Datawiza
Back to blog
May 1, 2023BlogIndustry

Datawiza Access Proxy: An Alternative to Entra App Proxy

technology-g1cc9478d0_1280

As a Microsoft partner, we always strive to explore innovative solutions that complement or enhance Microsoft’s existing offerings. In this blog, we will discuss Datawiza Access Proxy (DAP) as an alternative to Microsoft Entra App Proxy (Azure AD App Proxy). O ur goal is to provide an objective comparison of the two solutions, emphasizing the specific features of Datawiza Access Proxy that make it the preferred choice if your organization has these requirements.

The key differences between Datawiza Access Proxy and Microsoft Entra App Proxy primarily reside in three areas: 1) hybrid cloud support, 2) traffic management, and 3) the range of supported identity providers.

datawiza access proxy vs entra app proxy
datawiza access proxy vs entra app proxy

datawiza access proxy vs entra app proxy

Hybrid Cloud Support Datawiza Access Proxy is engineered for hybrid and multi-cloud environments, offering seamless integration across on-premises systems, private clouds, and public cloud platforms. This flexibility allows organizations to maintain consistent access control policies and user experiences, regardless of where their applications are hosted. In contrast, Microsoft Entra App Proxy is more tightly coupled with the Azure ecosystem, which may limit its adaptability in diverse hybrid cloud scenarios. ​

Traffic Management The method by which these two proxies handle traffic establishes a significant contrast. Microsoft Entra App Proxy, by default, makes your applications publicly accessible over the internet, requiring your traffic to be routed via the Azure cloud before interacting with your applications. Alternatively, Datawiza Access Proxy positions itself as a more private, secure choice. It forgoes the transfer of your traffic to any cloud infrastructure and instead facilitates deployment directly within your network. With Datawiza Access Proxy, you’re given the flexibility to decide whether to expose your proxy to the public internet, allowing your applications to be accessible globally, or to confine it exclusively within your network. This measure provides an added layer of control over how your applications are revealed, ensuring they remain safely within the perimeters of your corporate network if desired. ​

Multiple Identity Providers Support While Microsoft Entra App Proxy solely supports Microsoft Entra ID as a default identity provider, Datawiza Access Proxy provides a broader spectrum of options. It is inclusive of Microsoft Entra ID and extends support to numerous other identity providers such as Microsoft Entra External ID, Azure AD B2C, Amazon Cognito, Auth0, Okta, Cisco Duo, Ping Identity, KeyCloak, and more. ​

The table below highlights the key differences between the two solutions, with more in-depth information available in the following sections.

FeatureDatawiza Access ProxyMicrosoft Entra App Proxy
Hybrid Cloud SupportYes (e.g., AWS, Azure, Google and others)Azure Only
Multiple Identity Provider SupportYes (e.g., Entra ID, Entra External ID, Azure AD B2C, Okta, Ping, Duo and others)Entra ID Only
Internal AppsYesYes
Customer-facing AppsYesNo
Remote user supportYesYes
Internal user supportYesNot ideal
URL path level access controlYesNo
Enriching user attributes with external dataYes (e.g., LDAP, SQL databases, RESTful APIs)No
Cross-platform deploymentSupports all platforms (Windows, Linux, containers, Kubernetes)Connectors require Windows servers

The following sections offer a more detailed analysis of the unique features that differentiate Datawiza Access Proxy from Microsoft Entra App Proxy. We hope this comparison helps you make an informed decision while evaluating access management options for your organization.

Hybrid Cloud Support: Datawiza’s Flexibility

Microsoft Entra App Proxy is primarily designed for cloud-centric environments, particularly those deeply integrated with the Azure ecosystem. While it offers secure remote access to on-premises applications, its architecture often necessitates routing traffic through Azure, which may not align with organizations seeking a more versatile hybrid cloud approach. ​

In contrast, Datawiza Access Proxy (DAP) is engineered with hybrid and multi-cloud environments in mind. It provides seamless integration across on-premises systems, private clouds, and public cloud platforms. This flexibility allows organizations to maintain consistent access control policies and user experiences, regardless of where their applications are hosted.

