Microsoft Entra Suite now generally available
Last July 11 Microsoft announced the general availability of the Microsoft Entra Suite. Since Microsoft focus for Zero Trust we see them delivering new security features making your users and environment more secure. Part of the Microsoft Entra Suite are Microsoft Entra Private Access and Microsoft Internet Access which where available for free testing in the last few months.
So, what is part of the Microsoft Entra Suite?
- Microsoft Entra Private Access – a Zero Trust Network Access that secures access to private apps and resources and reduces operational complexity and cost by replacing legacy VPNs.
- Microsoft Entra Internet Access – a Secure Web Gateway (SWG) for SaaS apps and internet traffic that protects against malicious internet traffic, unsafe or non-compliant content, and other threats from the open internet.
- Microsoft Entra ID Governance – a complete identity governance and administration solution that automates identity and access lifecycle to ensure that the right people have the right access to the right apps and services at the right time.
- Microsoft Entra ID Protection – an advanced identity solution that blocks identity compromise in real time using high-assurance authentication methods, automated risk and threat assessment, and adaptive access policies powered by advanced machine learning (also included in Microsoft Entra ID P2).
- Microsoft Entra Verified ID – a managed verifiable credentials service based on open standards that enables real-time identity verification in a secure and privacy respecting way. Included in the Microsoft Entra Suite are premium Verified ID capabilities, starting with Face Check.
Entra Private Access and Entra Internet Access
Let’s zoom in on the cool stuff that greatly enhances your security and also let’s you get rid of your old VPN solution. Note these 2 features can be purchased separately!
Entra Private Access
Microsoft Entra Private Access connects users to any private resource and application without the need of a traditional VPN solution. As traditional VPN enterprise protections continue to wane, Private Access improves a user’s ability to connect securely to private applications easily from any device and any network—whether they are working at home, remotely, or in their corporate office.
With Private Access (Preview), you can now implement granular app segmentation and enforce multifactor authentication (MFA) on any on-premises resource authenticating to domain controller (DC) for on-premises users, across all devices and protocols without granting full network access. You can also protect your DCs from identity threats and prevent unauthorized access by simply enabling privileged access to the DCs by enforcing MFA and Privileged Identity Management (PIM).
One of the best features is that you can now enforce conditional access policies on all private netwerk resource including legacy application that do not support modern authentication. You can even reroute internal traffic through the Global Secure Access client avoiding any risks for your on-premise domain controllers. Here is an example how that works:
Entra Internet Access
With the Microsoft Entra Internet Access you get, as Microsoft likes to call it, an identity-centric Secure Web Gateway (SWG) solution for Software as a Service (SaaS) applications and other Internet traffic. It protects users, devices, and data from the Internet’s wide threat landscape and comes with advanced logging.
The key introductory feature for Microsoft Entra Internet Access for all apps is Web content filtering. This feature provides granular access control for web categories and Fully Qualified Domain Names (FQDNs). By explicitly blocking known inappropriate, malicious, or unsafe sites, you protect your users and their devices from any Internet connection whether they’re remote or within the corporate network.
Web content filtering is implemented using filtering policies, which are grouped into security profiles, which can be linked to Conditional Access policies.
If you have the Microsoft Defender For Endpoint with Web Content filtering, this is almost the same feature, although all internet traffic is router through the Microsoft cloud with the Entra Suite.
Pricing
You can either buy the full suite, or buy it for the product that you need. Pricing per user per month. Be aware that Microsoft Entra ID P1 or P2 is a requirement before you can use the Entra Suite.
- Microsoft Entra Full Suite: $12.00
- Microsoft Entra Internet Access: $ 5.00
- Microsoft Entra Private Access: $ 5.00
- Microsoft Entra ID Governance: $ 7.00
- Microsoft Entra Verified ID: Pricing unknown
Trial
Currently Microsoft is offering a 90 day trial, so please feel free to try it out: Microsoft Entra Suite Trial – Sign up