We are using Microsoft Entra ID as a SAML provider for two products: Zscaler and Microsoft Sentinel, where we authorize users into the security SIEM platform.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We are using Microsoft Entra ID as a SAML provider for two products: Zscaler and Microsoft Sentinel, where we authorize users into the security SIEM platform.
I genuinely appreciate the attack surface reduction tool in Microsoft Entra ID, as well as the regional risk geofencing feature, which are excellent tools that I have used extensively.
I appreciate how you can authenticate into Microsoft Entra ID directly through its independent URL or also through the Azure portal.
Microsoft Entra ID being a single sign-on solution is beneficial because once you log into one platform, it allows you to access the other platforms seamlessly.
As an identity product, Microsoft Entra ID has a secure score rating system, which I find valuable.
I appreciate that Microsoft Entra ID underwent rebranding from Azure AD to Microsoft Entra ID, which was a positive change.
Microsoft Entra ID probably does not need any improvement at this time; it is the best solution available since there are two ways to access it, and I do not believe it requires any enhancements as it currently stands.
Regarding additional features, I would suggest more sandboxing capabilities, but I do not believe sandboxing is necessary within Microsoft Entra ID itself. Microsoft could potentially add a sandbox feature similar to CrowdStrike, the competitor, but it is not essential.
I have been in information security using Microsoft products for approximately fifteen years, with Microsoft Entra ID implementation starting in 2022.
I have experienced one hundred percent capability and full uptime with Microsoft Entra ID, so the stability and reliability are commendable.
I would rate customer service and technical support as ten out of ten. The support is excellent with local representatives available, and we have ISMs, CSMs, and TSMs with Microsoft who are very reachable and approachable.
Prior to adopting Microsoft Entra ID, I was not using another solution to address similar identity needs.
Deploying Microsoft Entra ID is straightforward. Once you gain access to admin.microsoft.com, this functionality is already built-in, so there are no deployment issues. I would rate the deployment process as ten out of ten since Microsoft products are very simple to deploy. It is entirely cloud-based, making it very easy and plug-and-play, functioning as a bolt-on solution with Microsoft Entra ID.
I believe the licensing for Microsoft Entra ID is excellent, as it includes everything with G5 or E5 plans, making the licensing structure a great option.
Okta would be a possible alternative, but I am a much bigger advocate for Microsoft Entra ID than Okta, despite them being competitors.
Microsoft Entra ID is easier to implement because it uses Google Authenticator through its own Microsoft authentication, whereas Okta requires a separate application, which can be inconvenient.
We have implemented a secure-based token system called SBC since adopting Microsoft Entra ID.
Token-based security has had a positive impact on defending against threats with Microsoft Entra ID. It functions as a tool similar to FIDO, serving as an MFA factor whether you have it or not.
While Microsoft Defender offers a very good attack simulation module, Microsoft Entra ID has built-in MFA, which eliminates much of the concern. I personally prefer using Google Authenticator on my phone for authentication, which creates a very secure environment.
When selecting an identity management solution, I would strongly recommend choosing Microsoft Entra ID over Okta. It is easier to implement because it is already integrated into the system, making Microsoft Entra ID very much universal with other security tools you will obtain, especially with Microsoft.
I would rate this solution an overall ten out of ten.
My main use cases for Microsoft Entra ID began with it serving as the authentication back-end for Office 365 investments; now it's starting to function as a federated IDP for us.
The feature of Microsoft Entra ID that I appreciate the most is the level of integration that's available in the partner network.
The implementation of Microsoft Entra ID helps with timely termination controls regarding secure access to apps or resources in my environment.
I believe Microsoft Entra ID can be improved, and I think it's already on the roadmap. We value the selective sync where Microsoft Entra ID is actually the authoritative source and then will provision down to Active Directory. That's a significant priority for us. We're always looking to understand how they're addressing agentic AI, but the primary thing I would prioritize if we could do this again is the ability to keep a SAM account name instead of having to use a UPN. This causes considerable challenges for us as a customer because we have to reissue identities to everybody.
I have been working in my current field since 2020, so almost five years and change.
I would assess the stability and reliability of Microsoft Entra ID as generally pretty good and on par with other cloud providers. Historically, we've seen a major outage occur every other year or so, where those events have significant downtime that wipes out essentially the entire capability of the hyperscale provider.
