News

Microsoft Adds Two New Entra Products, Renames Entra Azure Active Directory

Microsoft on Tuesday announced an expansion of its Microsoft Entra identity and access management product line, and also indicated that it is ending its Entra Azure Active Directory product name.

Entra Azure Active Directory will get renamed to "Entra ID." The two new products, Microsoft Entra Internet Access and Microsoft Entra Private Access, are both characterized as addressing networking security gaps. Microsoft also claimed that these three products now make up a "Microsoft Security Service Edge (SSE) solution," which will facilitate applying Conditional access policies across organizational resources and apps.

Here's how Joy Chik, president of identity and network access at Microsoft, described the effects of the Microsoft SSE solution, per the announcement:

We're converging controls for identity and network access so you can create unified Conditional Access policies that extend all protections and governance to all identities and resources. With a single place to safeguard and verify identities, manage permissions, and enforce intelligent access policies, protecting your digital estate has never been easier.

With the two new additions, Microsoft Entra will expand to having about eight main product offerings.

Microsoft also announced new dashboards for Microsoft Entra ID Protection and Microsoft Entra ID Governance. The Entra ID Protection dashboard offers a "comprehensive snapshot of prevented identity attacks and the most common attack patterns," Chik noted. The Entra ID Governance dashboard is said to automate "the employee identity lifecycle to reduce manual work for IT," using machine learning.

"I think that once more security leaders see the dashboard, it's going to really help them make progress adopting zero trust," commented Alex Weinert, vice president of identity security at Microsoft, during Microsoft's July 11 "Reimagine Secure Access with Microsoft Entra" event.

This 1.5-hour "Reimagine" event (previously scheduled for June 20) featured lots more talk about Microsoft Entra developments by Microsoft luminaries, with some demos. It's now said to be available on demand.

Say Hello to Entra ID
Entra ID is the new name for Entra Azure Active Directory. Microsoft had tucked the Azure AD product name into the Entra suite when it first announced the new product branding last year, but this venerable name will be disappearing. The name switch to Entra ID is already in effect now, but it won't be completed for all customers until year's end, according to Microsoft's partner blog announcement.

The changeover to Entra ID is just a name switch and "there will be no changes to product capabilities, price, or licensing," noted Irina Nechaeva, general manager for identity and network access at Microsoft, in an announcement, as well as "no changes to any capabilities," in another announcement. IT pros using Entra Azure Active Directory do not have to take any action.

Microsoft Entra Internet Access Preview
Microsoft Entra Internet Access is a new secure Web gateway product that's available (with signup) at the preview stage. A "secure Web gateway" is used to protect PCs while accessing the Internet, as well as checking for unwanted software or malware via URL filtering, according to a Gartner "Glossary" definition.

Microsoft described Entra Internet Access as also adding the ability to extend "Conditional Access with network conditions," such as preventing "a stolen access session token from being replayed by requiring a user to be on a 'compliant network' to access resources," per a description by Sinead O'Donovan, vice president of program management at Microsoft, in this announcement.

Currently, the preview of Entra Internet Access Preview just works for "Microsoft 365 scenarios" for Windows clients. O'Donovan added that "Internet Access for all traffic, cloud firewall, threat protection and support for all other OS types will be available later this year."

Microsoft Entra Private Access Preview
Microsoft Entra Private Access is currently available as a public preview via this page. O'Donovan described it as "an even better solution" than Application Proxy in Microsoft Entra. It can be used to "easily connect to private applications, no matter where the user is -- in the office or remote -- and regardless of where the application is hosted -- a local on-premises data center or in any public cloud," O'Donovan indicated.

Moreover, Entra Private Access lets organizations add security controls without changing the apps, such as adding "multifactor authentication (MFA), device compliance check, identity protection, identity governance, and single sign-on to any TCP/UDP-based application, including SSH, RDP, SAP, and SMB file shares and other private resources," she added. It'll work with so-called "legacy apps," Microsoft contended.

Microsoft's Security Service Edge Solution
As noted above, Entra ID, Entra Internet Access and Entra Private Access are all said to be part of Microsoft's SSE solution.

This SSE solution was presented as kind of an architectural concept, with Microsoft offering this illustration:

[Click on image for larger view.] Figure 1. Microsoft's Security Service Edge solution (source: July 11 Microsoft "Security, Compliance and Identity" blog).

The SSE solution gets delivered using the "Microsoft global network," which "connects our Microsoft data centers across 61 Azure regions with more than 185 global network POPs," O'Donovan explained. SSE isn't available worldwide yet, though.

"Currently, Microsoft's SSE solution is available in a select set of locations in North America and Europe, with additional locations to be added throughout the course of this year," O'Donovan stated.

The point behind SSE is that it will enable Entra Internet Access and Entra Private Access users to enforce a "unified, identity-centric approach to any application, resource, or destination, using user identity, device compliance, application, and now new network compliance as conditions," O'Donovan explained.

SSE will have partner support options, which weren't elaborated upon. Chik stated that "we'll continue to evolve our SSE solution as an open platform that delivers the flexibility of choice between solutions from Microsoft and our partners."

Chik did specifically note that Microsoft currently has global system integrator partnerships with the Entra ID Governance service, which includes companies such as "Edgile, a Wipro company, EY, KPMG, and PwC."

Pricing for the new Entra Internet Access and Entra Private Access products will be announced at "general availability" release time, Chik added.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

comments powered by Disqus

Subscribe on YouTube