We performed a comparison between Microsoft Entra ID and One Identity Defender based on real PeerSpot user reviews.
Find out in this report how the two Authentication Systems solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have about 80 users in the Azure Active Directory right now, however, we know that if it was necessary to scale it for hundreds or thousands of users, it wouldn't be a problem."
"It has been very instrumental towards a lot of services we run, especially on the single sign-on side. For example, we have 160 countries that all run their own IT but we still are able to provide users with a single sign-on experience towards global applications. So, they have a certain set of accounts that they get from their local IT department, then they use exactly the same account and credentials to sign into global services. For the user, it has been quite instrumental in that space. It is about efficiency, but also about users not having to remember multiple accounts and passwords since it is all single sign-on. Therefore, the single sign-on experience for us has been the most instrumental for the end user experience."
"Privileged Identity Management (PIM), managed identities, dynamic groups, and extension and security attributes are all great features."
"Overall the solution functions very well, such as the ability to access it from the cloud."
"All of the features are amazing, such as identity governance and privileged identity management."
"Being able to use Azure AD means that you can use some of the Azure AD security features like Advanced Password Protection. As well as querying your normal password requirements like lengths and complexity, Azure AD has a feature in which you can put specific words. It can be words to do with your company, words to do with your company location, or words that a lot of your employees would otherwise use. You can disallow them. It's very good at making more obvious passwords, ones they're not allowed to use anymore. That's a good feature."
"The most valuable feature is its ability to act as an identity provider for other cloud-based, SaaS applications. In our bank, this is the main identity provider for such features."
"The user functionality enables us to provide different levels of access, across many applications, for each user. We can customize the access level and set a security level in connection with that access. For instance, we can require MFA. That is a feature that helps enhance our security posture a lot."
"We find that the product scales very well."
"One Identity Defender has good network protection."
"It's very fast, and it's easy to use because it's integrated with Active Directory."
"Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should develop connectors for different applications and collaborate more with other vendors to cover a broader range of applications."
"Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be. The integration was not very seamless."
"The most challenging aspect I found was the creation of organizational units and specific domains. They have a tool called Bastion, which is expensive and a little bit confusing."
"Microsoft Authenticator can improve their notifications because sometimes, my team doesn't receive notifications about app updates and authentication failures."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"The product takes at least ten minutes to activate privilege identity management roles."
"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."
"I think the documentation and configuration are both areas that need improvement."
"We have some clients that are wanting to protect their Apache web servers with One Identity Defender but all the research I have done says cannot be done. It can only be oriented to an IIS server. One Identity Defender should have more integration with more types of web servers."
"The login capabilities could be better."
"Maybe it could provide support for more web applications. It seems more focused on IIS web applications."
Microsoft Entra ID is ranked 1st in Authentication Systems with 190 reviews while One Identity Defender is ranked 16th in Authentication Systems with 3 reviews. Microsoft Entra ID is rated 8.6, while One Identity Defender is rated 8.6. The top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". On the other hand, the top reviewer of One Identity Defender writes "Good compatibility, responsive support, and a nice interface". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo, whereas One Identity Defender is most compared with Cisco Duo. See our Microsoft Entra ID vs. One Identity Defender report.
See our list of best Authentication Systems vendors.
We monitor all Authentication Systems reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.