Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
$6
per user/per month
SailPoint Identity Security Cloud
Score 9.0 out of 10
N/A
SailPoint Identity Security for the cloud enterprise manages risk from the explosion of technology access. The solution gives businesses visibility while automating and accelerating the management of all user identities, entitlements, systems, data and cloud services.
Google Workspace is really pretty much the only other primary competitor. And again, Microsoft has just been the standard for so many years and it was in place at the organization when I was first brought on at the beginning of my tenure. And so it didn't seem logical to switch …
Yeah, so basically that product to be honest, was more of a getting comfortable with cloud identification management. So that was a product I used. It has all the policies for desktops and doing updates and all that central directory identity provisioning stuff for users. Users …
We use DUO as another IDP solution and we also evaluated Okta as a solution. We didn't have a choice to be honest, because Microsoft products, you can't get away with it, but it's built in and a bunch of other providers have it as authentication, so it's great.
We've used other Microsoft products and we've also used some standalone products, like each application you can have its own identity, so we've looked at some of those too, but we try to use the Entra ID as much as possible because it offers a wider range of reliability.
We actually did just the Microsoft Active directory, so we picked the actual. We did just pure active directory. I mean the open LDAP stuff, but it didn't quite work that well.
I think the closest one would be because we recently went through an implementation, but Salesforce has their own version of a signal sign-on product. It's not the same. I'd say that it works, but it doesn't give you as much functionality.
For us, it was a natural evolution of our use of active directory. As we went from on-premises to the cloud, this was an easy extension of our authentication infrastructure. We looked at other products from Oracle, so Oracle ID, Oracle Identity Management. We looked at pink …
We used Google before, but we tried to use it but it didn't. We didn't like it. I'll this is better. It integrates better with our environment that we have right now.
We're Microsoft dedicated. We do however, displace other products that do similar things, so a lot of third party products, so even like Okta. In my opinion, it's just equally as powerful or more powerful of a product and it has a way better price point for customers. I think …
I'd love to tell you about Amazon IM and Google's IM because they suck and they tell you to use Entra ID, factually. They're like, oh cool, set it up with Entra ID. They just know you're going to do it. I don't think you guys have a competitor, to be honest. You just don't.
We're a Microsoft Native shop, so we're looking at Okta's identity tool, SailPoint and a few other competitors of Venture id. And we decided to go with this one because we're already using Active Directory, so just using the native Microsoft Suites kind of just they integrate …
Well, it's natively integrated with all Microsoft Stack, so it comes very handy when you need to, for example, use it for Intune Association, et cetera, so it's very handy.
Previously we had worked with Okta, which was kind of using our replacement for active directory server, and I know that has integrations, but we ended up just going with Entra ID just for the ease of access and without having to stack on an additional third party application …
In our application use case, it's kind of unique and there isn't any like for if there's anything on the identity space, probably Okta. Yeah. But we do both use them and we have integration with Okta and Entra ID, so it works for us very well.
Microsoft Login ID was chosen for its ease of use and availability of access via any device. Unlike the old Active Directory, it has a low learning curve and is very intuitive for analysts who are using it for the first time.
The customer was already using SailPoint Access Risk Management (ERP Maestro) and doesn't want to bring in SAP AC for the SOD topic. So it was easy to decide to go with SailPoint Access Risk Management (ERP Maestro).
SailPoint is a more customizable solution than Okta, it is also not just a cloud application. Our use of IIQ to manage external suppliers via Azure AD guest accounts was not available on other platforms at the point of deployment. The integration with SAP and other Microsoft …
The on-prem SailPoint IdentityIQ platform provides the necessary customization that is required in our dynamic environment. Although we may look at a cloud-based Identity Management service again in the future, (there are many advantages), our identity management, …
SailPoint and Oracle were selected for the RFP from a field of over 10 companies. SailPoint was much more mature and stable during our evaluation in 2015 and continues to lead the pack. We're confident we made the correct decision and work closely with our success team at …
I think SailPoint Identity Platform stacks better than most IAM tools and solution though a lot of SaaS IAM solutions are already available, can compete and are at par with its features and capabilities.
IdentityIQ provides a more complete solution for a fraction of the cost of other solution providers. It is easy to work with and provided very effective management of all aspects of the access management process.
