All posts tagged Entra Private Access

Microsoft Entra Security Service Edge (SSE) on RunAs Radio

I recently had the opportunity to join my good friend Richard Campbell on the RunAs Radio podcast. During this episode, we discussed the new Microsoft Entra Security Service Edge (SSE). This new service offering includes Entra Internet Access, a cloud-based secure web gateway, and Entra Private Access, an identity-centric zero-trust network access (ZTNA) solution. Entra Private Access is in public preview today. Entra Private Access is still in private preview at the time of this writing, however.

You can listen to RunAs Radio episode 906 here.

Enjoy!

Leave a comment
by Richard M. Hicks on November 16, 2023  •  Permalink
Posted in Azure Active Directory, Azure AD, Azure App Proxy, Azure Application Proxy, Azure Conditional Access, Compliance, Conditional Access, Enterprise, enterprise mobility, Entra, Entra Global Secure Access, Entra ID, Entra Internet Access, Entra Private Access, Infrastructure, InTune, MDM, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Microsoft Intune, Mobile Device Management, Mobility, Multifactor Authentiction, public cloud, Remote Access, SASE, Secure Access Service Edge, Secure Service Edge, Secure Web Gateway, Security, TLS, VPN, Web Application Proxy, Web Proxy, Web Proxy Server, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on November 16, 2023

https://directaccess.richardhicks.com/2023/11/16/microsoft-entra-security-service-edge-sse-on-runas-radio/

Microsoft Entra Global Secure Access

Last week Microsoft introduced new Security Service Edge (SSE) capabilities as part of the Microsoft Entra suite of technologies. Included in these announcements, Microsoft introduced the public preview of two new secure remote access technologies – Microsoft Entra Internet Access and Microsoft Entra Private Access. The latter of these will particularly interest Microsoft Always On VPN administrators in some deployment scenarios.

Microsoft Entra Internet Access

Microsoft Entra Internet Access is a new Secure Web Gateway (SWG) cloud service solution designed to protect users from threats on the public Internet. Features include web content filtering, malware inspection, TLS inspection, and more. In addition, Entra Internet Access can protect Microsoft 365 applications. Azure Conditional Access policies can be enforced for Internet traffic. Network conditions are now included with Azure Conditional Access, which can further protect against attacks by requiring access from specific trusted or compliant networks. Today, the public preview is available for Microsoft 365 scenarios only. Internet traffic and other SaaS applications will be available later this year.

Microsoft Entra Private Access

Microsoft Entra Private Access is a Zero Trust Network Access (ZTNA) cloud service solution that leverages the Azure Application Proxy access model. With Azure App Proxy, administrators can easily publish private, on-premises web applications by installing the connector on an on-premises server. Administrators can leverage Azure AD authentication and conditional access policies to ensure device compliance or enforce multifactor authentication (MFA), if required. Microsoft Entra Private Access extends the capabilities of the Azure Application Proxy to support TCP and UDP-based applications.

Private Access vs. Always On VPN

Microsoft Entra Private Access will be a compelling alternative to Always On VPN in the future. Specifically, organizations using native Azure AD join devices could benefit tremendously from this technology. Microsoft Entra Private Access is much simpler to implement than Always On VPN and requires no on-premises infrastructure other than the Azure Application Proxy connector. Using Microsoft Entra Private Access also means that no inbound access from the Internet is required, making the solution inherently more secure and reducing the public attack surface. For organizations using hybrid Azure AD join, Always On VPN continues to be the best Microsoft solution for these scenarios.

References

Microsoft Entra Expands into Security Service Edge (SSE)

Microsoft Entra – Secure Access for a Connected World

Microsoft Entra Internet Access Preview

Microsoft Entra Private Access Preview

What is Zero Trust?

What is Zero Trust Network Access?

What is Security Service Edge (SSE)?

What is Secure Access Service Edge (SASE)?

What’s the Difference Between SSE and SASE?

Contact Us

I’ve had the privilege of participating in the private preview for Microsoft Entra Internet Access and Private Access. If you’d like to learn more about these technologies and how they can help your organization, fill out the form below, and I’ll provide more information.

6 Comments
by Richard M. Hicks on July 17, 2023  •  Permalink
Posted in administration, Always On VPN, AOVPN, authentication, Azure, Azure Active Directory, Azure AD, Azure AD Join, Azure App Proxy, Azure Application Proxy, Azure Conditional Access, cloud, Cloud Service, Conditional Access, Enterprise, enterprise mobility, Entra, Entra ID, Entra Internet Access, Entra Private Access, HAADJ, Hybrid Azure AD Join, Microsoft, Microsoft Entra, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Mobility, Multifactor Authentiction, public cloud, Remote Access, SASE, Secure Access Service Edge, Secure Service Edge, Secure Web Gateway, Security, SSE, SWG, VPN, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on July 17, 2023

https://directaccess.richardhicks.com/2023/07/17/microsoft-entra-global-secure-access/

%d bloggers like this: