Axiad Cloud OverviewUNIXBusinessApplication

Axiad Cloud is the #1 ranked solution in top Passwordless Authentication tools, #4 ranked solution in top Identity and Access Management as a Service providers, and #5 ranked solution in top Authentication Systems. PeerSpot users give Axiad Cloud an average rating of 9.6 out of 10. Axiad Cloud is most commonly compared to Okta Workforce Identity: Axiad Cloud vs Okta Workforce Identity. Axiad Cloud is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a real estate/law firm, accounting for 12% of all views.
Axiad Cloud Buyer's Guide

Download the Axiad Cloud Buyer's Guide including reviews and more. Updated: March 2023

What is Axiad Cloud?

Axiad Cloud is a comprehensive, secure, and efficient authentication SaaS platform that eliminates silos across environments. The solution enables mix-and-match use of any or

all of the Axiad Cloud product line and can also be applied in heterogeneous IT environments – for example, organizations operating Windows, Mac, and Linux operating systems or with multiple existing IAM systems in place. In turn, this allows organizations to remove gaps and inconsistencies in how they authenticate across complex ecosystems. It also enables companies to become more programmatic in their overall cybersecurity practices. Axiad Cloud is unique because it supports all authentication methods across users, machines, and more while interoperating with the entire Identity ecosystem. In addition, it is architected for best practices security, including a private instance for each customer, encrypted communications, and key storage in specialized hardware. The solution also streamlines and automates help

desk workloads, enables end-user self-service, and minimizes overall IT overhead.

Axiad Cloud Features

Axiad Cloud has many valuable key features. Some of the most useful ones include:

  • End-to-end security: All entities are secured without using passwords or shared secrets so the authentication process is secure from end to end.
  • Passwordless multi-factor authentication (MFA): The solution utilizes multiple types of authentication methods without a password or push notification that can be intercepted or phished.
  • Certificate-based authentication: Using an international standard certificate, the solution can interoperate across a broad range of vendor products.
  • Custom certificates: The solution allows you to create both custom certificates and workflows.
  • Fully customizable: APIs enable full integration with vendor products or custom software.
  • Interaction certification: This feature certifies email senders and attachments.
  • Asymmetric cryptographic authentication (ACA): Through ACA, the solution is able to ensure that credentials can’t be intercepted in transit.
  • Customer control: All customer data is under customer control & edited via Unified Portal.
  • Non-code implementation: Because implementation doesn’t require any code, it is convenient.
  • High availability and reliability: The solution is engineered to provide users with availability and reliability they can depend on.

Axiad Cloud Benefits

There are many benefits to implementing Axiad Cloud. Some of the biggest advantages the solution offers include:

  • Empowers users across the enterprise: Axiad Cloud helps ensure employees can access what they need, when they need it, and without business disruption for optimized workforces.
  • Enhances cybersecurity posture: The solution is designed to prevent phishing-based attacks with systematic policy application and enforcement. It also assists with Zero Trust via consistent authentication.
  • Optimizes administrative processes: With Axiad Cloud, you can streamline processes for administrators and help desks, thereby lowering total identity security costs across your entire organization.

Reviews from Real Users

Axiad Cloud is a solution that stands out when compared to many of its competitors. Some of its major advantages are that it has multi-factor authentication to help save companies time, it’s flexible, and easy to use.

A Sr. Manager, Training Services at a transportation company, says what he finds most valuable about the solution is that “Users enroll themselves and re-enroll tokens when they expire, saving us time.

Users also like that the solution helps eliminate the challenges of running and managing a PKI environment. “One of the things that we find the most valuable is not actually a feature, but it's the fact that we are not managing the environment ourselves. Because it is a managed solution in the cloud, it takes away a lot of the drudgery of having to run our own PKI environment,” mentions Tony V., Director of Information Technology Services at a government.

Another PeerSpot user expresses how it’s improved work for his staff: “Our associates are very happy not to need their password for most situations anymore. "It's very user-friendly. We're issuing YubiKeys for our corporate users and they just plug it in, go to the Axiad Cloud portal, and click the issue button. It's a couple of steps,” says Dave P., Enterprise Security Architect at a retailer.