I have experienced downtime, crashes, or performance issues with Microsoft Entra ID.
I believe Microsoft Entra ID scales pretty well with the growing needs of my organization. Microsoft continues to innovate, so I'm not worried about the number of identities I put in it and the performance by any means. It really comes down to how well the Microsoft vision for agentic AI aligns with what the rest of the world chooses to do and at the pace they choose to do it.
On a scale from one to ten, I would rate customer service and technical support a six.
I give a rating of six because I think this is a trend for every tech provider; support is decreasing in quality categorically across the board, and many organizations are trying to implement AI-based strategies for support agents that simply aren't very good yet. That changes every couple of months, but historically, we have had a hard time going through and getting the right engineer or skill set on a call. The big change seems to be that they want to collect some logs and then go away and come back, rather than joining us on a bridge to work through issues. This is problematic based on how most organizations, ours included, choose to solve problems at scale in real-time.
I would evaluate customer service as usually great; everyone's friendly, nice, and helpful. However, the technical support depends on who you get and how fast you can get them on a call, which can make or break a support experience.
We were using another solution, SiteMinder, to address similar needs before adopting Microsoft Entra ID.
I would describe my experience with deploying Microsoft Entra ID as relatively easy, provided you have applications that support modern authentication protocols. We are a customer that had a number that were not supporting that, so we had to come up with alternative, deeper integrations and capabilities to make that work. Going through and not being able to support SAM account names was a challenge. We don't have publicly routable UPN, so being an alt ID customer and making a bunch of changes is a challenge. I think these would be the things I would have criticisms for regarding feedback.
Regarding my experience with deployment, I think once the system is up and running with the basic integrations back to AD or wherever it needs to be, it's pretty straightforward. I think the catalog of applications to integrate with is very large. For things using modern auth, the setup usually takes a couple of hours depending on the fidelity of the application team that you're working with, and it's relatively smooth and easy once you get the foundational components in place.
I think that I have seen return on investment with Microsoft Entra ID, as I believe it is becoming a commodity.
My experience with pricing, setup cost, and licensing is that going through and being able to use these things is always part of delivering an M365 bundle, so I don't think the experience is great because the only way you can make a deal is with significant takeouts of other platforms to afford it.
In selecting Microsoft Entra ID, we considered everything; it was a massive RFP. We looked at Ping, Okta, CyberArk when they acquired Idaptive, and we surveyed a huge remit of tools.
Microsoft Entra ID's integration capabilities haven't influenced my Zero Trust model.
Since implementing Microsoft Entra ID, we cannot share any changes I have observed in the frequency and nature of my identity-related security incidents in my organization.
My organization's approach to defending against token theft and nation-state attacks has stayed the same since implementing Microsoft Entra ID.
Regarding the features of Microsoft Entra ID, the question is which features and the Entra feature set.
In general, I find Microsoft Entra ID interesting because I don't think there's a great answer for that. It's the bundled set that comes with the M365 SKU sets, and you kind of end up having to use it. Many of the benefits and features we value center around the level of simplicity, as well as the deepest integrations with Microsoft Active Directory as a customer that does sync. I think the opportunity to go through and do connected devices in the field is really the future-looking set of functionality we're most interested in.
I can share that there's not a lot of novel capability from Microsoft Entra ID that isn't being made up from an Okta or a Ping, or other new players to the market. Single sign-on identity provider style capabilities are nothing new or novel or innovative anymore.
Our organization uses different authenticators concerning the implementation of device-bound passkeys in Microsoft Authenticator and how it has affected our approach to phishing-resistant authentication.
What stood out to me in the evaluation process, both positive and negative, was the opportunity for Microsoft to do more with it. Knowing that it was truly the largest identity provider on the planet was also helpful for us. The size and scale, and hopefully the resiliency of the platform, were great talking points.
The factors that led us to consider a change were performance, cost, support, and scalability.
My advice for other organizations considering Microsoft Entra ID is that it makes sense if you're going to go all-in on the Microsoft ecosystem, because you have to make the case for the bundle of at least two or three products to afford it. I would rate my overall experience with this review a seven out of ten.
