Microsoft Entra ID Protection Reviews

I use Microsoft Entra ID Protection and provide support for features such as multifactor authentication and conditional access. I work with this solution every day.

The best features of Microsoft Entra ID Protection include the password dictionary, which we do not have in Active Directory. Conditional access is excellent because we can select the location from which users authenticate, and this is the best feature for me. Another valuable feature is the ability to identify critical or suspicious computers. If computers are too old or too suspicious, the system does not allow authentication, which is excellent.

The effectiveness of automated remediation for handling identity threats is great. I use passwordless authentication with cellular phone authentication, which is excellent because we do not always need a password. Microsoft Entra ID Protection is a great solution overall because it improves security in the company through identity management. It improves integration with other solutions such as Google, Gmail, Hotmail, Outlook, and Facebook. We can create different applications and integrate with different services.

I do not think there are any areas that could be improved with Microsoft Entra ID Protection at this time.

I used support last week, and this week we encountered a problem but do not have the contract, which is a problem when support is not available. We can use the newsgroup to post our situation and sometimes find solutions. When we have the support contract, for example Premier support, it is great. When we do not have a contract, we can use the communities or newsgroups, which I find helpful because I have worked with Microsoft products and others for a long time and find this support structure effective. If it were a critical company, the company would have to pay for the contract or Premier support.

Overall, I give Microsoft Entra ID Protection support a rating of ten out of ten.

Positive

I may have used other kinds of identity management or access management tools, possibly Novell, but I do not have another solution to reference.

I do not know the main differences between Microsoft Entra ID Protection and other solutions such as Okta or One Identity.

Sonda operates across different industries and has clients in Chile, Brazil, Uruguay, Argentina, and Colombia.

Yesterday I created a report instead of an alert, reporting the user who authenticated from a specific date. This was excellent because I sent the report to the client and they said it was a great report. This helps significantly when delivering information to the client and demonstrates the value of the reporting capability.

I understand the reports from a technical perspective as an engineer, but I do not know if some people find the reports difficult to understand.

I do not have a pricing comparison for Microsoft Entra ID Protection against other solutions.

I give this product an overall rating of ten out of ten.

Microsoft Entra ID Protection is part of our everyday work, involving applications, entitlements, and other related tasks.

We are on the free tier of Microsoft Entra ID Protection and use Entra.

We use internal IDs for Microsoft Entra ID Protection.

We utilize risk-based conditional access in Microsoft Entra ID Protection.

We have integration with Active Directory and related systems for Microsoft Entra ID Protection.

The best features of Microsoft Entra ID Protection are the conditional aspects, particularly the conditions that can be created.

Microsoft Entra ID Protection has helped us because it gives us conditions that we can filter on or support, providing us more granularity.

Microsoft Entra ID Protection allows blocking based on geolocation and similar parameters.

The protections for handling identity threats in Microsoft Entra ID Protection, such as the automated remediation, are working effectively.

With Microsoft Entra ID Protection, we are able to pivot off of particular alerts and stay abreast of them, which works to enhance our organization's security strategy.

They definitely aid in threat detection with Microsoft Entra ID Protection.

One challenge with Microsoft is its complexity, so it would be beneficial if some of that complexity could be simplified in Microsoft Entra ID Protection, though we realize that may not be possible.

I have been using Microsoft Entra ID Protection for two and a half years.

Support or customer service with Microsoft Entra ID Protection can be challenging because you can get lost in the queue. You can open up a case, but sometimes it can be an hour or even a day between communications.

Consistency is one of our issues with Microsoft Entra ID Protection support.

On a scale of one to ten for their support, Microsoft Entra ID Protection deserves an eight.

Positive

We did not use a different identity management tool before using Microsoft Entra ID Protection.

I cannot provide information about the initial setup for Microsoft Entra ID Protection because the migration from an on-premises system occurred before I joined the organization.

I am happy to share my experience with Microsoft Entra ID Protection.

Microsoft Entra ID Protection has been performing well, and we cannot complain as we do not have much to compare it to.

We would give Microsoft Entra ID Protection an 8.5 out of 10, as it is up and running, we have not had any outages, and it has been performing well.

We use Azure Blob storage intensely for our applications and to develop custom APIs and similar solutions. For connection, it is important for us to make a performant connection to integrate data sources from heterogeneous technologies.

