Google Authenticator is a mobile authentication app.
N/A
WatchGuard AuthPoint
Score 9.1 out of 10
N/A
AuthPoint Total Identity Security provides businesses with a solution to protect user accounts and credentials. With
multi-factor authentication and dark web credential
monitoring, AuthPoint mitigates the risks associated with workforce credential
attacks. AuthPoint adds an extra layer of security by monitoring for
potential credential exposure in the dark web for both personal and corporate
accounts.
It is supported by virtually all cloud-based software applications for business. I am happy to allow users to use this in addition to other authenticators. Certainly, if your business is in the Google cloud it makes sense, but my approach to the remote/virtual work world these past couple of years has been structured flexibility. Leaving some choice up to the users for their own comfort, particularly when they are using their own devices. I cannot think of a scenario where it is less appropriate - perhaps where you run the risk of "app sprawl". I.e., where you are requiring users to handle multiple authenticators (which can happen with certain pieces of hardware) you may want to encourage consolidation into one to avoid frustration.
While I cannot speak of the functionalities that we do not use, the 2nd factor authentication has been great. It's actually secure, I can control it all remotely, users don't mind the extra step, and management feels more at ease knowing that we have full access control. The VPN for remote connections is fast and stable, it stays connected during network oddities and has plenty of bandwidth.
Easy implementation: The product is very easy to implement both from embedding it into the application and from end users using it via their smartphones.
You can use Google Authenticator to manage multiple two-factor authentication keys.
Easy to add keys options: You can scan a QR code to set up 2FA in Google Authenticator. You can also do a manual entry using the unique key provided by the application you are setting up 2FA for.
Works well with the free Authpoint client and the OpenVPN clinet.
Token management is simple and hosted completely in the cloud to reduce overall complexity
Setup was simple and and staighforward
Suppports several authentication methods we have used both RADIUS and SAML effectively, but ADFS, IDP, RDWeb, and RESTful API, and other custom apps are supported.
Geofencing for RDP has been very useful as it is independant of our firewall geofencing. This is quite useful for organizations like us who do not Geofence at at the firewall level so as to provide global access to resources on the DMZ.
It runs on only a few platforms, specifically Android, iOS, and Blackberry and in my opinion it needs to be available on every platform that is out there.
SA drawback I have noticed is that if you swap phones you have to blitz the entire app and go back and sync up all the accounts again which can be very frustrating for new users.
It can also be risky ( for some ) having all all your data centralized in one place.
Integration with on-premise AD is not working, even after speaking with the support team, it could not get resolved. There is no better documentation on this topic as well
Integration with Azure AD is not supported without the presence of on-prem AD
Logs information is not precious, it provides a generic code in some cases, making it harder to troubleshoot.
The Watchguard AuthPoint App in AppStore has some issues, after it's activated there is no approval request being sent to the phone, and there is no way to troubleshoot this, the only way to make it work is by uninstalling the app and reinstalling it again.
We are very happy with Authpoint and see no reason to make any change to it. If only there was a policy to set minimum password strength requirements and to force users change their password every xx days, then it would be a 10!!!
It's as easy as opening the app and what I need it for is there. I don't have to fumble with other accounts or getting something else to open it for me. I have all the access that I need for the use of the app within seconds and I can get access to the info that I need.
After initial setup, it practically runs itself. Onboarding new users is fast and easy as it should be. The AuthPoint mobile app is small and simple to use. The only reason I do not give it a 10 is that I frequently get complaints from end users that the AuthPoint app is "constantly downloading". In fact, it's not downloading anything and that what the users are seeing in the app is a timer for the 6-digit code that changes every minute.
I have found Google’s support to be hit or miss. There are times when they are very responsive, and I get my issue resolved quickly, and there are times where a response from them takes weeks. There is no in-between. But my support experience with this particular product is nonexistent because I have not had a problem with it yet. Hopefully, we do not have any problems with it either.
WatchGuard support is always quick and reliable. They have urgency levels that you are able to select when creating your support ticket, and they respond in accordance to the severity that you have set. I have never had an issue with getting someone on the phone in the same business day, even for very low priority issues.
It was an Onsite demo at the ditributor with the benefits of Watchguard Authpoint. Was very nice to see the abilities of the product. This Demo was a few years back, since then Authpoint changed allot. It is very nice for partners that you can get this demo without any aditional cost.
We use the online training for all our employees. There are both sales and technical trainings available and there even is a technical certification. You can use this for the Watchguard Partner Program which can give you aditional benefits. Every now and then you have a webinar that discusses multiple Watchguard products.
the first time it takes more effort. It is helpful to already understand how each authentication type works. Then it's much easier to understand the MFA solution that you implement. It is useful to check the release notes from time to time and update the key parts of the Watchguard Authpoint. Authpoint Gateway, Logon App, RDWeb... Also, it's useful to set up notifications when something goes wrong or sometimes check the statistics of how many requests are being approved/denied, etc.
This product doesn't ensure single-use, real-time codes. This puts our data at risk and is not as secure as Google Authenticator. I anticipate using Google Authenticator as long as we continue to use the full Google Suite for business. It helps to streamline data and accounts.
WatchGuard AuthPoint is easier to manage on a company-wide scale than Google Authenticator. We do use AuthPoint in conjunction with the Microsoft Authenticator but for different services. WatchGuard also has other features available, like dark web monitoring and device management, should we decide to move further services over to WatchGuard, with Google Authenticator does not have
I would say from my limited role in the programs deployed and just being a user, this has been a valuable tool so our ROI is high. We get security and can breathe knowing we have authentication for those who have to be on our network and we are able to protect our work.
We currently have 300 users on Authpoint, and most of them use insecure passwords. Authpoint gives us peace of mind that we don't have to police individual employee passwords.
In line with the comment above, with so many people in our organization using insecure passwords, I'm sure that Authpoint has already saved us from many potential security breaches.
Security breaches can cost a lot of money. Preventing them saves the company money and helps to achieve our bottom line.
