Microsoft Entra Private Access | Replace VPNs for on-premises resources | Global Secure Access

Ғылым және технология

Enable secure access to all your private on-prem and cloud resources, beyond what you can do with traditional VPNs, with Microsoft Entra Private Access, part of Microsoft’s Security Service Edge solution. Private Access takes an identity-centric Zero Trust Network Access approach, and leverages the Conditional Access policy engine to assess risk in real time using identity, device, and application signals, and apply additional network conditions to protect any apps or resources, such as file shares or virtual machines. These capabilities are found under Global Secure Access in the Microsoft Entra admin center.
Ashish Jain, Principal Group PM for Microsoft Entra, shares how Microsoft Entra adds Security Service Edge controls for private connections that you'll find under Global Secure Access in the Microsoft Entra admin center.
► QUICK LINKS:
00:00 - Secure access to all private apps and resources
01:31 - Global Secure Access
02:27 - Set up private app access without using a VPN
03:34 - MFA with Conditional Access policies
05:24 - Connect to infrastructure resources on prem
07:03 - Connect from a mobile device
09:09 - Wrap up
► Link References
Get started at entra.microsoft.com
For more information, check out aka.ms/SSEPrivateAccessDocs
Check out our playlist at aka.ms/SSEMechanics
► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our KZread: / microsoftmechanicsseries
• Talk with other IT Pros, join us on the Microsoft Tech Community: techcommunity.microsoft.com/t...
• Watch or listen from anywhere, subscribe to our podcast: microsoftmechanics.libsyn.com...
► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: / msftmechanics
• Share knowledge on LinkedIn: / microsoft-mechanics
• Enjoy us on Instagram: / msftmechanics
• Loosen up with us on TikTok: / msftmechanics
#ZeroTrust #ConditionalAccess #Cybersecurity #MicrosoftEntra

Пікірлер: 25

  • @laukage
    @laukage5 ай бұрын

    Microsoft is really bringing out important features recently! :D

  • @RyanProsser0
    @RyanProsser025 күн бұрын

    💯🔥 what a GAME CHANGER! Not always an MSFT fanboy but this has me impressed. Can’t wait to test and deploy with my org

  • @davidgorman994
    @davidgorman9945 ай бұрын

    This is really useful. We have tested it here a bit and it could really replace our VPN for some staff. Hopefully it isn't too expensive

  • @Joshlrrc
    @Joshlrrc5 ай бұрын

    Looks great!

  • @MSFTMechanics

    @MSFTMechanics

    5 ай бұрын

    Thanks! Glad you like it.

  • @adriang7824
    @adriang7824Ай бұрын

    Is there cloud trust activated when access to 445 ? In my newly installed client no kerberos comunication when attempt.

  • @mistagreenjeans
    @mistagreenjeans5 ай бұрын

    great video but do you have any info on how to obtain the UDP (private dns) capable version of the client? Any sources in Microsoft that might hint to when that would be available?

  • @aRiflip
    @aRiflip5 ай бұрын

    Would love to know the pricing of this or if it’s going to be bundled with an existing sub

  • @flove7808
    @flove78085 ай бұрын

    Hasn't been released (UDP and private DNS / Kerberos > SMB), yet, right? Client Version is still 1.6.51.

  • @saeednouri3586
    @saeednouri35865 ай бұрын

    What's the recommendation if mobile user is on the same network range as internal? i.e. 192.168.x.x /24 which is quite common in SMB type environments?

  • @Teramos
    @Teramos5 ай бұрын

    The Big Elephant in Room is the Pricing, will it stay at Entra ID P1 or will a separate 10$ per User License be needed. Otherwise absolutely great Product, hope UDP gets implemented soon.

  • @overtask982

    @overtask982

    5 ай бұрын

    I thought it was the iPad he must actually use next to the prop Surface

  • @flove7808

    @flove7808

    5 ай бұрын

    Same issue for me. In the video at kzread.info/dash/bejne/kZirlKyPoaSadZs.htmlsi=9Hg4rIoUMN10uSHu&t=351 he mentions private DNS support and it clearly shows UDP traffic. When was this released?

  • @cdfcloud
    @cdfcloud5 ай бұрын

    We have all our resources hosted in azure( vm, sql, mongo, container app, azure static webapp, app service, log analytics,etc). How i can set this up for all the engineers in our organization totally 30 engineers most are working remotely, we are having e5 license

  • @ABLwAmazing
    @ABLwAmazing5 ай бұрын

    Great to have a cloud-based ZTNA solution. Too bad that--like most other things recently---this almost certainly won't be bundled into commercial plans and will instead be another add-on.

  • @MegaSpazzie
    @MegaSpazzie4 ай бұрын

    What about replacing CITRIX VDA VMs with Office 2019 on-prem for example?

  • @williamkelly330
    @williamkelly3305 ай бұрын

    Will this work for cached credentials on hybrid joined devices?

  • @fbifido2
    @fbifido22 ай бұрын

    Setup concept: We have Azure Entra-AD & 100 Microsoft 365 Business Premium: - in Azure IaaS, we have 2 Windows Server 2022 Azure Entra-AD joined, running file server, and a Azure NAT-GW for them to get internet & windows update. - on-prem we also have 2 Windows Server 2022 Azure Entra-AD joined , running print server, and a hardware firewall for internet access, DHCP, DNS. - on-prem we have 80 Windows 10 Pro desktop, that is Azure Entra-AD joined. note: we don't have Active Directory on-prem, nor Azure Entra Active Directory Domain Services in Azure. Can we use Microsoft Entra Private Access to allow the 80 clients to access the 2 file server in Azure IaaS without a VPN?

  • @vish9870
    @vish98704 ай бұрын

    Great product.. been waiting for since long.. but while exploring ... unable to reach ADDS configured azure file share from private access,... as users is unable to authenticate with DC....pls suggest how we can resolve this? Thanks.

  • @RyanProsser0

    @RyanProsser0

    25 күн бұрын

    Azure network security group rules

  • @ADMEDIA_UK
    @ADMEDIA_UK5 ай бұрын

    Surely you need a the vpn between on premise server to azure

  • @raymondsiring470

    @raymondsiring470

    5 ай бұрын

    you do, but not using Azure VPN gateway it seems.

  • @deltaperformance5606

    @deltaperformance5606

    5 ай бұрын

    Its using the App proxy agent

  • @Excalibur80
    @Excalibur805 ай бұрын

    Does Entra Private Access replace the need for Azure Active Directory Domain Services?

Келесі