There is a lot of confusion around the user interface. For new users, it can be difficult or confusing to understand the concepts of managed identity and role protection.
So far, the tool has been good. I have dealt with our company's clients' technical and functional requirements. So far, the tool has always serviced all our needs, so I don't see any shortcomings in it. The challenge in the tool was related to hybrid connectivity, like with Azure AD Connect, which I now think is Microsoft Entra ID's predecessor. Azure AD Connect was replaced by Microsoft Entra ID. There were many issues with the tool's sync process. During the configuration of networks, the process was quite resource-intensive. I think Microsoft understood the concerns of the users associated with the tool, and that is why it released a new kit into the block, like Microsoft Entra Cloud Sync, to replace its shortcomings. Microsoft Entra Cloud Sync is for enterprises that would love to have hybrid configurations. Microsoft Entra ID Protection needs to offer better hybrid connectivity to users. There are two products under Microsoft Entra ID, which are like brothers or cousins, and I feel that matching them up should not be an uphill task for us, like when we have a scenario where we try to integrate with a tool from a different vendor through APIs and so many other configurations that need to be done. The tool can just unify and make the process as quick as possible with a few clicks to deal with the configuration. I want the tool's licensing model to be made easier.
When it comes to logs, we don't have access to all of them because there's a limitation of 90 days for log retention. It would be a great option to have the ability to increase this duration in the portal itself, either as a paid feature or something similar, as three months of log retention is insufficient. If we want to check someone's log, the challenge is sometimes finding different access points to various portals. However, they have started adding these access points, which is a positive improvement. For example, previously, there was no cloud app security access from Active Directory, but now they have already added the link. Integrating some notifications, not necessarily all, but at least for important events or alerts, would be beneficial as it would function as a team solution or something similar. It doesn't have to be a complete module, but having some logs or notifications for administrators would be very helpful. If they could provide us with the option to receive notifications or something similar, it would significantly enhance the platform. One more thing to consider is the log retention period in the Active Directory. It would be useful if we could export logs or have access to information about how long the logs can be retained in the Active Directory.
The solution is not optimized to work with Mac devices on a granular level. They work seamlessly with Windows but have a lot to improve to work with Mac devices. It also needs to improve stability and scalability.
The solution's sync should be faster since it can take about 30 minutes to two hours to complete a simple sync. The tool needs to sync instantly. It also needs to improve scalability, support, and stability.
Learn what your peers think about Microsoft Entra ID Protection. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Identity labeling and sensitivity needs improvement to be comparable to Dell. Password management needs to include a keyword mechanism that blocks or allows generic passwords. The auditor tool needs to include SIEM events in addition to sign-in and audit logs. Currently, we have to rely on third-party solutions for our log needs. The solution's models need to be centralized instead of having different names and separate platforms. We have to spend a lot of time integrating all the models with the IAM.
Microsoft Entra ID Protection uses advanced machine learning to identify sign-in risks and unusual user behavior to block, challenge, limit, or allow access.
Prevent identity compromise
Extend risk-based adaptive access policies to help protect against malicious actors.
Help protect against credential theft
Safeguard sensitive access with high-assurance authentication methods.
Deepen insights into your identity security posture
Export intelligence back into any Microsoft or other...
There is a lot of confusion around the user interface. For new users, it can be difficult or confusing to understand the concepts of managed identity and role protection.
The pricing could be improved.
So far, the tool has been good. I have dealt with our company's clients' technical and functional requirements. So far, the tool has always serviced all our needs, so I don't see any shortcomings in it. The challenge in the tool was related to hybrid connectivity, like with Azure AD Connect, which I now think is Microsoft Entra ID's predecessor. Azure AD Connect was replaced by Microsoft Entra ID. There were many issues with the tool's sync process. During the configuration of networks, the process was quite resource-intensive. I think Microsoft understood the concerns of the users associated with the tool, and that is why it released a new kit into the block, like Microsoft Entra Cloud Sync, to replace its shortcomings. Microsoft Entra Cloud Sync is for enterprises that would love to have hybrid configurations. Microsoft Entra ID Protection needs to offer better hybrid connectivity to users. There are two products under Microsoft Entra ID, which are like brothers or cousins, and I feel that matching them up should not be an uphill task for us, like when we have a scenario where we try to integrate with a tool from a different vendor through APIs and so many other configurations that need to be done. The tool can just unify and make the process as quick as possible with a few clicks to deal with the configuration. I want the tool's licensing model to be made easier.
When it comes to logs, we don't have access to all of them because there's a limitation of 90 days for log retention. It would be a great option to have the ability to increase this duration in the portal itself, either as a paid feature or something similar, as three months of log retention is insufficient. If we want to check someone's log, the challenge is sometimes finding different access points to various portals. However, they have started adding these access points, which is a positive improvement. For example, previously, there was no cloud app security access from Active Directory, but now they have already added the link. Integrating some notifications, not necessarily all, but at least for important events or alerts, would be beneficial as it would function as a team solution or something similar. It doesn't have to be a complete module, but having some logs or notifications for administrators would be very helpful. If they could provide us with the option to receive notifications or something similar, it would significantly enhance the platform. One more thing to consider is the log retention period in the Active Directory. It would be useful if we could export logs or have access to information about how long the logs can be retained in the Active Directory.
The solution is not optimized to work with Mac devices on a granular level. They work seamlessly with Windows but have a lot to improve to work with Mac devices. It also needs to improve stability and scalability.
The solution's sync should be faster since it can take about 30 minutes to two hours to complete a simple sync. The tool needs to sync instantly. It also needs to improve scalability, support, and stability.
Identity labeling and sensitivity needs improvement to be comparable to Dell. Password management needs to include a keyword mechanism that blocks or allows generic passwords. The auditor tool needs to include SIEM events in addition to sign-in and audit logs. Currently, we have to rely on third-party solutions for our log needs. The solution's models need to be centralized instead of having different names and separate platforms. We have to spend a lot of time integrating all the models with the IAM.