We now use Dataverse, which is much easier to use. It's more friendly because the no-code, low-code technology has become really performant at this moment. We can solve many problems without deep knowledge of coding, and it's very quick to solve problems with the no-code, low-code solution of Microsoft for us.

We use Microsoft Entra ID Protection because this is the foundation of our application. We use it to authorize access into the application. We previously used Active Directory, not the Entra version, but now it's known as Entra. It solved our problems related to access, identity, and access in the application, user identity, and access. We do not tend to use something else because that solution satisfies our needs. At our level, we do not act at a very high level; we use a normal level of security. Our needs are not very sophisticated, which is why we are not users with very high expectations.

We use real-time monitoring because we develop Canvas applications in Power Platform, and we need to use real-time data due to problems with the capacity of the Dataverse. There are problems with access, and we have issues with connections that can authorize user access to different parts of the application. Under these circumstances, we use real-time monitoring.

Part of that is generated by the application, such as real-time alerts. When errors appear, we receive an email or something similar, not by default; we try to customize this functionality.

For us, the most important problem is access; we need an easy access process even for two-factor authentication or similar things. The experience is not very smooth for the user. This is an area where Microsoft could improve the authorization process.

Positive

The problem was solved on the first try.

It's very good for our needs.

I would rate Microsoft Entra ID Protection a 10 out of 10.

I mainly use Microsoft Entra ID Protection for several integrations, including the hybrid AD architecture and the Azure Cloud. Users and on-premises AD synchronize to Azure or Microsoft Entra ID Protection. This includes Mailbox integration with Office 365.

In Microsoft Entra ID Protection, we generally use the user's group and Enterprise applications. We also handle integration with other third-party applications for SSO or third-party SSO. The system handles log injection from Microsoft Entra ID Protection to the SIEM. Enterprise application is the main use case, apart from the users and groups.

In Microsoft Entra ID Protection, we generally use the user's group and Enterprise applications. We also handle integration with other third-party applications for SSO or third-party SSO, along with log injection from Microsoft Entra ID Protection to the SIEM. Enterprise application is the main use case, apart from the users and groups.

It's a useful function for our use case when we have computer accounts or service accounts in different locations. The risk-based accounts help with logging in from anywhere.

We use automated remediation for logon purposes and error purposes. It remediates issues and provides just-in-time access when applicable.

A potential area of improvement in Microsoft Entra ID Protection could include backup-level capability or snapshot capability. Currently, we are required to use third-party backups for the overall Microsoft Entra ID Protection. If there was some level of backup mechanism available with quick restore functionality, that would be beneficial.

I would rate Microsoft support between seven and eight out of ten based on past experience.

Response times vary as Microsoft utilizes third-party support before escalation to different parties. The response time can be affected based on the type of Azure subscription tier.

There is no direct mapping with Microsoft Entra ID Protection. Okta has capabilities, but they are not similar. Microsoft Entra ID Protection has vast capabilities and integration with the on-premises user database and everything.

Microsoft Entra ID Protection has authentication capability without any agent. For example, with a Windows PC on-premises requiring authentication, other solutions such as Duo or Okta use agent-based authentication. With Microsoft Entra ID Protection, simply joining Active Directory or hybrid join allows authentication via the MFA application on mobile directly.

The monitoring from Microsoft Entra ID Protection provides great visibility at a granular level. It provides all the details, including IP address, username, and permission or error logs. This information is available in both the audit log and regular log.

The alert functionality supports general day-to-day monitoring and any violation or trigger for errors.

Microsoft Entra ID Protection's features are suitable for all sizes of companies. It's a must-have product because traditionally Active Directory was used for identity and authentication on computers. Now, with hybrid capabilities, every company of any size needs these features and tools.

I rate Microsoft Entra ID Protection ten out of ten.

Just for authentication purposes. To authenticate other services on behalf of Microsoft.

We use Microsoft. Everyone uses Windows, and we collaborate on Teams. So sometimes it's necessary to use Microsoft. The only Microsoft features I use are logging in via Microsoft authentication or Microsoft Active Directory. 

We have a ton of services available, like Jenkins or Outline for documentation. It becomes difficult to manage users across all these services. If new developers are onboarded, someone has to add them to each service individually. So we've aligned with Microsoft Active Directory. We've integrated our other software with Microsoft, and we log into other software using Microsoft. That's very helpful. If someone leaves the company, we just block their Microsoft account. If someone joins, we just create their Microsoft account.

