access to technical support for Microsoft Azure Active Directory.
My personal experience with using Microsoft support has been positive. I want to be fair, to be very honest, and the Microsoft support has to be one of the most agreeable out there as all you need to do is just submit the ticket and you get someone to contact you very quickly. They are always available. From the perspective of Azure Active Directory, as long as you have the required license you can contact the corresponding level of support. You can be sure of getting corporate support when you need it.
Which solution did I use previously and why did I switch?
Previously, the organization had an environment where we managed everything locally. Azure Active Directory actually was our first entry into cloud solutions. We have not used other cloud solutions apart from Azure Active Directory.
How was the initial setup?
The difficulty or ease of the initial implementation depends on the company and the level of experience as well as the level of knowledge of the IT team. The experience needed for cloud solutions is relative. I can say it's straightforward and even with a little experience or knowledge it is straightforward. The documentation is available and you can read and follow the documentation to handle the process. Of course, for new users, it could be a bit more straightforward.
For me, provisioning takes a few minutes - maybe between ten to 20 minutes. Normally it should take less than 30 minutes.
For this particular instance, we needed to add multiple users individually and sometimes as a bulk upload in the case of inboxes. Some needed third-party services. The documentation made the process pretty easy, however, when we did have issues, we could reach out to technical support to finish anything up.
What was our ROI?
We have seen an ROI. It's actually cut some costs. Initially, we were using a local environment. Now, we've almost rid ourselves of one of our local environments. Moving to the cloud has saved us a lot of costs and actually, it's a very good experience. It's cost-effective compared to what we used before. It's better in terms of lowering our overall expenditure.
What's my experience with pricing, setup cost, and licensing?
The prices are not too out of place. We're just gradually getting out of COVID and Microsoft is actually putting some renewals, licenses, and some products out just to cushion the effect of license costs as companies recover. With Microsoft, some products also offer free trials.
We'd like to see more of a discount on existing licenses. They also need to consider having some free licenses, some free subscriptions.
What other advice do I have?
I'm actually a customer. I have an environment in my home meaning I have a subscription that I've paid for. However, I also do consultancy based on the knowledge I currently have. I offer my knowledge to other organizations.
I would advise new users to allow open demos of cloud solutions and figure out what is on offer, what is available, or what can be made better. By doing a POC, you'll get to see resources used and what it's like to handle an environment entirely in the cloud. Organizations can consider gradually moving over or they can actually move completely to the cloud depending on what they want to do.
I'd rate the solution at an eight out of ten. It's a good solution, especially for companies following the trend of moving onto the cloud. There's always room for improvement, however, currently, they are doing very well.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Specialist at TechForce Cyber
Effortless privilege management with good policies and restriction controls
Pros and Cons
- "The features I find most valuable are conditional access, privilege management, and dynamic groups."
- "Microsoft often changes settings, and many features are scattered."
What is our primary use case?
The primary use case for Microsoft Entra ID is enterprise or company-wide system management. It allows us to join most systems, regardless of their location, to the active directory of the company's domain. This is particularly useful for managing PCs for remote workers and securing their devices.
How has it helped my organization?
Microsoft Entra ID has made managing users easier, as well as sending out policies and implementing restrictions. It simplifies the management of IT infrastructure.
What is most valuable?
The features I find most valuable are conditional access, privilege management, and dynamic groups. Conditional access allows us to set specific policies for security purposes. Privilege management enables us to assign specific roles to users, such as user administration, without giving everyone admin rights.
What needs improvement?
Microsoft often changes settings, and many features are scattered. It would be helpful if settings were grouped under a specific category, like authentication, to make it easier for beginners. The platform can be overwhelming for new users, so consistent organization of features is needed.
For how long have I used the solution?
I have been working with Microsoft Entra ID for a good part of five years, migrating over from when it was previously named Azure Active Directory.
What do I think about the stability of the solution?
