We changed our name from IT Central Station: Here's why
IT Consultant at a tech services company with 1-10 employees
Consultant
Top 20
Supports conditional access based on geolocation, reliable, and uses artificial intelligence to enhance security
Pros and Cons
  • "Conditional access is a very important feature where a specific user can be restricted such that they cannot connect to the application if they travel outside of the US."
  • "If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."

What is our primary use case?

We are a system implementer and this is one of the products that we provide to our clients.

We primarily use this product for identity and access management. Any of our customers using Office 365, which includes Exchange Online and SharePoint Online, are using it for authentication. Worldwide, there are a lot of use cases.

The identity check includes whether the username and password are correct, and it also supports multifactor authentication.

How has it helped my organization?

This solution is in the cloud and as soon as users log in to the Office 365 portal, or whatever application you assign to them, it will take care of the identity aspect.

What is most valuable?

The most valuable features are authentication, authorization, and identity access.

Conditional access is a very important feature where a specific user can be restricted such that they cannot connect to the application if they travel outside of the US.

Multifactor authentication is very important.

They have a velocity check, powered by artificial intelligence and machine learning, where if you have been logging in at a location in the US but suddenly you try to log in from a different country, it flags it as an unusual amount of travel in a short time and it will ask you to prove your identity. This is a security feature that assumes it is a phishing attack and is one of the important protections in the product.

What needs improvement?

The problem with this product is that we have limited control, and can't even see where it is running.  If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great.

I would like to see Microsoft continue to add new features gradually, over time, so that we can introduce them to our customers.

For how long have I used the solution?

We have been using Azure Active Directory for more than six years.

What do I think about the stability of the solution?

The stability of this product is 100%, and we plan to continue using it.

What do I think about the scalability of the solution?

As this is a cloud-based product, you don't need to worry about scalability. Regardless of the number of users, it handles identity management.

90% of our customers are using it. From what I see, we have up to 50,000 end-users. In reality, we can have up to 400,000.

How are customer service and technical support?

We can handle most of the issues by ourselves but if not, Microsoft support is available and we just have to create a ticket.

Which solution did I use previously and why did I switch?

This is the first cloud-based identity management solution that we have used. In an on-premises deployment, we use the traditional Active Directory.

How was the initial setup?

The deployment process involves using the Azure AD Connect tool, which is very important. The only choice that needs to be made beyond this is whether you want to have single sign-on (SSO) enabled or not.

The deployment will require some basic planning. The length of time required will be a maximum of four weeks. Three staff should be sufficient, although this depends on the number of users.

What about the implementation team?

The maintenance of this solution is almost zero. The only time that something needs to be done is in the on-premises portion of a hybrid solution. The cloud aspect is maintained by Microsoft.

What was our ROI?

As this is a cloud-based solution, less maintenance is required, so the return on investment is better.

What's my experience with pricing, setup cost, and licensing?

The P1 version costs $6 per user per month. If you need the P2 version then it is an extra $3 per month.

What other advice do I have?

There are two different Premium versions of this product available, being P1 and P2. For 99% of our customers, P1 is enough. The P2 version has some advanced features required by a small number of customers.

Overall, my experience with Active Directory has been very good. When we work in the cloud, this product provides us with almost everything.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Flag as inappropriate
SunilKumar12
Sr Engineer IT at Hical Technologies Pvt Ltd
Real User
Top 10
Enables us to see and analyze user activity and gives us a single point of control
Pros and Cons
  • "It also has features that help improve security posture. The most important of these features include multifactor authentication, which is very useful for connecting to the organization, especially from outside the boundaries of the organization. That is very helpful when it comes to user security."
  • "Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization."

What is our primary use case?

We use Azure AD for user access and control.

Our deployment is a hybrid of on-premises and cloud.

How has it helped my organization?

We can see user activity and analyze user interaction between the websites and log files. It gives us a single point of control. Overall it has helped place our security posture in a good position.

In addition, using Microsoft Endpoint Manager, new laptops can easily connect to the MDM solution, making for a very good user experience, particularly for new systems. Users just log in with their email ID and multifactor authentication. Once they are logged in, they connect automatically to the back end and that helps make the user experience for configuration very good.

What is most valuable?

Among the valuable features are MDM and Microsoft Endpoint Manager. They are very useful. Intune is built-in. And deploying to MDM has features that are very advanced. It reduces the administration work. And security-wise, it has very advanced technology.

