All posts in category ZTNA

Absolute Secure Access and IPv6

Absolute Secure Access (formerly NetMotion Mobility) is a premium enterprise secure remote access solution with deep user and application insight supporting Windows, Mac, iOS (iPhone and iPad), and Android devices. Although Absolute Secure Access supports IPv6 for remote network connections and client IP address assignment, the latter is not enabled by default. Administrators must make additional changes to the configuration to assign IPv6 addresses to their clients so they can access resources inside the tunnel using IPv6.

DHCPv6 and SLAAC

Absolute Secure Access supports DHCPv6 and Stateless Address Autoconfiguration (SLAAC) methods for assigning IPv6 addresses to connected clients. Although IPv6 client addressing is not enabled by default, it is quick and easy to configure.

Note: Absolute Secure Access does not currently support static IPv6 prefix assignment.

Enable IPv6

To enable IPv6 global support for all Absolute Secure Access clients, open the Secure Access management console and navigate to Configure > Client Settings > Virtual Address > Allocation Method: IPv6. Administrators can choose to support either DHCPv6 alone or DHCPv6 and SLAAC. After making a selection, click the Apply button to save the changes.

Once configured, Absolute Secure Access clients will be assigned an IPv6 address and can access IPv6 resources over the Secure Access tunnel.

Split Tunneling

If you have configured the Absolute Secure Access policy for split tunneling, ensure you have included your internal IPv6 prefix(es) defined in the split tunneling policy.

Additional Information

NetMotion Mobility is now Absolute Secure Access

Absolute Secure Access Zero Trust Network Access (ZTNA)

What’s New in Absolute Secure Access v13

Absolute Secure Access Features and Capabilities

Absolute Secure Access Advanced Features In Depth

Enterprise Zero Trust Network Access (ZTNA) and VPN

Leave a comment
by Richard M. Hicks on March 14, 2024  •  Permalink
Posted in Absolute, Absolute Secure Access, Absolute Software, administration, Enterprise, enterprise mobility, Infrastructure, IPv6, Mobility, NetMotion, NetMotion Mobility, NetMotion Software, Operational Support, Remote Access, Security, VPN, Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on March 14, 2024

https://directaccess.richardhicks.com/2024/03/14/absolute-secure-access-and-ipv6/

Microsoft Entra Security Service Edge (SSE) on RunAs Radio

I recently had the opportunity to join my good friend Richard Campbell on the RunAs Radio podcast. During this episode, we discussed the new Microsoft Entra Security Service Edge (SSE). This new service offering includes Entra Internet Access, a cloud-based secure web gateway, and Entra Private Access, an identity-centric zero-trust network access (ZTNA) solution. Entra Private Access is in public preview today. Entra Private Access is still in private preview at the time of this writing, however.

You can listen to RunAs Radio episode 906 here.

Enjoy!

Leave a comment
by Richard M. Hicks on November 16, 2023  •  Permalink
Posted in Azure Active Directory, Azure AD, Azure App Proxy, Azure Application Proxy, Azure Conditional Access, Compliance, Conditional Access, Enterprise, enterprise mobility, Entra, Entra Global Secure Access, Entra ID, Entra Internet Access, Entra Private Access, Infrastructure, InTune, MDM, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Microsoft Intune, Mobile Device Management, Mobility, Multifactor Authentiction, public cloud, Remote Access, SASE, Secure Access Service Edge, Secure Service Edge, Secure Web Gateway, Security, TLS, VPN, Web Application Proxy, Web Proxy, Web Proxy Server, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on November 16, 2023

https://directaccess.richardhicks.com/2023/11/16/microsoft-entra-security-service-edge-sse-on-runas-radio/

Microsoft Entra Global Secure Access

Last week Microsoft introduced new Security Service Edge (SSE) capabilities as part of the Microsoft Entra suite of technologies. Included in these announcements, Microsoft introduced the public preview of two new secure remote access technologies – Microsoft Entra Internet Access and Microsoft Entra Private Access. The latter of these will particularly interest Microsoft Always On VPN administrators in some deployment scenarios.

Microsoft Entra Internet Access

Microsoft Entra Internet Access is a new Secure Web Gateway (SWG) cloud service solution designed to protect users from threats on the public Internet. Features include web content filtering, malware inspection, TLS inspection, and more. In addition, Entra Internet Access can protect Microsoft 365 applications. Azure Conditional Access policies can be enforced for Internet traffic. Network conditions are now included with Azure Conditional Access, which can further protect against attacks by requiring access from specific trusted or compliant networks. Today, the public preview is available for Microsoft 365 scenarios only. Internet traffic and other SaaS applications will be available later this year.

Microsoft Entra Private Access

Microsoft Entra Private Access is a Zero Trust Network Access (ZTNA) cloud service solution that leverages the Azure Application Proxy access model. With Azure App Proxy, administrators can easily publish private, on-premises web applications by installing the connector on an on-premises server. Administrators can leverage Azure AD authentication and conditional access policies to ensure device compliance or enforce multifactor authentication (MFA), if required. Microsoft Entra Private Access extends the capabilities of the Azure Application Proxy to support TCP and UDP-based applications.

Private Access vs. Always On VPN

Microsoft Entra Private Access will be a compelling alternative to Always On VPN in the future. Specifically, organizations using native Azure AD join devices could benefit tremendously from this technology. Microsoft Entra Private Access is much simpler to implement than Always On VPN and requires no on-premises infrastructure other than the Azure Application Proxy connector. Using Microsoft Entra Private Access also means that no inbound access from the Internet is required, making the solution inherently more secure and reducing the public attack surface. For organizations using hybrid Azure AD join, Always On VPN continues to be the best Microsoft solution for these scenarios.

References

Microsoft Entra Expands into Security Service Edge (SSE)

Microsoft Entra – Secure Access for a Connected World

Microsoft Entra Internet Access Preview

Microsoft Entra Private Access Preview

What is Zero Trust?

What is Zero Trust Network Access?

What is Security Service Edge (SSE)?

What is Secure Access Service Edge (SASE)?

What’s the Difference Between SSE and SASE?

Contact Us

I’ve had the privilege of participating in the private preview for Microsoft Entra Internet Access and Private Access. If you’d like to learn more about these technologies and how they can help your organization, fill out the form below, and I’ll provide more information.

6 Comments
by Richard M. Hicks on July 17, 2023  •  Permalink
Posted in administration, Always On VPN, AOVPN, authentication, Azure, Azure Active Directory, Azure AD, Azure AD Join, Azure App Proxy, Azure Application Proxy, Azure Conditional Access, cloud, Cloud Service, Conditional Access, Enterprise, enterprise mobility, Entra, Entra ID, Entra Internet Access, Entra Private Access, HAADJ, Hybrid Azure AD Join, Microsoft, Microsoft Entra, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Mobility, Multifactor Authentiction, public cloud, Remote Access, SASE, Secure Access Service Edge, Secure Service Edge, Secure Web Gateway, Security, SSE, SWG, VPN, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on July 17, 2023

https://directaccess.richardhicks.com/2023/07/17/microsoft-entra-global-secure-access/

« Older Posts