Microsoft Entra Expands With Two New Security Products
Read time 4 mins
You may be aware that in August 2023 Microsoft Azure Active Directory (Azure AD) became Microsoft Entra ID, a rebrand that is scheduled to complete by the end of this year and will, according to Microsoft, simplify product naming and unify the product family. Capabilities and licensing plans, sign-in URLs, and APIs will remain unchanged during this process.
About the change, Joy Chik, Microsoft president for identity and network access stated that all existing deployments, configurations and integrations will continue to work as before.
At the same time this news dropped, Microsoft also announced two new security offerings: Microsoft Entra Internet Access and Microsoft Entra Private Access – products designed to fill the gap where legacy network security approaches are no longer sufficient due to accelerating digital transformation and increasingly flexible working patterns seen worldwide.
Together with Microsoft’s SaaS security-focused cloud access security broker, Defender for Cloud Apps, the two new products will complete Microsoft’s Security Service Edge (SSE) solution.
SSEs are a technology used to deliver wide area network and security controls directly to the source of connection rather than a data centre. As a cloud-native solution, they reduce complexity by offering the benefit of a single vendor for all security functions while also enjoying the scalability, elasticity, adaptability and self-healing capabilities typical of all cloud services.
Let’s take a closer look.
Microsoft Entra Internet Access
Entra Internet Access is a Secure Web Gateway (SWG), a cloud-delivered network security service that protects organisations from online security threats and other non-compliant content by enforcing company policy and filtering Internet-bound traffic using identity-based protection.
For instance, using Microsoft Entra Internet Access, companies could block access to resources from all non-compliant devices or even high-risk users (at least without additional security measures in place); additionally, it can be used to extend the conditions of Conditional Access, Microsoft’s Zero Trust Policy Engine.
Microsoft Entra Internet Access will offer users improved visibility and access to Microsoft 365 apps, as well as sharing unique capabilities across the platform (including Universal Tenant Restrictions to prevent data exfiltration, e.g., to personal accounts) and near-real time, location-precise threat detection.
The preview for Microsoft 365 scenarios is currently available, while the capabilities for all internet traffic and SaaS apps will be released later this year.
Microsoft Entra Private Access
Microsoft Entra Private Access is a zero-trust network access (ZTNA) solution that prioritises identity-based security for private apps and resources. It enables users to connect to private apps regardless of their location or device across hybrid and multi-cloud environments, private networks, and data centers.
Private Access is designed to simplify operations since organisations won’t need to make changes to applications or resources, nor add another layer of security controls, to provide access from different locations/environments. It will also lower costs by replacing traditional VPNs and provide enhanced security with conditional access, multifactor authentication and device compliance controls.
Using Entra Private Access, admins will be able to create simple policies to more effectively target groups of applications based on the sensitivity of the application for the organisation.
Entra Private Access is currently available in preview and pricing for both Internet Access and Private Access services will be detailed when these products reach general availability.
A unified solution
As above, Internet Access and Private Access, coupled with Microsoft Defender for Cloud apps, will make-up Microsoft’s SSE solution – a solution designed to integrate deeply with broader Microsoft’s security portfolio and enable an open partner ecosystem, meaning it works with organisations’ existing network and security solutions.
By working across operating systems and providing consistent connectivity across devices and networks, Microsoft’s SSE solution will offer organisations agility, enhanced user experience, and stronger, more modern, security controls.
Using the service, organisations will no longer need to devote time to deciding which tool works best for which app or how to bridge policies from identity teams versus networking teams.
With the introduction of Microsoft’s SSE solution, Internet Access and Private Access will enable customers to secure access with a unified, identity-centric approach to any application, resource, or destination. It will use user identity, device compliance, application – and now new network compliance – as conditions.
Final word
Internet Access and Private Access will provide organisations much-needed agility, alongside being easy to manage. For instance, among the advancements within the Entra portfolio is a new dashboard which will provide users with clear metrics cards and attack graphs, providing insights into the origins of risk, the evolving security posture, and ongoing attack types, as well as offering recommendations based on risk exposure.
The products also appear cost-effective when compared to legacy on-premises systems and will offer organisations the ability to maintain user productivity alongside using best-in-class security controls. Remember, Entra is built on Zero Trust principles and uses risk-based context, giving users access only to applications, resources, and destinations they need to do their job.
The good news is, Microsoft has committed to keep expanding Entra to make life harder for threat actors and easier and more secure for admins and users. As part of that commitment, Joy Chik stated the goal was to:
Provide the broadest possible coverage along with a flexible and agile model where people, organisations, apps and even smart things can confidently make real-time access decisions.
Joy Chik, President of Identity and Network Access
Watch this space.
To find out more about how Microsoft Entra, or any of the Microsoft technology stack, might benefit your organisation, please get in touch with our Microsoft experts using the green ‘get in touch’ button on this page