It also has features that help improve security posture. The most important of these features include multifactor authentication, which is very useful for connecting to the organization, especially from outside the boundaries of the organization. That is very helpful when it comes to user security. And in the COVID situation, MDM is very helpful for us due to work-from-home. It enables us to very easily connect to our domain and align new systems with the end-users. That is very helpful for us.

What needs improvement?

There are some difficulties in the hybrid version, things to do with firewall security, inside the organization. They need to work on that more.

In addition, everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization.

I'm also expecting a Windows 365 virtual desktop. I would be interested in that feature.

For how long have I used the solution?

I have been using Azure Active Directory for four years.

What do I think about the stability of the solution?

It's 100 percent stable.

What do I think about the scalability of the solution?

The scalability is unlimited.

How are customer service and technical support?

I would rate Microsoft's support at nine out of 10. It's not a 10 because in some cases they don't answer a call because they are engaged with other calls.

Which solution did I use previously and why did I switch?

We tried ManageEngine but it was not useful for us. It was not up to the requirements of our organization. Azure AD is a very flexible solution. It is used in most of the organization.

How was the initial setup?

It is very easy to configure if you are configuring a completely new cloud deployment. But with the on-premises deployment, there are some difficulties due to security issues, like credentials required.

It doesn't take more time to install AD Connect on-premises. The installation itself takes one hour and, within one to two days, we can take all the data over to it. But we then need to monitor it for at least two days to make sure everything is fine.

We have almost 400 users in our AD and we have six people involved in maintaining and administering it, including me in my role as senior IT engineer. I take care of Active Directory monitoring, as well as installation and configuration. We also handle patches and upgrades. One person takes care of the billing part.

What about the implementation team?

We set it up with the help of a consultant from KPMG and our experience with him was good.

What was our ROI?

With COVID going on, part of our ROI from using the solution is that we can view the access of all the employees who are working from home. In these circumstances, that has been a notable return on our investment. 

What's my experience with pricing, setup cost, and licensing?

The pricing, in the context of the COVID situation, is very high because the overseas aerospace industry, to which we supply products, has been hugely impacted. There are no projects coming in. 

The pricing should also be less for smaller organizations.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Azure Active Directory. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,148 professionals have used our research since 2012.
Sr. Cloud Engineer at a tech services company with 1,001-5,000 employees
Real User
Great out of the box authentication flows, provides minimal security leakage, and is quite stable
Pros and Cons
  • "The scalability capabilities are quite high."
  • "Azure AD provides two types of features. One is Azure AD Excel and is already B2C. Out of both versions, Azure B2C requires some improvement, in terms of user management and role management, et cetera."

What is our primary use case?

There were a couple of use cases I've dealt with. In one scenario, I had to import on-premise users to my Azure AD. We had a couple of mobile applications where we were using the authentication feature from Azure AD. 

We needed to create a new infrastructure for one of the clients and everything had to be taken care of by the Azure infrastructure. In that case, we used Azure AD for all kinds of user management tasks, as well as authentication.

How has it helped my organization?

We simply use Azure AD and everything is taken care of instantly. You need not worry about user management. Everything is taken care of by Azure AD itself. You just simply have it in your application and everything is done out-of-the-box.

What is most valuable?

Azure AD, overall, is quite good for securing your applications as well as the infrastructure. 

I like that they provide most of the authentication flows out-of-the-box, so you do not need to do anything specific to tackle any authentication flows.

Azure AD has affected our organization's security positively. In terms of the application, it's quite good. There was very minimal leakage. We had a single instance and that user was already compromised. Otherwise, it's quite good.

What needs improvement?

Azure AD provides two types of features. One is Azure AD Excel and is already B2C. Out of both versions, Azure B2C requires some improvement, in terms of user management and role management, et cetera.

For how long have I used the solution?

I've used the solution for approximately one to one-and-a-half years.

What do I think about the stability of the solution?

The stability is quite high - if we are talking about Azure AD and not Azure AD B2C.

What do I think about the scalability of the solution?

The scalability capabilities are quite high. We have somewhere around 5 million users, and it was doing quite well even with that number.

How are customer service and support?

I haven't interacted much with technical support, however, during one of the instances where we required some help, which was not related to the Azure AD, they provided us quite good support.

Which solution did I use previously and why did I switch?

I have tried one competitor, IdentityServer. It is basically an open-source solution. In terms of comparison, Azure AD is quite solid. When it comes to IdentityServer, you need to manage everything on your own. You need to host everything and you have to take care of the whole application life cycle with that identity cycle. In the case of Azure AD it's an almost managed service.