Axiad Cloud Video

Axiad Cloud Pricing Advice

What users are saying about Axiad Cloud pricing:
  • "It's very cheap on a per-year basis. The cards themselves last about three years and the license is on the order of double-digit dollars per user, and not hundreds of dollars per user, per year."
  • "Don't just focus on the hardware or software costs of acquiring a solution, but look at it from the perspective that so much of what it takes to run a PKI environment has to do with the people who are running it.... look at the total cost of ownership and not just the cost of acquisition."
  • "Axiad's pricing was what we were expecting. It was at the right spot. They were competitive."
  • "The pricing is very competitive for what is offered at the level that we need. They are right there with what the industry standards are. They tend to be a little bit less, in terms of cost, when we are talking about security at government standards. So, I would say that they have a slight advantage on cost compared to the industry average. They are the lower cost solution and the best bargain out on the market today."
  • Axiad Cloud Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Sr. Manager, Training Services at a transportation company with 10,001+ employees
    Real User
    Top 20Leaderboard
    Users enroll themselves and re-enroll tokens when they expire, saving us time
    Pros and Cons
    • "What I have found most valuable is the overall way Axiad listened to our problems and helped us solve them. They provided guidance and expertise, with their experience, that enabled us to be successful in a very challenging space."
    • "I'm looking forward to seeing how they move to FIDO U2F as their primary authentication method across all of their solutions."

    What is our primary use case?

    The main use case is to register and manage smart cards for all of our users. We have investigated using Axiad for other forms of multi-factor, but haven't had the time to implement those projects yet.

    How has it helped my organization?

    A great example of how it has helped our organization is as a result of our partnership with them and implementing multi-factor authentication for all of our users. Eight months after implementation, we started to see a decline in help desk calls for security issues, to the point that the number of calls about our multi-factor solution is less than our historical number of password-related calls.

    We've enabled all of our users, except for our administrative users, to enroll through self-service tools, all the way up to our executives. We felt so comfortable with the solution that they're enrolling themselves and re-enrolling their tokens when they expire.

    Another benefit is that it has definitely saved us a lot of time. The money savings come into play through the reduction of risk and having a simpler method for our users to authenticate. There is no more changing of passwords, there are no more expiring passwords, and we no longer have to rely on users for the security of our authentication tokens by forcing them to choose appropriate passwords.

    What is most valuable?

    What I have found most valuable is the overall way Axiad listened to our problems and helped us solve them. They provided guidance and expertise, with their experience, that enabled us to be successful in a very challenging space.

    Also, our users required almost zero training once they were in the Axiad portal.

    We are using Axiad for workstation, cloud, as well as our web single sign-on and our VPN access. They've covered everything.

    What needs improvement?

    We've sat down with them multiple times to discuss things they could do better, and they've done them. I'm looking forward to seeing how they move to FIDO U2F as their primary authentication method across all of their solutions.

    Buyer's Guide
    Axiad Cloud
    March 2023
    Learn what your peers think about Axiad Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    686,748 professionals have used our research since 2012.

    For how long have I used the solution?

    We have been using Axiad Cloud for just over four years.

    What do I think about the stability of the solution?

    The stability is excellent; no issues.

    What do I think about the scalability of the solution?

    The scalability is also excellent.

    We have in the neighborhood of 20,000 users, from clerks through to our CEO. It's used by the entire organization. The only increase in use will be through growth.

    How are customer service and support?

    The technical support is very good. We haven't had a lot of problems, but when we have had something, we have gotten engagement from them. 

    If it's a large problem, we typically see a very short turnaround. If it's a problem that is more of an inconvenience or we're looking for a report, we usually see that taken care of in the normal lifecycle of the product, in the next upgrade or a future version.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We had a number of different point solutions for multi-factor, and we've now consolidated on Axiad's solution.

    We are an older organization and we had always relied on usernames and passwords. The move to MFA not only required changes to technology, but the solution had to be robust enough to remove friction that might be caused by requiring our users to change behavior.

    How was the initial setup?

    Since we're on-premises, the setup was really complex. We had to build infrastructure underneath. The Axiad part of the solution was implementing the credential management, and that was relatively straightforward, but the overall integration was complex. Having their expertise engaged was really how we got through it. 

    We have a specific flow, a manual process, when it comes to authentication, following the NIST standard for identifying our users. We force them to show government credentials to identify themselves before we'll issue credentials. My team takes care of that for our users.

    But I've walked through the deployment of Axiad Cloud, and it's a very different experience. That infrastructure isn't required, the certificate authority and the hardware HSMs aren't necessary. It takes a lot of the complexity out of the equation when you just use their native cloud offering.

    The deployment of the technology for us, being on-premises, took about four months. We took a risk-based approach. We started with the users with the most access and ended up rolling out to the entire organization over about a two-year period.

    The deployment was done by a team of four within our organization and maintenance is about half of one FTE.

    What about the implementation team?

    Any multi-factor implementation involves a complex set of technologies. The Axiad solution made it easier, but it really was due to their help in implementing it that we were able to solve a lot of difficult problems. Without them, our project timeline would have been much longer.

    Their professional services had a guide and we worked with them to follow that, implementing things based on available standards. When we were done with the implementation, a second representative from Axiad came in and audited the work of his peer from Axiad, along with our team's work, to ensure that we met the requirements that we documented before the start of the project and that we followed best practices and written standards.