Currently, we have limited use of Microsoft AD. We only use it to see if user blocks are available. If they are, we unblock the account and get access accordingly. 

AD has paid access control features. We can add access control over AD. For example, for documentation, we use an Outline tool. It's open source, and we add our company's knowledge base to it. It's an alternative to Confluence. We don't want everyone to have access to all documentation. If I create documentation for my team, only my team should have access, not support or sales. We can add these scopes or access controls over AD. 

Once integrated, the person will get the appropriate access control features upon logging in. Role-based access control is a great feature of Active Directory.

The pricing could be improved. 

I have been using it for six to eight months now. 

It is a stable product. I haven't faced any issues. We use this product very extensively. If someone has to log in to any of the services, we use this product, and we haven't faced any issues with it.

It is a scalable solution. For Entra ID Protection, we are using it for about 100 to 150 people. But I have seen big organizations using this feature as well. So I'm pretty sure it is very scalable.

I haven't called tech support specifically for this feature or issue. But overall, we had a few very technical issues regarding Microsoft, related to SharePoint or something else. Their support wasn't as helpful as we thought they would be. We had to go through the documentation again and find a possible solution ourselves. But the Microsoft customer service and support were reachable and quick to respond, which was great.

If someone has experience with Azure, it's very straightforward. Otherwise, it might take about six to seven hours, not more than that. You can call it straightforward.

Everything was done over the Microsoft Azure user interface. Again, it was pretty straightforward. There's documentation available, and you can use it to do the integration yourself. It depends on how much experience you have with AD. If you are very familiar, it can take about a day or two.

I don't have to remember ten passwords for every software connected to my organization. My access to other software is just one click away. It has good value. If I forget a password, it takes about ten to fifteen minutes to reset it. But Entra ID saves a bunch of time. I don't have to remember the password for every different software I'm using.

It is an expensive product. It's not cheap, but overall, it's fine. We have to pay, but I'm not sure about the exact amounts.

Overall, I would rate it an eight out of ten. I think having a single-user access management control is very beneficial. If you have a ton of other services, you should use a single-user management service. And if you're already on Microsoft and collaborating via Teams, then this is something you should use.

The primary use case for Entra ID Protection is to have control and proper naming conventions of all assets within my estate. It helps me control access, assign resource groups, better secure production environments, and be compliant.

The valuable features of Entra ID Protection include providing me visibility of my entire estate, managing access, and having a level of control. I use it to control and manage my assets, assign resources, and ensure compliance in my environments.

There is room for improvement in the ability for Entra ID Protection to inherit roles and configurations from whatever solution I am migrating from, so that these don't have to be built from the ground up during the implementation process. A migration tool for this purpose would be beneficial.

I have been reselling various Microsoft solutions, including Azure DDoS Protection, since 2018. However, for Entra ID Protection specifically, my experience started closer to when Entra came out.

I rate the stability of the solution nine out of ten.

I rate the scalability of this tool ten out of ten.

I rate the quality of support at four out of ten because of inefficiencies in the ticket handling process. Tickets often bounce from person to person, requiring the sharing of information multiple times.

Neutral

The initial setup can be complex if I am not familiar with the rules. It is not advisable for a complete novice. Clients with expertise in Microsoft products can manage it, otherwise, professional services are engaged to ensure correct implementation.

For the most part, I engage my professional services team to assist the clients in actually implementing and setting it up correctly.

There is a return on investment in terms of time-saving, control, and ease of manageability of the environment.

Entra ID Protection is not badly priced, but some clients, especially in medium to smaller scale companies in third-world countries, find it quite expensive. It would be beneficial to have a lighter version for those with limited IT budgets.

I recommend this product overall. I rate the solution a nine out of ten.

We as a company are working on security compliance using Microsoft's tools, including Purview, Defender XDR, Entra, and Azure AD. Our wider company perspective also includes Intune, MBM, Data Lake, and the Azure infrastructure itself. It's a comprehensive list of services we offer.

I did some implementations and workshops for Microsoft Entra ID Protection.

Microsoft Entra ID Protection is used for identity, authentication, authorization, and other connection solutions, especially within hybrid environments. It provides a comprehensive setup for cloud-only or mainly cloud environments, although hybrid setups can still encounter challenges.