How was the initial setup?

I found the initial setup process quite straightforward.

In terms of implementation, Microsoft provides very good documentation of how to kick off Azure AD. You just need to follow those instructions and it will be done in a couple of clicks.

What's my experience with pricing, setup cost, and licensing?

They do have a tier of service that is free that supports many people. You can also purchase a license and costs can be reduced on the Microsoft side.

What other advice do I have?

My previous organization has a very close relationship with Microsoft.

I would advise users to go with Azure AD, if possible, and to try to avoid the B2C version at the moment, as quite a few good features are already in the preview. Once those preview features are done, you can go with the B2C version. 

I'd rate the solution at a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Matt Hudson
Enterprise Solution Architect - Security at a insurance company with 10,001+ employees
Real User
Our ability to control access to resources has vastly improved
Pros and Cons
  • "Azure Active Directory features have helped improve our security posture. The remote working has been a massive help during the pandemic."
  • "On-premise capabilities for information and identity management need improvement."

What is our primary use case?

It underpins our application authentication and security requirements for internal users.

How has it helped my organization?

During the pandemic, it helped us carry on working securely as a business.

Azure Active Directory hugely improved our organization’s security posture. The ability to control access to resources has vastly improved.

What is most valuable?

We very much like Conditional Access. We also like the risky sign-ins and Identity Protection. These features provide us the security that lets us fulfill our security requirements as a company.

Azure Active Directory features have helped improve our security posture. The remote working has been a massive help during the pandemic.

The solution has made our end user experience a lot easier and smoother.

What needs improvement?

On-premise capabilities for information and identity management need improvement but I know these are in pipeline.

For how long have I used the solution?

I have been using it for five or six years.

What do I think about the stability of the solution?

The stability has improved over the last two to three years.

What do I think about the scalability of the solution?

It has fantastic scalability. Globally, we have about 80,000 users. 

In each territory there are on average around 40 people managing the solution on the admin side. We also have SMEs for the harder tasks. Then you have people, like me, who are architects and determine approach and create designs.

How are customer service and technical support?

Microsoft Premier Support is very good. We make good use of it. 

The free support is okay.

Which solution did I use previously and why did I switch?

For mobile device management we used to have MobileIron and Blackberry. Those products have been removed in favour of Intune and Azure AD features. Other legacy security services will be removed in preference for the Azure equivalents. Strategically, Azure AD makes more sense for us. Cloud first is the strategic direction within my company.

How was the initial setup?

It is a predeployed solution, creating the links between the on-premise system and SaaS system is moderately easy.

Our deployment took a month.

For a non-complex organization, the deployment process would be a lot easier than it is for a complex organization. There are a lot of business processes that need to be determined as well as a lot of conversations. The technology side of things is the easy bit. It is the design that takes awhile.

What about the implementation team?

It was all done internally and using Microsoft Partners

What was our ROI?

We have only really bought into the solution over the last 12 months or so. We expect to see cost returns in the next 12 months.

What's my experience with pricing, setup cost, and licensing?

If you get rid of all the products providing features that Azure suite can provide, then it makes sense cost-wise.

Microsoft Premier Support is an additional cost to the standard licensing fees.

Which other solutions did I evaluate?

Azure Active Directory and its feature set under a single vendor are unique in our market.

What other advice do I have?

Compared to how it was five years ago, the solution is has really matured.

Make sure that business requirements are understood upfront and a design is in place before any services are deployed. Ensure the people deploying it understand the capabilities and implications of choices.

I would rate this solution as a nine out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Amgad Soliman
Senior System & Security Administrator at a legal firm with 51-200 employees
Real User
Top 5
Good performance and easy to install with good connectivity to our on-premise Active Directory
Pros and Cons
  • "The scalability of the product is decent."
  • "The synchronization with the local Active Directory and synchronization with all of the users on the local and cloud could be better."

What is our primary use case?

The solution is primarily used for handling user permission and containing with the Online Exchange. It's for handling user passwords, user permissions, all of the privileges, and for using Azure Active Directory for the Online Exchange.

What is most valuable?

We're satisfied with the product in general.

The most valuable aspect of the solution is the connectivity with our on-premise Active Directory.

We've found the performance to be very good.

The stability is good.

The scalability of the product is decent.

The installation process is straightforward.

What needs improvement?

The synchronization with the local Active Directory and synchronization with all of the users on the local and cloud could be better. Every user on the cloud and the on-premise local users should have a connection, have the same privilege, the same features. We should be able to change passwords from the local and have it synchronized with the cloud users.