By offering a cloud-agnostic solution, Datawiza Access Proxy empowers organizations to adopt a hybrid cloud strategy that best fits their operational and security requirements, without being confined to a single cloud provider’s ecosystem. ​

Multiple Identity Provider Support: Datawiza’s Versatility

Microsoft Entra App Proxy is closely tied to Entra ID (Azure AD) as its identity provider. While this integration works seamlessly for organizations already using Entra ID, it can be limiting for those currently using and/or looking to use other identity providers.

Datawiza Access Proxy provides more flexibility by supporting various identity providers, such as Azure AD B2C, Okta, Google, Ping and Cisco Duo, in addition to Entra ID. This versatility allows organizations to choose the identity provider that best suits their needs and simplifies integration with existing identity management infrastructure.

Catering to Both Remote and Internal Users: Datawiza’s Advantage

Microsoft Entra App Proxy was primarily designed for remote users. While it is possible to use Microsoft Entra App Proxy for internal users, the process involves routing traffic from the internal environment to the Azure cloud and then back to the internal environment. This approach is not ideal, as it can introduce latency and potential compliance concerns

In contrast, Datawiza Access Proxy has been designed with both remote and internal users in mind. This flexibility allows organizations to streamline their access management, without the need for additional configurations or routing traffic externally.

Granular URL Path-Level Access Control: Datawiza’s Precision

A critical feature that sets Datawiza Access Proxy apart from Microsoft Entra App Proxy is its ability to enable granular URL path-level access control. This functionality is essential for organizations that require precise and configurable access to specific parts of their applications.

Microsoft Entra App Proxy offers application-level access control, which is suitable for basic access management scenarios. However, it may not meet the needs of organizations that require a more fine-grained approach to manage access to their resources.

Datawiza Access Proxy addresses this limitation by allowing administrators to define and enforce granular access control policies based on URL paths. This capability enables organizations to provide selective access to specific resources within an application, ensuring that only authorized users have access to sensitive information or functionality.

For instance, an organization might want to grant certain users in a group access to a specific reporting dashboard within an application, while restricting access to other parts of the application. Datawiza Access Proxy makes it easy to implement such policies, providing a higher degree of security and control for businesses with complex access requirements.

Enriching User Attributes with External Data Sources: Datawiza’s Extensibility

Another noteworthy feature of Datawiza Access Proxy is its ability to enrich user attributes by querying external data sources. This functionality adds significant value to organizations that require a more comprehensive understanding of their users’ attributes for implementing context-aware access control policies or enhancing user experience.

While some identity providers offer basic user attribute information, they may not cover all the attributes needed by an organization to make informed access control decisions. In such cases, Datawiza Access Proxy’s extensibility proves invaluable, as it can fetch additional user attribute data from external sources such as LDAP, SQL databases, or RESTful APIs.

For example, an organization might want to grant access to specific resources based on a user’s department, location, or job title. By enriching user attributes through external data sources, Datawiza Access Proxy can provide a more detailed and accurate understanding of users’ profiles, enabling organizations to create more precise and context-aware access control policies.

This capability not only strengthens security but also offers the potential to improve user experience by personalizing content and functionality based on enriched user attributes.

Diverse Deployment Options: Datawiza’s Cross-Platform Compatibility

Microsoft Entra App Proxy requires a Windows server to deploy a connector, which can be limiting for organizations that rely on other platforms or prefer containerized deployments.

Datawiza Access Proxy breaks free from platform limitations, offering support for Windows, Linux, containers, and Kubernetes. This flexibility allows organizations to choose the deployment option that best aligns with their existing infrastructure and preferences, reducing the need for additional resources or platform-specific expertise.

Conclusion

As a Microsoft partner, we are proud to offer solutions that complement and enhance Microsoft’s products. Our goal is the make sure our customers choose the solution that best matches their organization’s requirements.

Datawiza Access Proxy provides a flexible alternative to Microsoft Entra App Proxy by providing hybrid and multi-cloud support, integration with multiple identity providers, support for external and internal users, granular URL path-level access control, the ability to enrich user attributes with external data sources, and diverse deployment options.

We hope this blog has provided valuable insights into the capabilities of Datawiza Access Proxy and specifically, where we believe Datawiza Access Proxy would be the more effective enterprise solution. It is essential to note that our intention is to present a fair comparison for organizations exploring their access management options.

We look forward to your thoughts and input.

Datawiza is Easy to Get Started

Sign up to secure your AI agents and critical enterprise apps

Try Datawiza