There can be outages or times when the portal is unresponsive, which is why I would rate the stability a seven.
What do I think about the scalability of the solution?
I have not encountered any issues with scalability; it is for everyone. So, the scalability rating is ten out of ten.
How are customer service and support?
I haven't raised any tickets with technical support, as I was part of the Microsoft technical support group.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
No other solutions were used previously.
How was the initial setup?
The initial setup is straightforward due to my experience, however, I would rate it a six or seven out of ten for someone new. Issues arise if users make incorrect choices during the out-of-box experience.
What about the implementation team?
The deployment requires one person to create user profiles and assign relevant permissions, though two to three people may be needed for advanced features.
What was our ROI?
Business process-wise, Microsoft Entra ID makes managing users and IT infrastructure easier.
What's my experience with pricing, setup cost, and licensing?
The pricing is fair compared to other products, and I would rate it a five out of ten for value for money.
Which other solutions did I evaluate?
No other solutions were evaluated.
What other advice do I have?
For seamless integrations with other services, Microsoft Entra ID is likely the easiest tool. I would recommend it to others.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Oct 22, 2024
Flag as inappropriateCompliance Consultant at a aerospace/defense firm with 1-10 employees
Stable and scalable solution with a well-documented site and good security features
Pros and Cons
- "The security and compliance features are very helpful. The online information on the site is well documented."
- "My problem with Azure AD is that it's designed for medium to large systems, and we're not that large."
What is our primary use case?
I am using Azure AD to assist a client with COCC level one and level two certifications. The primary use of the solution is its conditional access feature to enforce fine-tuned and adaptive access controls. The robustness of a zero-trust strategy to verify users has helped in implementing zero trust right now.
How has it helped my organization?
The client has to have a clone network storage and manage the services it provides to the handful of people he works for. The control and identify data do what it is supposed to do, as advertised, but the client is not utilizing those features.
What is most valuable?
The security and compliance features are very helpful. The online information on the site is well documented.
What needs improvement?
One thing I would like to see is when you're doing control measures if you could globally apply them instead of going through every user individually. I looked at this problem twenty years ago, and it has stayed the same. In twenty years, it's still the same one by one. The default is whether you get group permissions or role-based assignments, you still have to go in individually to everyone every time, which is cumbersome to me. My problem with Azure AD is that it's designed for medium to large systems, and we're not that large.
I rate it an eight out of ten.
For how long have I used the solution?
I have been using the solution for less than a year, and the client that I'm consulting with has been using it for about four and a half, five years.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
Since we're starting with three people, it's probably not going to grow to more than ten people in the next five years. So the scalability is fine for my client's needs.
How are customer service and support?
We have not contacted Azure's technical support.
How was the initial setup?
The initial setup was straightforward. The client has got three people working for him.
What's my experience with pricing, setup cost, and licensing?
For a small business buying individual licenses, it is an affordable solution.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Infrastructure & Tech Support Manager at a energy/utilities company with 1,001-5,000 employees
Users can work at home or office and files are synchronized, with a single sign-on wherever they are
Pros and Cons
- "Let's say we decide that our users need to have MFA, multi-factor authentication. It is very easy to implement that with Azure Active Directory."
- "You can manage the users from the Office 365 administration center, and you can manage them from Azure Active Directory. Those are two different environments, but they do the same things. They can gather the features in one place, and it might be better if that place were Azure."
What is our primary use case?
We are a Microsoft-oriented company. All our main infrastructure for user systems and productivity, like Microsoft Office and email, are from Microsoft. So we use Microsoft products and we use Active Directory on-premises. We have also built a cloud infrastructure and we now have a completely hybrid architecture. As a result, it was mandatory to configure Azure Active Directory to synchronize with the on-premises Active Directory.
We have finished that project and now we use Azure Active Directory for users who are on the cloud.
How has it helped my organization?