All these products are really good at some key areas. They are all different and solve different parts of the puzzle. IIQ is more of a centric focal point that manages and maintains access in a vendor-agnostic way. It helps bridge the gap at the identity layer for different …
Compared to other solutions, IdentityIQ provides the best identity governance for your organization. Custom workflows and automation processes make this product more attractive to business rather than its competitors. IdentityIQ is a united, user-friendly platform to perform …
For one, a significant factor for us is that it is integrated with HelloID, which gives us, as the IT department, a lot of time back because we don’t need to create user accounts manually. It is great for the roles we have defined, as they can be used repeatedly. A great feature is that guest accounts can be created for external users; we only need to be in a closed area of your domain.
We are happy with the management of the Id, accounts where the user can request any access easily. Also the many connector which Sailpoint is offering in order to onboard lots of applications is quite helpful. The access review module has also have been improve so that large campaigns can we work out easily.
Where we see some improvement is on the UI as here it is not so intuitive for the end user, so that we need to make lots of communications and training so that the user is able to understand how to use it.
For the administration and creation of roles it also would be great to have some improvements here to make it more easily its management.
It addresses the issue of identity management very well with respect to putting in that multi authentication.
It can also support with respect to we can push these policies into another product that is not Microsoft, but it needs that SSO so we can have one account going into multi different accounts. I think that's the biggest pros and the easy use of Microsoft 365 also is one of those pros also in terms of administration.
The access request work flow and back end process is exceptional. It effectively manages all of the various pieces of a request and presents the completed request to the provisioning agent as a single record. This is very helpful to the efficiency of the process since the provisioning agent only sees the completed request rather than seeing each component as it is approved. Other systems deliver the various request components to provisioning as they are approved but cannot be provisioned without all the components. Thus creating complexity for the provisioning agent and impacting the SLAs with what looks like a delay with the provisioning process.
The system is robust enough to effectively handle the scale that we need. With 750+ applications, 24,304 individual entitlements to select from, and an average of 10,200 request transactions per month. We have never had any performance issues.
The system flexible enough to accommodate our complex business needs without needing to customize the base system. We have been able to add significant functionality to the system in order to support the business needs by extending the code rather than altering the base code. This has enabled a simple upgrade of the system without having to re-apply code enhancements.
Well, I'm an active ad admin, so there's a lot of features in active directory that Entra ID seems to be just adding now. We're kind of figuring out that the policies are different than Entra ID that they were in active directory and we're finding other products to do that, like Azure policy. Some things I'm used to seeing in identity products or like active directory aren't in Entra iID, but are doing good job of managing stuff that it does so far.
Technical adoption requires a high level of training and experience by the implementing teams.
SailPoint and partners offers very good training courses which I think are very good. An area of improvement can be in providing cloud VMs that users can work with to learn the IIQ tool more effectively at their own pace.
Entra ID is a vital part of our Identity management/administration. With the integrations it has to other Microsoft products, setup and configuration is a breeze. Additionally, Microsoft has been around a long time and have the resources to ensure this product is stable and secure for many years to come. We know it will evolve with time to provide us what we need as technology changes.
Very easily usable. It could be easier to use. Implementation was kind of tricky. We do run a hybrid environment, so we're syncing a local active directory instance with Entra ID, so that could be a little tricky. But outside of that, if you're not running a hybrid deployment or a version of Entra ID usually, it's pretty straightforward.
Microsoft has offered Azure Active Directory as a solution for a couple of decades now, so they have seen and anticipated almost any issue that an organization may face and can therefore help. The cloud offering of Azure Active Directory offers some additional "self healing" or monitoring services that can minimize the need for a service call. However, as with most large companies supporting a fast growing market, there may be some gaps in service knowledge (and particularly processing) from the front line / tier one staff as they follow a corporate script at first contact.
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.
SailPoint is a more customizable solution than Okta, it is also not just a cloud application. Our use of IIQ to manage external suppliers via Azure AD guest accounts was not available on other platforms at the point of deployment. The integration with SAP and other Microsoft services is also second to none.
I don't know if I can really quantify that. It's one of those products that just exists and so there's not a whole lot of changes that we need to make with the product. And so I guess in terms of value, what we get is we don't have to worry about the identity management piece. We know that that's taken care of.