Using validation-rules on entity gives you the most reliable validation, since it is always triggered. One downside, that sometimes comes into play, is performance. This happens when:
More often then not, this is not an issue.
Having placed all your validation on the entities, your user will still benefit from validation on page, because this happens front-end, which is earlier and faster.
Validation in a microflow usually only validates the attributes needed in the microflow. No need to check all attributes.
As entity validations are limited to attributes and single attributes allone, they are suitable for masterdata entities.
Page validations are client side validations and with that only suitable for direct interaction with users.
Microflow validations can validate master data, associations, combination of attributes etc. And thus in most cases the way to go. Create sub-microflows for your validations, returning a boolean to capture result.
If you want that the validation is executed in ALL commits, you can use a before commit event. Returning a false in the BCo microflow will abort the commit.
In short use always mixroflows, entity when dealing with masterdata, client-side when direct user interaction is needed (PERSONAL NOTE; VALIDATE USING MICROFLOWS ALWAYS BEFORE COMMITTING, AS CLIENTSIDE ISNT DATA VALIDATION, ONLY USER INTERACTION OR BETTER FRASED; "USER BUGGING")