Entra is very good for the organization because we now have many users, due to COVID, who are working from a distance. With Microsoft, we can give them the opportunity to download all the applications on their personal PCs, like Teams, OneDrive, et cetera. They have a single sign-on and they can log on from everywhere.
The solution has improved things a lot for our organization because it has improved productivity. One specific effect is that we used to use a lot of VPN access, but we have decreased that access by 80 percent because they don't need the VPN anymore. And productivity has also improved very much, because users can do their jobs from everywhere, even on their mobile phones, because they have their files on OneDrive. With Azure Active Directory, we don't have security issues thanks to the added security on the cloud, such as MFA and also Defender for Endpoint.
But it's not only productivity tools that we have on Azure, we have other applications as well that we have set up for our users, like SAP. We have also diminished our telecom costs.
We have saved a lot of money, I'm very sure about that. We pay for the solution but because it is in the pricing agreement, we have more tools available and we don't have to buy more. I would estimate it has saved us more than 40 percent.
In addition, before, we had to work through all the horizontal firewalls and security sensors in the company. Now, we have separated the productivity tools like Word, Excel, OneDrive, and Teams. That means our users are very pleased with the user experience. They like using it. They can work from home or at the company and their files are synchronized.
Overall, we feel our security has improved and we are confident.
What is most valuable?
I like the fact that I can manage the users, but it's also a security resource. Let's say we decide that our users need to have MFA - multi-factor authentication. It is very easy to implement that with Azure Active Directory.
What needs improvement?
What could be improved is the environment. It still has administration centers in Office 365, and the same is true for Azure in general. You can manage the users from the Office 365 administration center, and you can manage them from Azure Active Directory. Those are two different environments, but they do the same things. They can gather the features in one place, and it might be better if that place were Azure.
For how long have I used the solution?
I have been using Azure Active Directory for five years.
What do I think about the stability of the solution?
The stability is very good. We don't have incidents. The only issues we had were to do with synchronization that took some time between Active Directory on-prem and Azure Active Directory. But that might have had something to do with other issues.
What do I think about the scalability of the solution?
It is a 100-percent scalable solution and that is one of the reasons we chose it.
We have installations on-premises, and people all over the country, including the islands, the north, and everywhere. Our users are in multiple locations. It's used across different departments with different applications and needs. At this moment, we have about 2,300 users.
How are customer service and support?
Microsoft's technical support needs to be improved. It's a bit bureaucratic, to put it in one word. The procedure for opening a case is that someone sends you an email to give them all they need. I would like the technical support proceedings to be faster. Sometimes, my company doesn't have this time. We need to find a solution very quickly.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We used on-premises products like System Center Configuration Manager. We used Microsoft's products, but for on-prem administration, not on the cloud.
How was the initial setup?
Due to the fact that we have a hybrid architecture, not a clean cloud solution, it took us a lot of time. We had to consider how everything, all the applications, was going to work. Active Directory is also involved in emails and there were many procedures to consider and test. There were also many users who were staying on-prem. We also had to consider external cooperation with other European and domestic energy companies. So it took us about one year. Our company is not a simple company, like a sales company or a manufacturer. We deal with critical infrastructure and we have to control and operate the power for the whole country. We had to think about every step of the journey.
We had 10 to 12 people involved. I was the project manager and there were three groups of people, in addition. One was from telecom and security. There were a few people from infrastructure and technical support, and there were some people from the application side, to test that all our applications were active.
We also have teams for projects, like when we do a large construction for something like power lines. We form teams between departments and these special teams may work for a year on a specific project. We also needed to consider them because they have different needs and work from different places and are mobile.
Because we have on-premises firewalls in our company, we had to do some work before we implemented AAD to arrange access between the company's security system and the Microsoft cloud system so that they could cooperate and communicate. We had to open the protocols, et cetera. As a result, we don't have any problem with the consistency of our security policies.
In the beginning, it was a matter of getting used to the procedures. We needed to explain things to the users so we sent them a guide. We rolled it out to our 2,500 users in many batches over about four months.