    What was our ROI?

    ROI in the security space is always a challenge. I would liken security programs to insurance policies, so a set ROI is probably not achievable. It would not fully recognize the value of reducing risk in the org. We could quantify how many fewer tickets and how much less help desk time we're using, but that would ignore that reduction in risk.

    The overall risk reduction and ease-of-use have been our two, longer-term returns on our investment.

    Which other solutions did I evaluate?

    We have a rigorous supplier process that we have to follow, and we put out a request for proposal. Axiad won that and we then went through the implementation with them.

    Axiad's price was very competitive and the solution they proposed was based directly on our requirements and customized to our needs. The other vendors were all selling something of a turnkey, "Here's what you get and make it work" type of solution. Axiad was the opposite: "We're going to make it work for you," which was awesome.

    The only con is that they are a small, but growing, organization. For a large enterprise, sometimes the viability of an organization is a concern. But it was about five years ago that we started talking with them, and four years ago when we started implementing. They've shown that they have some staying power.

    What other advice do I have?

    It's really about ease of use and focusing on your users. Security is always paramount, but if you give people something that is secure yet hard to use, they're going to find ways around it. With the solution we have been able to give our users, I see a lot of happy users, and our adoption is such that I don't see users trying to circumvent our processes.

    If someone were to tell me they've deployed multi-factor authentication for most of their use cases but not all of them, I would say that multi-factor is the best control to stop initial access in the attacker lifecycle. If done correctly, the long-term impact to users becomes a positive. If people are hesitating based on the concern that users won't like it or it's hard to use or implement, what we have found is that as long as you have support from management, you can get it done and you can prove to users that you can do it in a way that it's useful to them.

    The Axiad Cloud Airlock feature wasn't available when we first implemented the solution, but we're investigating its use. Our main use case for it would be to do some additional programming on our security tokens when the users first register them.

    The solution is a critical security control for our organization. It has visibility at the board level and is visible to every one of our users, yet it is very unusual for me to hear a negative about the Axiad solution that we've implemented.

    I work with very few vendors that I don't have some kind of suggestion for on how they could improve, but Axiad is one that just provides a great solution. And they continue to grow that solution to do more, but they covered all of our use cases.

    Using Axiad, I have learned that there are organizations out there that are engaged in helping their customers be successful on this journey. The proposal they gave us was really built around our requirements and not just, "Here's a solution." That was key to our being successful: understanding our business, understanding our use cases, and catering to those aspects. I have really seen success in this space, one that some of my peers have found it very difficult to be successful in.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    Flag as inappropriate
    PeerSpot user
    Damon Becknel - PeerSpot reviewer
    Vice President, Chief Information Security Officer at Horizon Blue Cross Blue Shield of New Jersey
    Real User
    Leaderboard
    Native solution built into OS, so we don't worry about compatibility issues when Microsoft or the vendor runs an update
    Pros and Cons
    • "The solution has also saved us time by having end-users troubleshoot issues through the MyCircle feature, and has definitely reduced the efforts of our administrators. It is saving us five to 10 minutes per incident."
    • "macOS is notoriously ever-evolving and it's difficult to keep pace with it as it pertains to certain kinds of crypto authentication. That's really not even on Axiad. That's a decision by Apple, but it makes it a moving target."

    What is our primary use case?

    We use it for internal employees and our contingent or contractor workforce. We extend it, additionally, to vendors who are entities that are completely offsite but not full-time contractors and who still need periodic access to the environment. 

    Our primary use case is for multi-factor authentication through VPN, as well as for local endpoint access and VDI. A more limited use case is for additional digital signatures or encryption, code signing and digital signatures for documents and for email, and for email encryption.

    We use the solution for managing the cryptographic credentials for everyone on staff. Authentication is a process that the credentials are used for. Axiad is not controlling our authentication, they escrow and provide the certificates to support authentication.

    They run the backend in a cloud. It's extended to us via a lockdown connection. They do all the administration and we're the front-end user. From a usability perspective, we load keys onto their smart cards or onto YubiKeys, which are something like a USB version of a smart card.

    How has it helped my organization?

    The really slick part of smart card authentication is that it's native. All too many of these modern authentication systems require additional software in your authentication environment. What attracted me to smart cards is that it's flat-out native. It just works. It's built into the operating system. You're not having to worry about compatibility issues when Microsoft runs an update or when the vendor runs an update. It's built-in yet very easy to use.

