So far as I’m aware there has been no update on support for the MX64. In fact I’ve seen some recent documents that stated its unsupported, rather than coming soon, so who knows.
The experience is pretty good. It’s not the full feature set like with the Cisco ASA, but it’s a pretty good starting point. You can’t specify your own domain, it uses the auto-generated dynamic-m.com domain. Authentication is either RADIUS, Meraki, or on-premises AD; through RADIUS you could integrate with AzureAD, but there is no native support for AzureAD. There is no native MFA, although again, this should be possible using something like Duo.