WatchGuard deepens Identity portfolio with new AuthPoint Total Identity Security bundle

The new offerings adds dark web credential monitoring and a password manager to WatchGuard’s original AuthPoint MFA solution.

Carla Roncato, vice president of Identity at WatchGuard

Cybersecurity vendor WatchGuard Technologies has announced AuthPoint Total Identity Security, a followup to their original AuthPoint MFA solution that bundles it with dark web credential monitoring capabilities and a corporate password manager.

WatchGuard formally interested the identity market with the creation of AuthPoint MFA, which used technology from an acquisition, launched at the end of 2018, and came to market in 2019. The product has been well reviewed since its inception, but AuthPoint MFA the product became identified as WatchGuard’s entire identity business.

“So this week, we are announcing a second brand, which makes it clear that Authpoint is the overall brand with products underneath that,” said Carla Roncato, vice president of Identity at WatchGuard. “AuthPoint Total Identity Security is our next product, which provides AuthPoint MFA and other technology all in one solution.

WatchGuard describes AuthPoint Total Identity Security as a comprehensive bundle that combines AuthPoint MFA with dark web credential monitoring capabilities and a corporate password manager.

Because of WatchGuard’s focus on the SMB and lower midmarket space, their competition in the identity space is somewhat limited.

“The ones who we run into the most is Duo, now a part of Cisco, Azure MFA and Okta,” Roncato said. “Okta are usually companies which tend to be non-Microsoft, and we tend not to compete much with Okta because their customers tend to buy the Okta stack.”

Roncato said that what is under the hood with these companies is not significantly different.

“Our MFA isn’t distinct,” she stated. “All the identity solutions are standards based. Where they are distinct from each other is user experience, and that is often related to the use cases that they address. Microsoft, for instance is so homogeneous, That’s why it doesn’t work as well for non-Microsoft stuff.”

Where WatchGuard is distinct, Roncato said, is with the additional elements of the bundle.

“Virtually none of the other MFA products provide the other things that we provide in the bundle,” she indicated. “We do password and credential monitoring, and which since we are SMB-focused, it all has to be deployable in an hour or two. We have taken the same components in enterprise grade solutions but have simplified them for SMBs, and we leave out a lot of things that are more purely enterprise, like provisioning and deprovisioning for larger companies.”

AuthPoint MFA Service is delivered through the WatchGuard Cloud, and is designed to make it easy to configure and manage offline and online verification methods and access policies across endpoints, VPNs, and web applications. It also facilitates setting up single sign-on application portals across multiple customer deployments.

One of the bundled items is WatchGuard’s AuthPoint Dark Web Monitoring Service.

“We have our own in-house service, where we get feeds from a consortium that allow us to proactively prevent account takeover and compromise,” Roncato said. The Dark Web Monitoring service notifies customers when compromised credentials, from up to three monitored domains, are found in newly acquired credential breach databases. Alerts are sent to impacted administrators and end users so they can generate new passwords quickly and before an account takeover occurs.

“With the average user having 27 passwords to remember, the chances of them being reused are very high, about 71%,” Roncato noted. “Having this tool which tells you a password is being reused stops this behavior. All you need to do is remember your vault password. That makes for a seamless experience, because all the rest is done for you.”

The Password Manager is what stores the passwords securely in the vault.

“This is something that we already had, so we reused what we already owned, although we did OEM some password management technology,” Roncato said. It stores all passwords in the vault and gives the user only one unique, complex vault password to remember.