    It's also a fast solution. Everyone has been in the position where they have had to type their username and then type their password, and that password is likely rotating and rather long and cumbersome. Because of all those factors just typing in a user password might take someone 20 to 30 seconds. Whereas because of the way a smart card is built and how the credential works, we're able to simplify that to a PIN . When you insert your card and you have to type your PIN, it's a completely numeric PIN that is much easier to remember. And it doesn't rotate as often because you don't have the issue of storing a password hash or the issue of having that password hash become compromised. There is no way to get the PIN off the card. It doesn't exist there. So we don't have to rotate PINs at all. It can be a lot weaker and just be numeric. Inserting your card and typing your PIN may take 10 seconds, and five if you're fast. When we rolled this out six or six and a half years ago, it was applauded by the users because it drastically reduced authentication time.

    The solution has also saved us time by having end-users troubleshoot issues through the MyCircle feature, and has definitely reduced the efforts of our administrators. It is saving us five to 10 minutes per incident.

    What is most valuable?

    We have some self-imposed restrictions. We want to make sure a card is being issued to the right person so they go through a lot of validation steps. We don't want something as secure as a smart card being issued in one click. But the number of steps is as minimal as it can be and as easy to use as you would hope it would be, but it's certainly more than one click. Still, it takes seconds to enroll a user. It's quite quick. You select the user and say "enroll." But then there's the other side of that, which is the user activating their credential. Generating the certificates for the user is incredibly easy, but deploying those users' certificates requires a little more involvement because you want to make sure it's the correct user pulling the credential loading it into the card. Overall, it's intuitive and simple.

    What needs improvement?

    It's rare for me not to have a lot to say about room for improvement in products we use, but with Axiad Cloud there isn't a lot to say. However, macOS is notoriously ever-evolving and it's difficult to keep pace with it as it pertains to certain kinds of crypto authentication. That's really not even on Axiad. That's a decision by Apple, but it makes it a moving target.

    For how long have I used the solution?

    I've been using Axiad Cloud for between six and six and a half years.

    What do I think about the stability of the solution?

    It's been flawless since we've had it.

    What do I think about the scalability of the solution?

    Having used it in other environments, I can tell you it scales globally and to several million. It's incredibly scalable.

    We currently have between 10,000 and 12,000 users, covering every single internal employee and contractor.

    Which solution did I use previously and why did I switch?

    We didn't have a full-scale previous solution. We used RSA SecurID on a limited basis. We switched because we needed multi-factor for all users, and we wanted to consolidate physical and virtual access into one token.

    How was the initial setup?

    The initial setup was incredibly straightforward. We went from proof of concept to production deployment in 45 days.

    Our implementation strategy was to have all local and VPN users off within six months.

    For maintenance of the solution, there's the printing of the cards which is a periodic task for one person. The facilitation of the issuance and backend management, et cetera, is a part-time role. But to provide resilience, we have three or four people involved, part-time.

    What about the implementation team?

    We used Axiad’s service and customer care for deployment. Their support for our deployment and for helping us to comply with compliance and security requirements were outstanding.

    There are a lot of design parameters to consider when looking at certificates and they were very thorough in outlining the pros and cons of each design parameter. They helped us step through things and made recommendations to try to simplify it. They provided recommendations on configuration features for the endpoints themselves. It was clear they had done this numerous times before and were able to share any potential wins that we could anticipate.

    Overall, it was very seamless and they were very knowledgeable in simplifying the process.

    What was our ROI?

    With any security technology, I don't know if there is ever a return on investment. It's more a matter of risk reduction through investment. You're not going to make any more money because you're more secure. But you're not going to lose money because you are not secure. By that calculus, we have absolutely easily recovered our investment costs based on how we've reduced our risk posture.

    What's my experience with pricing, setup cost, and licensing?

    This is the first multi-factor solution that we have leveraged so it hasn't saved us money, but it is incredibly low-cost for what we're getting. 

    It's very cheap on a per-year basis. The cards themselves last about three years and the license is on the order of double-digit dollars per user, and not hundreds of dollars per user, per year.

    Which other solutions did I evaluate?

    We looked at a number of options for how we could do user credentials. At the time, there was a NIST guide, 863 or 863-2, that had different levels of authentication. Username and password were level one. Username and password, plus an RSA soft or hard token that required no additional authentication were level two. At the time, smart cards and one other technology were alone at the highest level of reliance. Axiad Cloud was really standing alone as one of the most secure options for providing a credential at time of authentication.

    One of the other solutions we looked at was an inferior card type. Rather than being certificate-based, it was RFID, which has no security and the software flatly did not work.

    What other advice do I have?

    My advice would be to read up on how public key infrastructure works and then look at extended use cases for going through that process, where you inherit digital signatures and person-to-person encryption.

    The only device we have from Axiad is the card technology. The solution's life cycle is really transparent. They run impeccable security with highly restricted access and the access management from their side is incredibly tight as well, particularly based on their growth through the Department of Defense. A card stock is a card stock and its life cycle is about three or four years.