Microsoft is doing a good job with their adaptive machine learning algorithms for anomaly detection. These algorithms are effective at identifying unfamiliar sign-ins or malicious IP activities, which help protect our customers. Although results can take some time, being proactive with these tools yields beneficial results.

Conditional access is a powerful solution for Microsoft Entra ID Protection. Our company has developed a framework with conditional access policies which we update when Microsoft releases new information. This framework assists in beginning with conditional access and expanding as you mature in adopting it. We guide customers in their journey toward adopting and understanding the product.

The push for passwordless operation is successful with Microsoft Entra ID Protection. I haven't used a password for about a year, signifying the safety and effectiveness of this feature for protecting online identities.

Microsoft is connecting capabilities within Microsoft Entra ID Protection in conjunction with Azure, Purview, and security solutions. They have improved clarity in their approach by positioning Entra ID between these pillars, enhancing integration.

Microsoft's support is commendable. Their response time is quick, and they handle inquiries effectively, ensuring ongoing support processes.

Protection with Microsoft Entra ID Protection could always improve, receiving a 9 out of 10 in effectiveness currently.

Identity protection and trust issues, particularly in hybrid environments, could be addressed better with Microsoft Entra ID Protection. This would aid connectivity concerns.

I have experience with Copilot AI solutions from Microsoft, but it's not my focus. I can guide users on protecting their systems from risks associated with AI. Despite potential increased data leak risks with AI, it's not limited to Microsoft.

I have limited experience with writing summaries for emails. I need to spend more time gaining proficiency in this.

Microsoft is developing a replacement for traditional VPNs, enhancing connectivity while retaining the hybrid model, aiming to improve the integration of Microsoft Entra ID Protection features in existing environments.

On a scale of one to ten, this solution receives a rating of 9.

I am a Security Operations Center (SOC) analyst and manage Microsoft Entra ID for four clients. I act as an administrator for accounts, including Microsoft XDR, within my company.

For me, automatization is most valuable. Microsoft Entra ID can detect if a user is at risk and then execute actions based on the risk level. 

Additionally, it has a good scalability potential, allowing for the management of both small and large user bases efficiently.

I'm relatively new in cybersecurity, having used Microsoft Entra ID for about a year, and I find it to be a good platform. I have not seen any flaws or areas for immediate improvement. However, I did have some trouble finding specific documentation, particularly for troubleshooting.

I have used Microsoft Entra ID for a year.

The solution is stable.

I believe Entra ID has good scalability. Since it is a cloud computing product, it can accommodate a range of company sizes, from a few users to large businesses.

While I have not dealt with Microsoft technical support personally, my teammates have had good communication with Microsoft. I have not seen any problems.

Positive

I have experience with CrowdStrike solutions as well. However, I have heard of issues when incorporating CrowdStrike solutions into environments heavily reliant on Microsoft.

The initial setup was pretty easy. The platform is visually appealing and acts as a single pane of glass, providing a user-friendly experience.

The cost-benefit is good. None of my clients have complained about the pricing, indicating satisfaction with the return on investment.

The pricing for Microsoft Entra ID protection is not expensive. It varies based on the company's size and quality.

Overall, I would rate Microsoft Entra ID Protection an eight out of ten. 

A product can't be perfect, however, enhancing the availability and specificity of documentation, especially for troubleshooting, could add to its perfection.

The most valuable feature of the solution is the granular control of identity and access in terms of giving access based on additional context and authentication context. For example, the tool has conditional access policies, like identity protection, which is time-based access given to the administrators so that they can perform any administrative control or configuration that is time-bound, and it automatically expires according to that flow. There is also identity governance, so the tool has quite interesting identity-related features that are quite robust in protecting many enterprise client decisions.

So far, the tool has been good. I have dealt with our company's clients' technical and functional requirements. So far, the tool has always serviced all our needs, so I don't see any shortcomings in it.

The challenge in the tool was related to hybrid connectivity, like with Azure AD Connect, which I now think is Microsoft Entra ID's predecessor. Azure AD Connect was replaced by Microsoft Entra ID. There were many issues with the tool's sync process. During the configuration of networks, the process was quite resource-intensive. I think Microsoft understood the concerns of the users associated with the tool, and that is why it released a new kit into the block, like Microsoft Entra Cloud Sync, to replace its shortcomings. Microsoft Entra Cloud Sync is for enterprises that would love to have hybrid configurations.