There is periodical maintenance, such as upgrades, as well as ad hoc maintenance. For example, if we modify public folders, we need to do some work because, on one occasion, cloud users couldn't see a public folder that was on-premises.
What was our ROI?
We can see a return on the investment by comparing the prices we know from previous years. We don't use so many data centers now and we don't need as many installations and to pay as much rent.
Our return on investment is that the costs are very small, like one-tenth what they were, by going from owning on-premises data centers to what we have now. Over a period of five years, our return on investment is 100 percent. The money we pay for this contract is not much compared to the money you need for buildings, data centers, power, and technicians.
The price is also very good if you consider the money you save by not having to pay for many contracts with different companies to create a corporate solution. You pay one company, like Microsoft, and you have the whole solution. We have saved a lot of money by doing that.
Of course, you need to give it time and in-house resources. People have to be trained. Otherwise, if you have many environments and many products that you don't know very well...
Maybe using multiple companies is good. That's why we do use some other products, but not many.
What's my experience with pricing, setup cost, and licensing?
The price is fair. It's not very expensive given what they offer. Of course, we did some negotiating with Microsoft. We didn't pay the list price. We have been a Microsoft customer for many years, so when the contract comes due every three years, we discuss it. Afterward, there are some discounts.
Which other solutions did I evaluate?
We evaluated Amazon and Google. We chose Microsoft mainly because it has the whole package, meaning it has the security, the applications, and the infrastructure, so it's a more holistic approach compared to the others. It's not that Google and Amazon don't offer something like that, but they need more time to improve because they were not on-premises companies.
Microsoft gives you the space, the data centers on the cloud, and backups; it gives you everything. From the others, something was always missing. Microsoft may not be perfect, but it has everything you need.
What other advice do I have?
It's a very good solution, an excellent solution. It's very stable and robust. You don't need to do a proof of concept unless you have a special case, like, for example, fleet management, and have a very specialized application.
We use Entra’s Conditional Access feature but we also use other tools from other vendors. From our experience so far, we haven't had problems. Entra seems robust enough. We haven't even had one incident of malware. Of course, we have added some more tools to our cloud infrastructure for the mail applications in the network. So although it's robust enough, because we're handling critical infrastructure, as a company we decided to have more tools.
We use Intune and Endpoint Manager. Any device that is connected, even if it is a personal device, needs to be registered via Intune. We do not accept non-registered devices.
Azure Active Directory, and Azure in general, is a very big solution that we are developing further. It takes a lot of time, but by using it, we don't need so many other resources from outside companies. We can manage everything in-house. It takes a lot of time, but it's better than other options. It has more tools and better monitoring. Those extra tools mean more time spent on it by the administrators. But it has dashboards that they didn't have before. So the administration is easier and more centralized, but you need time with all these tools.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Single Sign-On (SSO) Authentication Systems Identity Management (IM) Identity and Access Management as a Service (IDaaS) (IAMaaS) Access Management Microsoft Security SuitePopular Comparisons
Okta Workforce Identity
Fortinet FortiAuthenticator
Cisco Duo
Ping Identity Platform
JumpCloud
LastPass
Symantec Siteminder
OneLogin by One Identity
IBM Security Verify Access
ManageEngine Password Manager Pro
Microsoft Active Directory
Red Hat Single Sign On
Frontegg
Imprivata OneSign
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
- What are the biggest differences between Google Cloud Identity and Microsoft Azure Active Directory?
- How does Duo Security compare with Microsoft Authenticator?
- How does Microsoft Authenticator compare with Forinet FortiToken?
- When evaluating Single Sign-On, what aspect do you think is the most important to look for?
- CA SiteMinder vs IBM Tivoli Access Manager
- How much time does SSO save?
- Why is SSO needed?
- What single sign-on platform do you recommend?
- Why is Single Sign-On (SSO) important for companies?