    Axiad Cloud helps enable passwordless authentication for every use case, including workstation login, VPN, and cloud applications. The cloud does more than what we leverage. We use it for certificate-based authentication purposes. They do support push notification as well, we just don't leverage it. Our use cases are local and VPN, and it's all certificate-based.

    The biggest lesson I've learned from using the solution is that security doesn't have to be difficult.

    It's a key part of our security posture. It's incredibly important.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    Buyer's Guide
    Axiad Cloud
    March 2023
    Learn what your peers think about Axiad Cloud. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    686,748 professionals have used our research since 2012.
    TonyVentura - PeerSpot reviewer
    Director of Information Technology Services at a government with 1,001-5,000 employees
    Real User
    Top 10Leaderboard
    Eliminated the drudgery of having to run our own PKI environment
    Pros and Cons
    • "And when it comes to enrolling a user, it's super easy with One Click Issuance... It's so easy now that we can offload the process to our clients who can self-enroll. Previously, we would have to do the enrollment process because it was so complicated."
    • "We would prefer that the solution be hosted in Canada because we're a Canadian entity. That would be nice to have. It's not a feature, as such, but it would really make us a lot happier if it could be located in Canada."

    What is our primary use case?

    Our primary use case, and the reason we initially bought the solution, was to migrate our on-premises PKI environment into Axiad Cloud, and move all of our certificate management.

    We have about 3,200 smart cards in the form of E-tokens, which have a PKI certificate on them. We have been managing them through our own PKI but we're moving that to Axiad. We have another 4,500 machine certificates for desktops, laptops, and servers, that we are also moving to Axiad.

    Axiad is a private instance in a public cloud.

    How has it helped my organization?

    There are so many ways it has improved the way our organization functions. One is the fact that it has allowed us to enable a self-service password reset. Typically, our biggest service desk volume, about one-third of our calls, was related to authentication-specific issues with expired certificates or not being able to provide a challenge-response, or forgetting passwords. A lot of that stuff is now automated and democratized in the product so that users can do those things themselves.

    The last time we did a token refresh, we literally had to provision 3,200 E-tokens. We had someone sitting at a desk all day every day for about three weeks to provision all of them. And then we had to take a high-touch approach to send somebody out with a box full of tokens and hand them out to people, sit them down and have them change their password for the first time. Now, our approach is much different. We send blank tokens to people with instructions. They log in and do it on their own. It's a complete change from a full, high-touch IT involvement to a much more cost-effective and resource-effective, low-touch self-enrollment.

    Axiad has saved us time, for sure. Just in the provisioning process it has saved us at least 200 hours, and that's a conservative estimate for one person and one part of the life cycle.

    And while I'm a little reluctant to use words that have big meanings, like "every use case," Axiad overwhelmingly helps enable passwordless authentication for workstation log on, VPN, and cloud applications.

    What is most valuable?

    One of the things that we find the most valuable is not actually a feature, but it's the fact that we are not managing the environment ourselves. Because it is a managed solution in the cloud, it takes away a lot of the drudgery of having to run our own PKI environment.

    And the product has proven itself to be incredibly flexible and has been able to address all of our pain points. That's why we bought it. And even while we've been going through it, new pain points or challenges keep coming up, and Axiad has been able to deal with all of them. It was very impressive in terms of its utility right from the get-go, and has shown its ongoing utility when we have reached these catch points, issues it has been able to resolve.

    And when it comes to enrolling a user, it's super easy with One Click Issuance. It's far easier than the solution we replaced. I haven't put a stopwatch on it, but I'm sure it takes less than a minute with Axiad, whereas before it was taking three to five minutes. It's so easy now that we can offload the process to our clients who can self-enroll. Previously, we would have to do the enrollment process because it was so complicated.

    In addition, it's super simple for deploying and managing authentication devices. Our IT department is rather small, so all the incremental wins that we can get are hugely important to us.

    What needs improvement?

    We would prefer that the solution be hosted in Canada because we're a Canadian entity. That would be nice to have. It's not a feature, as such, but it would really make us a lot happier if it could be located in Canada.

    For how long have I used the solution?

    We've been in a relationship with Axiad for about 18 months.

    What do I think about the stability of the solution?

    I haven't heard of any stability challenges.

    What do I think about the scalability of the solution?

    I believe it's scalable, absolutely. We're relatively small in the grand scheme of things. Even our biggest use case is probably really small compared to other agencies, but I have no concerns.

    At this point we're about one-sixth of the way through our deployment of the Axiad Cloud solution. That means we're not at a point where we can say we've eliminated or even greatly reduced the issues that it's addressing, because of the small deployment numbers. But we certainly see the ease of use at this point. We expect to get to 100 percent deployment, and we are looking for future use cases to help amalgamate platforms.

    How are customer service and support?