For how long have I used the solution?

I've used the solution for four years. It's been a while. 

What do I think about the stability of the solution?

The stability is good. The solution offers good performance. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

What do I think about the scalability of the solution?

We've found the scalability of the product to be very good. There aren't any issues with expanding as needed.

In my organization, we have about 25 users. I deployed it for another organization as my company is a service consultant. Therefore, I do this installation for other users and other companies. There are about 60 users in one and another has 100 users. Another company has only 20 users there. The amount of users each organization has varies. 

We do plan to grow our team and possibly use the solution more. 

How are customer service and support?

I have contacted technical support from Microsoft many times, including when the mailing system is down or when I have a problem with Active Directory or Azure. I contact the help desk for Microsoft, and they reply to me in about one hour and help me to solve any issue. It takes about three or four hours and at that point usually, everything is resolved.

How was the initial setup?

The initial setup was very straightforward and simple. It was not overly complex or difficult. We didn't have any problems with the process.

The deployment for the local setup takes some time. For the cloud, it's very straightforward, and it takes no time at all. It takes about two hours to totally install the hybrid, the connection, and go on with the application.

We have about five people who can handle deployment and maintenance duties. That includes me and five engineers.

What about the implementation team?

I can handle the implementation myself. I do not need the help of an integrator or consultant.

What's my experience with pricing, setup cost, and licensing?

We have many customers that purchase licensing agreements with Azure. Typically they are charged per user.

What other advice do I have?

We're a partner.

I would recommend the solution to others. If they just read a bit about it and connect with Microsoft, they'll likely get some good advice as to how to use it. 

I'd rate it at a nine out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Minghao Li
Technical Manager at a non-profit with 201-500 employees
Real User
Helps provide high security and is stable and easy to install
Pros and Cons
  • "Microsoft Azure AD is easy to install and is a stable solution."
  • "There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail."

What is our primary use case?

We are a small consultant company, and we help customers to build hybrid environments. We synchronize on-premises AD to Azure AD and help our customers decide which one they want to use.

In our own company, we use Office 365, so we use Activity Directory directly for authentication and authorization.

What is most valuable?

The most valuable feature is Conditional Access. As there are more and more people working from home, security is a challenge for a lot of companies. To build a general trust solution, we need Conditional Access to make sure the right people use the right device and access the right content.

In our company, we use Conditional Access with Trend to make sure that our employees can use the device from the company. We can make sure that there is higher security. We can also use Trend to set up a group policy and to set up Windows Defender as well.

Microsoft Azure AD is easy to install and is a stable solution.

What needs improvement?

There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail.

More documentation on some complete scenarios, such as best practices to integrate forests into Azure AD when a customer has several on-premises forests, would be helpful.

For how long have I used the solution?

I've been using it for four years.

What do I think about the stability of the solution?

In my experience, it has been working fine.

What do I think about the scalability of the solution?

Scalability is a pain point. There is no documentation about how Microsoft will scale Azure AD for customers. We do, however, plan to increase usage.

Which solution did I use previously and why did I switch?

We used on-premises Active Directory before using Azure Active Directory.

How was the initial setup?

The initial setup is pretty simple. Microsoft Azure AD can be deployed in one or two minutes.

If you have an Office 365 subscription, Microsoft will build Azure AD for you.

What's my experience with pricing, setup cost, and licensing?

Microsoft Azure AD has P1 or P2 licensing options, and it depends on the customer's needs. To use Conditional Access, you need to have the P1 license, and to use the PIN features, you need the P2 license. We use the P1 license as we use Conditional Access.

What other advice do I have?

It will be a very good solution if your company is already using on-premises Windows Active Directory. Microsoft has provided a useful tool called Azure AD Connect. So, you can easily sync your on-premises Active Directory to Azure Active Directory, and you can easily implement the SSO.

Overall, we are satisfied with the solution and the features provided, and on a scale from one to ten, I would rate this solution at nine.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Software Engineer at a computer software company with 10,001+ employees
Vendor
Top 20
Easy to manage and integrates well with third-party applications
Pros and Cons
  • "The ability to grant access to other organizations is helpful."
  • "Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click."

What is our primary use case?

We are a software development company and solution provider, and this is one of the products that we implement for our clients.

This is an easy way to give users access to applications. I can share access with other organizations outside of our network.

What is most valuable?

This solution is easy to manage.

