With the news that Microsoft has discontinued selling ‘Azure MFA server’ from 2018, Microsoft Azure MFA customers are looking to migrate to another MFA providing vendor.
Migrations are most successful when handled with the best methods and planned approach. It is also important to understand that Migration can be challenging sometimes and needs the understanding to resolve issues.
miniOrange is taking all these issues like MFA methods & providing support to all organizations for easy and free migration from the Azure MFA server as its infrastructure is built for both On-premise and Cloud solutions. miniOrange Identity platform ensures the organizations benefit from the use of its solution by ensuring their Azure AD tokens can coexist with their miniOrange Identity Platform deployment until all users are fully migrated.
Issues such as Multi-Tenant Support or Third Party Support are faced by Azure MFA users are also acknowledged by miniOrange by providing Multiple domain support to users and enabling Integration with third-party Identity Providers. miniOrange provides a modern identity platform for such migrations in order to solve these problems of authentication.
Current situation of Microsoft Azure MFA Server
Microsoft Azure server was previously used for users to store in AD but it is discontinued. It cannot be considered for any new implementation as
- Microsoft no longer invests in this methodology.
- There is a lack of integration with SSPR and Azure MFA Cloud.
- There is no solution to seamlessly migrate MFA Server to MFA Cloud-based solution using a tool or software.
For further details check here about Azure MFA current situation.
Key advantages of using miniOrange Multi-Factor Authentication (MFA)
- miniOrange provides a solution to the migration path for Azure MFA customers providing a smooth workflow process and a good user interface. Authentication is the most crucial and identity security solution to avoid much brute force, phishing attacks, credentials stuffing and secure access to the data for all the workspaces and customer authorizations.
- Replacing Azure MFA server with miniOrange Multi-Factor Authentication (MFA) helps you in authenticating users by verifying two or more verification factors and ensuring the right set of authentication to your sensitive information and protect user identities on both cloud and on-premise which is not provided by Azure MFA server in on-premise.
- With the increase of security risks across global organizations, miniOrange updated the features with 15+ authentication methods that include SoftToken, Push, QR Code using Google, Microsoft, and miniOrange authenticator app and Hardware Tokens like- Yubikey, Display with various popular integrations with OpenVPN, Fortinet, Windows, Sharepoint, Office 365, and many more.
- In this era of telecommunication, MFA allows employees to safely access data from any device or location without putting sensitive data at risk. Having a second form of identification greatly decreases the chance of a hacker gaining access to corporate devices or other sensitive information.
How to Migrate from Microsoft Azure MFA Server to miniOrange Identity Platform?
miniOrange supports seamless integration of MFA for AD users. Here miniOrange Identity Provider (On-Premise or the Cloud version) will connect to your Enterprise Active Directory and make a Manual import of all the users from the AD to the miniOrange. Once that is done, users will be easily able to reconfigure their MFA methods. Here the AD user will use his AD credentials and the configured MFA method in miniOrange to log into the applications that he requires.
For all the users that are created after the initial import, we support an On the Fly user creation and synchronization capabilities that allow users and their data to be in sync with Active Directory.
Microsoft Azure MFA VS miniOrange
| Features | Microsoft Azure MFA | miniOrange |
|---|---|---|
| Infrastructure | Cloud Solution | Cloud as well as On-Premise solution |
| Support | Support available at a premium cost | Reliable and Efficient support available at low costs |
| Update/Upgrades | EOL Announced for MFA server | Continuous Update/Upgrades will be available for both Cloud as well as On-Premise |
| Price | Comparatively Costly | Cost-Effective |
| Licensing | Relatively complex licensing | Flexible and simple licensing model. |
| MFA Methods | Supports only 8 MFA methods | 15+ MFA methods |
| Offline MFA | Offline mode not available for MFA | Provides full MFA security even in Offline mode |
| MFA Integrations with Windows VPN/RDP clients | Requires NPS to be installed | NPS is not required |
| Multi-Tenant Support for Radius Authentication | Supports single tenant as NPS is required to be deployed | Supports multiple domains |
| Third-Party IdP Support | Adding an external IDP is complex, involves Platform changes and setting up policies | Integration with third-party Identity Providers |
| User Directory Integration | Azure Active Directory is limited and doesn’t support any other | Users can authenticate via any user directory like AD/LDAP, any external database like HRMS system, AWS Cognito |
Conclusion
Understanding the challenges of migration and dealing with problems of Authentication is important keeping in mind about the trouble-free experience for users. The Azure MFA server has discontinued its service but the identity providers are ready to resolve those authentication gaps. miniOrange Multi-Factor Authentication (MFA) services ensure that the right set of eyes have access to your sensitive information sitting on the cloud or on-premise.
Moving behind username and passwords, miniOrange provides multiple types of authentications based on clients, devices, and locations, and a set of updated factors to verify any user.
Further Reading
Author