    From what I have heard, the support has been outstanding.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Our old solution was SafeNet Authentication Manager and the way it was architected and built wasn't very good to begin with. It wasn't ever a very modern product, even when we first bought it. We also made the switch because SafeNet was end-of-life and because the vendor was getting out of that space. We were never really thrilled with them, but we didn't have a lot of choice, so we stuck with them.

    Whereas Axiad is built with the most modern approaches and it works super fast because it's well designed.

    Our old solution was cumbersome and inflexible. There were a lot of problems that we just had to live with because there was no way to address them. We were using it largely because 90 percent of services like ours in Ontario were doing the same thing. It was a necessary evil and we adopted it because there was no better option seven or eight years ago when we bought that solution.

    How was the initial setup?

    The initial setup of Axiad was very straightforward. It's a very guided process. Everything is there for you out-of-the-box. I believe it was set up in one day. There's not a lot of complexity to it. PKI is a complex thing to begin with, but what's great about Axiad Cloud is that the complexity has been hidden behind the beauty of the software.

    Our implementation strategy was to first stand it up in a proof of concept, but we stood it up in the same way that we would eventually migrate it to production. We played around with it, played with the features, and simulated workflows. Then we slowly started to roll people into it. We then adopted that PoC environment as our full, final production environment.

    Ongoing maintenance has been relatively low so far and I don't expect it to grow very much. Because it's a managed solution, it requires a fractional FTE.

    What about the implementation team?

    I think we used a little bit of Axiad’s customer care for deployment, but it was so simple that even that engagement wasn't very long.

    What was our ROI?

    We have seen a soft return on investment in the reduction in staff time and complexity.

    What's my experience with pricing, setup cost, and licensing?

    Aside from the pricing of a solution, people need to look at the true costs of running their own PKI. Don't just focus on the hardware or software costs of acquiring a solution, but look at it from the perspective that so much of what it takes to run a PKI environment has to do with the people who are running it. Consider how big a challenge that is and how much time and complexity there is, and the room for error. In short, look at the total cost of ownership and not just the cost of acquisition.

    Which other solutions did I evaluate?

    We looked at a few options, including doing things ourselves by running our own PKI, but that is costly and very complex. We couldn't find any solutions that met our needs other than Axiad.

    What other advice do I have?

    The biggest lesson I've learned using Axiad Cloud is that it has really helped to highlight some of the mistakes we made in the past. In particular, we made the mistake of deciding to do PKI ourselves, rather than outsourcing it and doing it this way via a managed service.

    These days, anyone who is not using multifactor authentication likely cannot demonstrate due diligence or due care in their cyber program. Everyone needs to be doing multifactor.

    It's been so good that even the new challenges that we've had have already been addressed by the product. It seems to be very well thought out. Are we going to encounter something where it could be better? Probably. But as of right now, it has been able to handle any problem that we have thrown at it.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    Enterprise Security Architect at a retailer with 10,001+ employees
    Real User
    Top 20Leaderboard
    Our associates are very happy not to need their password for most situations anymore
    Pros and Cons
    • "It's very user-friendly. We're issuing YubiKeys for our corporate users and they just plug it in, go to the Axiad Cloud portal, and click the issue button. It's a couple of steps."
    • "There are just some minor tweaks that could be made on the front end. It would be cool to have nicknames for authenticator devices. If you have more than one, it's hard to discern what you have."

    What is our primary use case?

    We're using it to back a multifactor authentication project. We are using it for the PKI on smart cards as well as YubiKeys.

    We're still in the beginning stages of the rollout, but Axiad Cloud will make us more compliant and secure. We need to use it to comply with certain regulations.

    How has it helped my organization?

    The solution helps enable passwordless authentication for everyone, in every use case, including workstation log on, VPN, and cloud applications, and that is a big driver for what we're doing. Our associates are very happy not to need their password for most situations anymore.

    It also empowers users to self-issue their authenticators and manage them over time and that's important to our organization. We don't want a help desk ticket every time somebody needs to issue a new authenticator or change one. The more that the users can do themselves, the better.

    The self-service capabilities are certainly an aspect that will assist in saving time and money, and the Airlock feature will do so in the future. Along those lines, the MyCircle feature is one we'll roll out as well, to save time.

    What is most valuable?

    It's very user-friendly. We're issuing YubiKeys for our corporate users and they just plug it in, go to the Axiad Cloud portal, and click the issue button. It's a couple of steps.

    It is also the single platform to manage all the authentication requirements for our staff for smart cards and YubiKeys. And we're also going to extend it over the next couple of months to back our entire PKI. We have an internal one today, but we liked how Axiad worked with the multifactor project, so we're going to move our entire internal platform over to them as well for certificate-backing.

    Axiad also does a great job with device lifecycle management. It seems to be as good as it could be.

    What needs improvement?

