We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Being able to use Azure AD means that you can use some of the Azure AD security features like Advanced Password Protection. As well as querying your normal password requirements like lengths and complexity, Azure AD has a feature in which you can put specific words. It can be words to do with your company, words to do with your company location, or words that a lot of your employees would otherwise use. You can disallow them. It's very good at making more obvious passwords, ones they're not allowed to use anymore. That's a good feature."
"In terms of identity management, it helps to improve security posture. It generally helps in terms cloud security, simplicity, and single sign-on for multiple apps."
"Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company."
"It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
"Many of its features are valuable, including: facilitating application authentication, privileged access management, processes for attestation, and access reviews."
"The security and infrastructure management features are the most valuable ones for us."
"The solution's ease of use is one of its most valuable features."
"The most valuable feature is the ability to deploy and make changes to every workstation that I need to. We use it to control policy and I can apply the right policies to all our 1,500 workstations, notebooks, et cetera."
"The features that we have found most valuable with NetIQ Access Manager are its single sign-on and two factor two second factor database."
"The single sign-on feature is excellent."
"The solution is easy to use for our managers."
"The single sign-on is the solution's most valuable feature"
"Symantec Siteminder Is both scalable and stable."
"The most valuable feature is the integration with the Active Directory."
"It's quite scalable."
"Its integration with open-source applications can be improved. I know that they are working on open-source authentication methods for integration with open-source applications, but they can make it more open."
"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."
"The visibility in the GUI is not good for management. There are a lot of improvements that could make it better. It should be more user-friendly overall. It is not user-friendly because everything keeps changing on the platform. I can understand it because I know the platform, am familiar with it, and use it every day. However, for a lot of clients, they don't use it every day or are not familiar with it, so it should be more user friendly."
"We have a custom solution now running to tie all those Azure ADs together. We use the B2B functionality for that. Improvements are already on the roadmap for Azure AD in that area. I think they will make it easier to work together between two different tenants in Azure AD, because normally one tenant is a security boundary. For example, company one has a tenant and company two has a tenant, and then you can do B2B collaboration between those, but it is still quite limited. For our use case, it is enough currently. However, if we want to extend the collaboration even further, then we need an easier way to collaborate between two tenants, but I think that is already on the roadmap of Azure AD anyway."
"Its area of improvement is more about the synchronization of accounts and the intervals for that. Sometimes, there're customers with other network challenges, and it takes a while for synchronization to happen to the cloud. There is some component of their on-prem that is delaying things getting to the cloud. The turnaround time for these requests is very time-sensitive. I don't mean this as derogatory for this service, but in my experience, that happens a lot."
"Azure Active Directory could benefit by adding the capability for identity life cycle for the on-premise solution. For example, an HR solution, which is built on-premise or, in general, better on-premise capable solutions."
"We have a lot of freedom in using the Group Policy Objects and, although Group Policy Objects are part of Azure Active Directory, there are still a lot of things that can be improved, such as providing local admin rights to a user. There are various, easy ways that I can do that in the on-premises version, but in the cloud version, it is a bit difficult. You have to create a bunch of policies to make it work."
"The initial setup was complex."
"In terms of what could be improved, I would say the security of the infrastructure and the server and the working networking device."
"I would love to see the upgrade procedure handled more effectively. I would prefer to have OVS installation possibilities, although the upgrade procedures should include the OS as well. You should be able to use the whole application as an appliance."
"We're currently unable to find information about if the solution can do a full implementation with SQL. Some better and more accessible documentation for new users or those curious about the product would be helpful."
"The technical support could be better."
"Some of the new protocols, like OAuth 2.0, could be improved."
"The support could be faster."
"To add more value to this solution it needs to be more user-friendly."
"There are four different levels of subscription including the free level, one that includes the Office 365 applications, the Premium 1 (P1) level, and the Premium 2 (P2) level."
"The E5 plan we are using contains the premium plans for Azure Active Directory. We are not paying only for the Azure Active Directory Premium licenses. We have it already included within our E5 plan."
"The process for buying licenses from Microsoft is somewhat messy and really hard to do. We have to talk to someone because it's hard to find out how many licenses we need. If I'm applying for 2,000 users, how many Windows licenses do we need? They could also charge less for support."
"We have an agreement with Microsoft, and my company pays yearly."
"The cost is billed on a per-user licensing basis."
"Everything needs to be considered for the requirements and if it is within the budget, then you can come up with a solution, whether it is SaaS, PaaS, or IaaS."
"I think we're on the E3 — I think it was about 35 dollars per user."
"The basic tier of Azure Active Directory is free, so many users use the service for free. For a small company having the security and compliance that Azure offers is a great benefit. For small companies that are using the basic services, not having to pay for Azure Active Directory is the main asset because they can manage their users and have authentications tools and security."
"Symantec Siteminder is expensive; they could definitely do better on the price."
"The licensing is fair for this solution."
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks. With Azure Active Directory, you get:
- Single sign-on enabling access to your apps from anywhere
- Conditional Access and multi-factor authentication to help protect and govern access
- A single identity platform to engage with internal and external users more securely
- Developer tools to easily integrate identity into your apps and services
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Symantec® SiteMinder is designed to secure the modern enterprise through a unified access management platform that applies the appropriate authentication mechanism to positively identify users; provides single sign-on and identity federation for seamless access to any application; enforces granular security policies to stop unauthorized access to sensitive resources; and monitors and manages the entire user session to prevent session hijacking. Finally, Symantec SiteMinder is battle-tested and has been deployed in the largest IT environments in the world.
NetIQ Access Manager is ranked 2nd in Web Access Management with 2 reviews while Symantec Siteminder is ranked 1st in Web Access Management with 5 reviews. NetIQ Access Manager is rated 7.0, while Symantec Siteminder is rated 8.0. The top reviewer of NetIQ Access Manager writes "Good authentication and great single sign-on feature but needs a better upgrade procedure". On the other hand, the top reviewer of Symantec Siteminder writes "Easy to implement and customize and very stable". NetIQ Access Manager is most compared with Okta Workforce Identity and IBM Security Access Manager, whereas Symantec Siteminder is most compared with Okta Workforce Identity, PingID, PingAccess, ForgeRock and Symantec VIP Access Manager. See our NetIQ Access Manager vs. Symantec Siteminder report.
We monitor all Web Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.