The ability to grant access to other organizations is helpful.

It integrates well with a large number of applications.

What needs improvement?

Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click.

I would like to see a secure, on-premises gateway that offers connectivity between the physical servers and the cloud. The capability already exists, but it is not secure enough when the setting is marked private.

For how long have I used the solution?

I have been using Microsoft Azure Active Directory Premium for about a year.

What do I think about the stability of the solution?

In the time that I have been using Microsoft Azure, I haven't had any problem with stability.

What do I think about the scalability of the solution?

This is the right platform if you are looking for scalability. We have more than 100,000 users.

How are customer service and technical support?

We have not needed to use technical support. 

We have a couple of contacts in the Microsoft team, so we will reach out to them in case we have any questions.

Which solution did I use previously and why did I switch?

I have recently been working with Okta, and I find that most organizations are moving toward it. With this in mind, I think that Microsoft has to take care, and consider why so many people are switching. The most important reason is the single setup. Once they set up Okta, it's easy for the organization.

How was the initial setup?

I have been working in Microsoft Azure for a long time and I find the initial setup to be easy.

What about the implementation team?

For maintenance, we have a team of 20 administrators and developers.

What's my experience with pricing, setup cost, and licensing?

Licensing fees are paid on a monthly basis and the cost depends on the number of users. There are no charges in addition to this.

What other advice do I have?

The suitability of this solution depends on the technology and the environment at the organization. Many companies are still transitioning to the cloud, leaving part or all of their data on-premises. Ultimately, it depends on the data that they have and their preference or requirements for keeping it on-premises. In some cases, people want to move only non-private data to the cloud. All of these things have to be considered before implementing Azure Active Directory.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior System Administrator at a financial services firm with 1,001-5,000 employees
Real User
Top 5Leaderboard
Easy to manage, useful for single sign-on, and integrates well with on-prem Active Directory
Pros and Cons
  • "It is easy to manage. I can manage systems with policies and automate our systems. Any professional system can be easily integrated with Azure Active Directory. It is widely used with Windows versions."
  • "Four years ago, we had an issue with Azure AD. We wanted to reverse sync from Azure AD to on-prem Active Directory, but we couldn't achieve this. Azure AD could connect only in one way, for example, from your site to Azure. If you needed to do the reverse and connect from Azure to on-prem, there was no way to achieve it. We asked Microsoft, and they told us that they don't support it."

What is our primary use case?

We're using Azure Active Directory for MFA.

What is most valuable?

It is very usable and easy to use.

It is easy to manage. I can manage systems with policies and automate our systems. Any professional system can be easily integrated with Azure Active Directory. It is widely used with Windows versions. 

What needs improvement?

Four years ago, we had an issue with Azure AD. We wanted to reverse sync from Azure AD to on-prem Active Directory, but we couldn't achieve this. Azure AD could connect only in one way, for example, from your site to Azure. If you needed to do the reverse and connect from Azure to on-prem, there was no way to achieve it. We asked Microsoft, and they told us that they don't support it.

Their support should be faster and more knowledgeable and customer-friendly.

For how long have I used the solution?

I have been using this solution for maybe four years.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is very scalable. I don't know about the number of users that we have currently, but at the time I managed its synchronization, there were maybe 800 users. 

How are customer service and technical support?

We're not satisfied with their support. We couldn't get support from Microsoft directly, and we made an agreement with a company. We weren't satisfied with their support. They were very slow and not friendly. They couldn't solve our problems because our program was very complex.

Which solution did I use previously and why did I switch?

I didn't use any other solution. I only use Active Directory and Azure AD.

How was the initial setup?

I installed hybrid Exchange. It was very easy for us. Its installation took a very short time. There was a connector system on Exchange, and we just had to set up the connection. It was very easy.

What about the implementation team?

I installed it myself.  

Its maintenance is very cheap and easy. We have only two engineers to manage Azure AD and Azure Exchange.

What's my experience with pricing, setup cost, and licensing?

We have an agreement with Microsoft, and my company pays yearly.

What other advice do I have?

It is a very good product. I plan to keep using it because it is very easy to manage.

If you use an application in Azure and you want single sign-on for Azure products, you should prefer using Azure AD. You should synchronize your on-premise Active Directory to Azure AD. We synchronized Active Directory with Azure AD for single sign-on. For example, if a worker wants to sign in on your computer with the same user ID and password, he or she can connect to Azure services. Azure AD provides support for this.

I would rate Azure Active Directory a nine out of 10. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate