No Result
View All Result
Simon Angling
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me
Simon Angling
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me
No Result
View All Result
Simon Angling
No Result
View All Result
Home Cyber Security

Introducing Microsoft Entra Internet Access and Microsoft Entra Private Access

Simon Angling by Simon Angling
July 13, 2023 - Updated on September 10, 2023
in Cyber Security, Microsoft, Technology
Introducing Microsoft Entra Internet Access and Microsoft Entra Private Access

As well as some name changes, at the Microsoft Entra event on Tuesday (11 July 2023), Microsoft announced Microsoft Entra Internet Access and Microsoft Entra Private Access, which combined are termed as Global Secure Access .

Within Microsoft Entra, with these new Global Secure Access services, you can now create unified conditional access controls that bridge both identity and network controls allowing you to control access for any user, to any application or resource existing both in cloud and on-prem.

Let’s have a look at the two new components that form Global Secure Access services:

Microsoft Entra Internet Access

Microsoft Entra Internet Access is a Secure Web Gateway (SWG) that offers secure access for internet, SaaS, and M365 applications and resources whilst protecting your users and organisation from internet threats.

It isolates the traffic for Microsoft 365 applications and resources by connecting using either the Global Secure Access Client or through a remote network, such as in a branch office location.

One prerequisite that is worth pointing out is that devices must be either Azure AD joined or hybrid Azure AD joined. Azure AD registered devices aren’t supported.

The Global Secure Access Client can be downloaded from the Microsoft Entra admin center and organisations use a MDM platform such as Microsoft Intune to deploy.

Alternatively, remote networks can be defined that allow users to connect to Microsoft 365 services and other services without the Global Secure Access client, assuming of course that any additional Conditional Access policies are met.

It can simplify traditional network security to protect your organisations users, apps, and resources with advanced capabilities such as universal access controls, universal tenant restriction, token protection, web content filtering, cloud firewall, threat protection, and Transport Layer Security (TLS) inspection.

Microsoft Entra Private Access

Microsoft Entra Private Access offers your users secure access to your private applications and resources with an identity-centric Zero Trust Network Access (ZTNA) service.

Entra Private Access can be seen as an update to Azure AD Application Proxy. Application Proxy only worked with web `based applications whereas Entra private access works with SSH, RDP, SMB and other TCP/UDP-based applications allowing additional security such as MFA, compliance check and identity governance to application with the need for updating the application itself.

Microsoft’s Security Service Edge solution

Combined along with Microsoft Defender for Cloud Apps, Microsoft’s CASB, and built upon the core principles of Zero Trust, it verifies every user, forces least privilege, and assumes breach and forms part of Microsoft’s SASE framework.

The solution integrating with the rest of Microsoft’s security portfolio as well as work with the principals of being an open ecosystem it is designed to work in harmony and to supplement your existing network and security solutions.

Internet Access and Private Access share the same agent, which is compatible with multiple platforms and operating systems and is designed from the ground up and provide and consistent connectivity experience across devices and networks

References
https://www.microsoft.com/en-us/security/blog/2023/07/11/microsoft-entra-expands-into-security-service-edge-and-azure-ad-becomes-microsoft-entra-id/
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-expands-into-security-service-edge-with-two-new/ba-p/3847829

Related

Tags: AzureMicrosoft
Previous Post

Azure AD becomes Microsoft Entra ID

Next Post

Simplified pricing for Microsoft Sentinel

Next Post
Simplified pricing for Microsoft Sentinel

Simplified pricing for Microsoft Sentinel

Comments 2

  1. Alden Hardouin says:
    2 years ago

    great post

    Reply
  2. chirag shah says:
    2 years ago

    Any thought on pre-authentication ???

    when I hit xyz.com on browser, the app-proxy-service was completing the pre-auth.
    I was NOT required to create any CA-policy where target-resource=xyz.com
    I can of course create CA-policy if I want to do more secondary checks

    How about pre-auth during GSA-private access ??

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts

GTD and InBox Zero with Microsoft Outlook

Microsoft Defender Products and Licensing Demystified

Introducing Microsoft Entra Internet Access and Microsoft Entra Private Access

Defender for Endpoint for Servers vs Defender for Cloud Server

Increasing upload_max_size in php.ini with Azure Web Apps

Free Data Ingestion into Microsoft Sentinel Explained

What is Security Orchestration, Automation, and Response (SOAR)

Azure Front Door Vanilla, Standard and Premium

What is Zero Trust, and how Microsoft implements it

Microsoft Cybersecurity Reference Architectures (MCRA) Updated

Categories

  • Africa Overland
  • Archive
  • Asides
  • Cyber Security
  • Design
  • Education
  • Learning Out Loud
  • Microsoft
  • Personal
  • Productivity
  • Quotes
  • South Africa
  • Technology
  • Travel
  • Web Development
  • Privacy Policy
  • Cookie Policy

© 2024 Simon Angling

No Result
View All Result
  • Home
  • About Me
  • Cyber Security
  • Productivity
  • Blog
    • Cyber Security
    • Design
    • Education
    • Learning Out Loud
    • Microsoft
    • Productivity
    • Technology
  • Contact Me

© 2024 Simon Angling