    There are just some minor tweaks that could be made on the front end. It would be cool to have nicknames for authenticator devices. If you have more than one, it's hard to discern what you have.

    Overall we've been very satisfied. I don't really have many critiques for the product at this point.

    For how long have I used the solution?

    I've been using Axiad Cloud for about six months.

    What do I think about the stability of the solution?

    The stability is great. We haven't had any issues with the stability. It's always been up.

    What do I think about the scalability of the solution?

    The scalability seems very good. That's more of a to-be-determined issue as we scale our user side, but we haven't had any issues so far.

    Right now, we have about 50 users on it. By the end of the year, we hope to have about 30,000 users on it. We are going to rapidly increase usage over the next few months.

    How are customer service and support?

    Technical support has been very responsive. Their CEO will actually personally reach out to me every couple of weeks and ask how things are going or if we need anything. I haven't experienced something like that in my 10 or so years in IT, where a CEO will get so involved in ensuring that a rollout is a success.

    The company, Axiad, is a great partner. If we have any issues or if we want a feature, they're usually pretty good about getting it. Our SSO provider is PingFederate and we asked, "Hey, can you guys do an integration with Ping?" They said, "Yeah," and it was done about two months later. And then we asked them to integrate with Venafi, which is a PKI certificate provider and they said, "Okay, we'll do that too." They're very flexible and accommodating to the use cases that we have as a company.

    Overall, I would rate their tech support a nine out of 10. I take one point off because sometimes it has taken them a while to figure out what's going on and fix it. But they're great otherwise, extremely responsive.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup was about what we thought it would be. It's not extremely simple, but it's also not extremely complex. It's in the middle.

    There is some configuration that you have to do on your Active Directory. We followed all of their instructions and we still weren't able to get it to work. We had to involve some Microsoft support folks and we were finally able to get it working. Looking at what was needed, it should have been fairly obvious to us, to get it set up immediately. It's not super-simple but it shouldn't be complex.

    The deployment took a couple of months to get everything set up and rolling. We still haven't scaled it. If you really had all your ducks in a row, it could be done in under a month.

    Getting users enrolled with the One Click Issuance is fairly straightforward. The tricky part is getting all of the software prerequisites installed, but that's on the IT side of the house, for us to make sure that stuff is there before the user wants to issue a certificate. But once all of the software prerequisites are installed, it is truly a One Click Issuance and very straightforward. The actual One Click process takes about 30 seconds. It's very quick.

    For maintenance of the solution you need one person, if that. There's not much work there on our side.

    What about the implementation team?

    We used Axiad’s service and customer care for deployment and they were awesome. That was one of my favorite parts. We had a guy named Doug who was our contact for the rollout and we were on calls with him and emailed with him every day. He's been really awesome.

    What's my experience with pricing, setup cost, and licensing?

    They charge you to use their virtual private cloud. That's a set cost per year, and they charge you a licensing fee per user on top of that.

    Which other solutions did I evaluate?

    We haven't purchased any other solution but we went through a long process to find the best player out there for our needs. We've tested other platforms but Axiad was certainly the best one that we tested.

    One we tested was HID, but they didn't have the feature set we were looking for. We wanted a cloud provider but HID was mostly on-premises. They do have a very early-on cloud offering, but it's not nearly as feature-rich as Axiad. The European solution that we tested was Nexus Group PKI. They had the capabilities, but their user experience wasn't as good. Axiad was the best of both worlds, with the features and the user experience we wanted.

    When it comes to the One Click Issuance, those other solutions took slightly longer. Once you have the software on the devices, it's between 30 seconds and a minute for any of those solutions. It's a matter of how you get the users there and what their experience is like through that process. Axiad does that very well.

    In terms of pricing, HID came in quite low because they were trying to get our business. They're just starting off in the cloud space and they're trying to attract customers. Axiad's pricing was what we were expecting. It was at the right spot. They were competitive.

    What other advice do I have?

    Axiad has been great. Make sure you take a look at it if you're looking for a cloud PKI provider or for cloud certificate management.

    If someone has deployed multifactor authentication for most of their use cases but not all of them, I think it may be hard to switch. In that situation they should certainly take a look at Axiad, but they need to be careful because it might be more to bite off than they want or than they can handle.

    We haven't really had any major issues with Axiad so far, and they've provided anything that we've wanted. They have honestly been one of the best vendors we've worked with. We've had a great experience with them so far and they've really exceeded expectations.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    Eric Brown - PeerSpot reviewer
    Cybersecurity Director - Enterprise Identity & Access Management at a computer software company with 10,001+ employees
    Real User
    Leaderboard
    The day-to-day tasks, running the servers, and making sure that everything is patched is all handled by the platform
    Pros and Cons
    • "Aside from Active Directory, anything that is a multi-factor platform is handled through Axiad Cloud. It is critical for helping to enforce usage of authentication devices across our organization."
    • "I would like a more modern look to the portal."

