What is most valuable?
The most valuable feature of the solution is the granular control of identity and access in terms of giving access based on additional context and authentication context. For example, the tool has conditional access policies, like identity protection, which is time-based access given to the administrators so that they can perform any administrative control or configuration that is time-bound, and it automatically expires according to that flow. There is also identity governance, so the tool has quite interesting identity-related features that are quite robust in protecting many enterprise client decisions.
What needs improvement?
So far, the tool has been good. I have dealt with our company's clients' technical and functional requirements. So far, the tool has always serviced all our needs, so I don't see any shortcomings in it.
The challenge in the tool was related to hybrid connectivity, like with Azure AD Connect, which I now think is Microsoft Entra ID's predecessor. Azure AD Connect was replaced by Microsoft Entra ID. There were many issues with the tool's sync process. During the configuration of networks, the process was quite resource-intensive. I think Microsoft understood the concerns of the users associated with the tool, and that is why it released a new kit into the block, like Microsoft Entra Cloud Sync, to replace its shortcomings. Microsoft Entra Cloud Sync is for enterprises that would love to have hybrid configurations.
Microsoft Entra ID Protection needs to offer better hybrid connectivity to users. There are two products under Microsoft Entra ID, which are like brothers or cousins, and I feel that matching them up should not be an uphill task for us, like when we have a scenario where we try to integrate with a tool from a different vendor through APIs and so many other configurations that need to be done. The tool can just unify and make the process as quick as possible with a few clicks to deal with the configuration.
I want the tool's licensing model to be made easier.
For how long have I used the solution?
I have been using Microsoft Entra ID Protection since 2017. I work with Microsoft Entra ID Premium P2 Tier.
What do I think about the stability of the solution?
Stability-wise, I rate the solution as a seven out of ten.
There are outages with the tool, especially when you want to receive the authentication code. It takes time because of the system outages from Microsoft's end. These are issues that don't occur frequently, but we usually experience them intermittently.
What do I think about the scalability of the solution?
It is a scalable solution and a cloud-native application. With the tool's scalability features, you can easily scale in and out. Scalability-wise, I rate the solution an eight out of ten. If you don't require licenses, you just don't get it. If you need more licenses, you buy accordingly.
My company deals with a client base of 2,000 people. The tool offers the basic protection element that every product comes with nowadays. Actually, the best option is the premium tier of Microsoft Entra ID Protection that is available, but I don't know how Microsoft categorizes the ones that don't have the premium tier plan. I believe the ones without a premium tier get standard protection. With the premium tier, there are around 150 people.
I deal with clients ranging from SMEs to large enterprises.
How are customer service and support?
The solution's technical support offers great assistance to users. Sometimes, instead of assisting you, they just send you links to go and read by yourself, making it an area that I find to be a bit low. I rate the technical support a nine out of ten.
How would you rate customer service and support?
How was the initial setup?
The product's initial setup phase is not easy. The tool comes with a technical white paper that offers support and guidance to walk you through the process. From one to ten, if one is difficult, I rate the product's initial setup phase as a seven.
The solution is deployed on the cloud, but the hybrid scenario requires both cloud and on-premises models.
The solution deployment time depends on the client. In general, the deployment time depends on the size of the enterprise or the company. For a company of 300 people, it takes at least two months and, at most, three months. For an enterprise with 300 to 1,00 or 2,000 people, the deployment takes six months.
For the deployment, we normally have a project structure that has some scope of work to be undertaken for a particular deployment in a project. There is a need to enter into the project planning, structure, or environmental assessment, the actual deployment phases, the validation and test phases, the user acceptance phases, the onboarding phase, The test onboarding stage, the pilot onboarding, and then the development of the tool for everybody. Finally, there is the port deployment and similar stuff.
What's my experience with pricing, setup cost, and licensing?
From one to ten, if one is cheap and ten is expensive, I rate the tool a seven out of ten. Depending on the value that we pitch for a particular solution, I rate the price as seven out of ten because I want someone to tell Microsoft to stop complicating the licensing model for all the tools, as it is really confusing.
It is not a cheap tool.
What other advice do I have?
During authorized access, the multi-factor authentication and the conditional access policies are good. Both features are largely associated with monitoring and preventing risks.
I don't think I see any competitive vendor or product currently in the market that can give everything that Microsoft Entra ID Protection offers.
I rate the tool a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
*Disclosure: My company has a business relationship with this vendor other than being a customer: msp