Microsoft Entra ID Protection needs to offer better hybrid connectivity to users. There are two products under Microsoft Entra ID, which are like brothers or cousins, and I feel that matching them up should not be an uphill task for us, like when we have a scenario where we try to integrate with a tool from a different vendor through APIs and so many other configurations that need to be done. The tool can just unify and make the process as quick as possible with a few clicks to deal with the configuration.

I want the tool's licensing model to be made easier.

I have been using Microsoft Entra ID Protection since 2017. I work with Microsoft Entra ID Premium P2 Tier.

Stability-wise, I rate the solution as a seven out of ten.

There are outages with the tool, especially when you want to receive the authentication code. It takes time because of the system outages from Microsoft's end. These are issues that don't occur frequently, but we usually experience them intermittently.

It is a scalable solution and a cloud-native application. With the tool's scalability features, you can easily scale in and out. Scalability-wise, I rate the solution an eight out of ten. If you don't require licenses, you just don't get it. If you need more licenses, you buy accordingly.

My company deals with a client base of 2,000 people. The tool offers the basic protection element that every product comes with nowadays. Actually, the best option is the premium tier of Microsoft Entra ID Protection that is available, but I don't know how Microsoft categorizes the ones that don't have the premium tier plan. I believe the ones without a premium tier get standard protection. With the premium tier, there are around 150 people.

I deal with clients ranging from SMEs to large enterprises.

The solution's technical support offers great assistance to users. Sometimes, instead of assisting you, they just send you links to go and read by yourself, making it an area that I find to be a bit low. I rate the technical support a nine out of ten.

Positive

The product's initial setup phase is not easy. The tool comes with a technical white paper that offers support and guidance to walk you through the process. From one to ten, if one is difficult, I rate the product's initial setup phase as a seven.

The solution is deployed on the cloud, but the hybrid scenario requires both cloud and on-premises models.

The solution deployment time depends on the client. In general, the deployment time depends on the size of the enterprise or the company. For a company of 300 people, it takes at least two months and, at most, three months. For an enterprise with 300 to 1,00 or 2,000 people, the deployment takes six months.

For the deployment, we normally have a project structure that has some scope of work to be undertaken for a particular deployment in a project. There is a need to enter into the project planning, structure, or environmental assessment, the actual deployment phases, the validation and test phases, the user acceptance phases, the onboarding phase, The test onboarding stage, the pilot onboarding, and then the development of the tool for everybody. Finally, there is the port deployment and similar stuff.

From one to ten, if one is cheap and ten is expensive, I rate the tool a seven out of ten. Depending on the value that we pitch for a particular solution, I rate the price as seven out of ten because I want someone to tell Microsoft to stop complicating the licensing model for all the tools, as it is really confusing.

It is not a cheap tool.

During authorized access, the multi-factor authentication and the conditional access policies are good. Both features are largely associated with monitoring and preventing risks.

I don't think I see any competitive vendor or product currently in the market that can give everything that Microsoft Entra ID Protection offers.

I rate the tool a nine out of ten.

I primarily use Microsoft Entra ID Protection to manage identities for applications, including single sign-on capabilities for third-party and in-house applications. I leverage its features for conditional access and identity management.

I find the most valuable feature to be conditional access. It allows for comprehensive security controls, network security, and application label security. It enables me to set policies for signing security user sign-in risks and specific application access. 

Additionally, having a single sign-on feature with Entra ID ensures seamless access to various applications, even those with significant security constraints. Microsoft offers extensive use cases, including app security and IP restrictions, enhancing our overall enforcement capabilities.

Microsoft has not offered control over how they calculate high or low-risk scenarios. While they mention if a low risk is found by Microsoft, the triggered policy isn't customizable. Enhanced configurations for verified credentials would also be beneficial since the current configuration is quite complex and tedious.

I have been using the solution for approximately two and a half years.

As a Microsoft partner, I find the assistance isn't as extensive as expected. They often refer to internal blogs, which doesn't offer much new information and can limit our capabilities in troubleshooting.

Neutral

Microsoft Entra ID requires additional licensing components, particularly for Entra ID governance as an add-on for those with P1 or P2 licenses.

I rate Microsoft Entra ID Protection eight out of ten.