    What is our primary use case?

    We are using it for PKI and multi-factor authentication through push notifications and OTP tokens.

    How has it helped my organization?

    The added security has helped us mitigate quite a few breach attempts since the system was implemented.

    We are able to realize the effectiveness of our SOC using the platform. Through their analytics, we have found indicators of attempted compromise. The fact that they weren't able to get in because multi-factor was enforced has definitely been advantageous.

    At this time, we have not fully deployed a passwordless platform. We are still partnering with them to do this on the actual individual endpoints. However, for our external access, it does help enable passwordless authentication quite well for everyone and every use case, including workstation logon, VPN, and cloud applications. It is very well-received by our users. This is important for us because that is what we are moving towards. 

    It enables users to self issue their authenticators and manage them over time in a single pane of glass in a simplified platform.

    What is most valuable?

    The most valuable feature is the overhead management of the platform. There is less for my team to worry about. The day-to-day tasks, running the servers, and making sure that everything is patched is all handled by the platform. We just consume the service and work with them to refine it, making it even more valuable.

    Aside from Active Directory, anything that is a multi-factor platform is handled through Axiad Cloud. It is critical for helping to enforce usage of authentication devices across our organization. One of our requirements to continue some of our contracts is to have multi-factor authentication across all devices accessing the network.

    It is extremely easy to enroll a user with “One Click Issuance”. I have had very few calls to the service desk regarding enrollment. It takes a couple of minutes to enroll a user with "One Click Issuance".

    Deploying and managing authenticators is very easy, either done by a mobile application or enrollment of an OTP token. It is very simple. This is important to my userbase, which makes it important to me.

    Functionality-wise, it is pretty solid.

    What needs improvement?

    I would like a more modern look to the portal. 

    For how long have I used the solution?

    I have been using Axiad Cloud for four years.

    What do I think about the stability of the solution?

    It is very stable. In the past four years, we may have experienced a total of 60 minutes of downtime, which is not much.

    What do I think about the scalability of the solution?

    It scales seamlessly. In the mornings, when we have our highest user load, the system scales by itself in the back-end to handle the increased user load. Then, during the day, it scales back down to save resources.

    We are at 35,000 to 40,000 users. The solution is used and heavily integrated with all our multi-factor authentication entryways. We have plans to expand it to other devices and other platforms as well.

    How are customer service and support?

    The tech support is top-notch. They really know their stuff. The customer service is just as good. They are very polite and pleasant to deal with.

    The tech support is very solid. Whenever we have had an issue, whether it is connectivity or other issues, they are pretty proactive in reaching back out to us. This is sometimes before we even know that there is an issue, letting us know that it might be something on our end or that they are working on something on their end that is unexpected. Therefore, they are very proactive.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Before Axiad Cloud, it used to take 10 or 15 minutes to enroll a user using the HID platform.

    We have a long-standing relationship with Axiad. They helped us deploy the original HID solution. Then, we wanted something that was easier to use. That solution was all on-prem. We wanted something cloud-based that had higher resiliency and less administrative overhead. That is where we made the switch to Axiad Cloud.

    How was the initial setup?

    Anything multi-factor being integrated into an existing environment is complex. However, working with Axiad, it was relatively easy for my team to partner with them and get this deployed in a little over a month for about 30,000 users.

    What about the implementation team?

    We used Axiad’s service and customer care for the deployment. They were fantastic. They know the regulations just as well as we do. When you are speaking the same language, it just makes everything that much easier.

    What was our ROI?

    We have gotten the value that we were looking for with a simplified user experience. It took us three months from the beginning of the deployment to see this value.

    It has driven down the number of our calls. This, in turn, saves labor hours on both our service desk and on the users. At this point, our calls to the service desk for multi-factor have dropped by about 35%.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is very competitive for what is offered at the level that we need. They are right there with what the industry standards are. They tend to be a little bit less, in terms of cost, when we are talking about security at government standards. So, I would say that they have a slight advantage on cost compared to the industry average. They are the lower cost solution and the best bargain out on the market today.

    There is just the regular purchasing of new hardware tokens, if we run out.

    Which other solutions did I evaluate?

    We looked at other options for PKI issuance with some of the other big players, Duo and Okta. However, we just felt that the level of security provided by Axiad was superior.

    What other advice do I have?

    Don't think twice about it. It really is a solid platform and well worth the money you spend. The technical expertise behind the team is top-notch. I would recommend them in a heartbeat.

    I would tell someone who has deployed multi-factor authentication (MFA) for most of their use cases, but not all of them, "Hurry up and finish."

    We have not deployed MyCircle yet.

    I would rate this solution as 10 out of 10.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user