Microsoft Entra Security Service Edge. First Look
Microsoft Entra
Jan 3, 2024 7:00 PM

Microsoft Entra Security Service Edge. First Look

by HubSite 365 about Andy Malone [MVP]

Microsoft 365 Expert, Author, YouTuber, Speaker & Senior Technology Instructor (MCT)

External YouTube Channel
Pro User

Microsoft EntraLearning Selection

Explore Microsoft Entra: New Identity-Centric Network Solutions & Secure Access Revolution!

Key insights

Microsoft Entra Security Service Edge (SSE) is showcased in a special series by Jeremy Chapman, host of Microsoft Mechanics and Microsoft 365 Director. Viewers are given a comprehensive breakdown of Microsoft's global SSE network solutions. Topics include groundbreaking technologies such as Kerberos authentication for SMB file shares and secure access to VMs on iPads, marking significant strides in network security and flexibility. For professionals aiming to stay updated, this series is touted as a must-watch.

Legacy network security models struggle to meet modern digital demands, with rigid traditional systems not scaling well and jeopardizing user experience while allowing broad access to networks. This exposes organizations to risks such as account compromises and unchecked lateral movements within networks. Legacy approaches are now insufficient, prompting a need for integrated, agile, and user-friendly solutions to safeguard access to critical applications and resources.

Microsoft answered this challenge by announcing Microsoft Entra Internet Access and Microsoft Entra Private Access. These products represent a union of identity and network access solutions that minimize the integration hassles between different security tools. With Conditional Access in Microsoft Entra, organizations can effortlessly configure unified identity and network controls. This cloud-delivered model is easy to manage, cost-effective, and upholds Zero Trust principles, providing fine-tuned access based on identity verification and risk assessment.

Microsoft Entra Internet Access acts as a Secure Web Gateway (SWG) specifically for SaaS apps and internet traffic, shielding users from malicious threats. It allows for fine control over user access based on various factors such as user risk and device compliance, including unique features tailored for Microsoft 365. The service is in public preview for Microsoft 365 scenarios and will extend its capabilities to general internet traffic and threat protection for all operating systems later.

Introducing Microsoft Entra Private Access, a Zero Trust Network Access (ZTNA) solution that goes beyond the earlier Application Proxy offerings, facilitating secure access to private resources irrespective of user or application location. With deep integration with Conditional Access policies, organizations can protect sensitive applications with additional security layers without altering the apps. Microsoft Entra Private Access is currently in public preview.

Combining Internet Access and Private Access with Microsoft Defender for Cloud apps, Microsoft's SSE solution offers a comprehensive suite for secure and streamlined access control. Backed by Microsoft's global network, the SSE solution enables consistent user experience and security across applications and resources. Finally, Microsoft invites users to join the public preview and contribute feedback to enhance the solution further.

For more information, resources like Microsoft Entra technical documentation and discussion spaces are available, along with invitations to upcoming product deep dives.

Understanding Microsoft Entra's Innovations

Microsoft Entra is redefining network security by integrating identity and access management with network controls. With the unveiling of Microsoft Entra Internet Access and Private Access, organizations can better secure their digital environment using cloud-based solutions that incorporate Zero Trust principles. These solutions simplify access policies, enhance user experience, and adapt to the demands of modern work scenarios. The agility, cost-efficiency, and management ease of Microsoft Entra ensure organizations no longer have to choose between productivity and security. Users benefit from seamless access to resources, protected by multifactor authentication and continuous risk assessment. Microsoft's extensive global network ensures reliable and secure connectivity for users worldwide. Microsoft Entra represents a significant leap forward in securing both internet-facing and private enterprise resources in a world where traditional security borders have all but disappeared.

Microsoft introduces a groundbreaking approach to network security called Microsoft Entra Security Service Edge, in the second of three special episodes with Jeremy Chapman, a leading figure in Microsoft Mechanics. They delve into the Microsoft Global Secure Access, which is shaping up to be a major innovation in Security Service Edge (SSE) network solutions. This technology enables features such as Kerberos authentication for SMB file shares and secure VM access on an iPad, marking it as a vital tool for professionals seeking to maintain up-to-date security skills and knowledge.

The traditional methods of securing network access are becoming increasingly ineffective, as flexible work arrangements and digital transformation demand new strategies. Conventional security measures tend to compromise user experience whilst providing excessive network access, which can lead to breach risks. A single weak point has the potential to expose an entire network's sensitive data to unauthorized access and internal infiltration.

The complexity of integrating multiple identity and network tools for modern access solutions is a significant challenge for organizations. Using disparate security tools can result in overlooked vulnerabilities, potentially exposing harmful integration gaps that skilled attackers are quick to exploit. There arises a need for a more streamlined and agile security strategy.

To address these issues, two new products have been unveiled: Microsoft Entra Internet Access and Microsoft Entra Private Access. These services integrate network access solutions with identity management, eliminating the need for organizations to juggle different tools and policies across applications. Conditional Access in Microsoft Entra allows for the creation of unified identity and network controls.

Microsoft Entra Internet Access acts as an identity-centric Secure Web Gateway (SWG), guarding against online threats while managing access to SaaS apps and internet traffic. It enhances the parameters of Conditional Access by incorporating network conditions. This service offers robust defenses tailored for Microsoft 365, with features designed to protect against data leaks and offer real-time threat detection. Public preview for Microsoft 365 scenarios and a Windows client is available now, with expanded capabilities arriving later this year.

Microsoft Entra Private Access is a Zero Trust Network Access (ZTNA) solution elevating Application Proxy services, designed to secure and simplify access to any private resource across any location. With multi-factor authentication and identity governance features, it ensures secure access to applications regardless of the user's location or the hosting environment of the application. The service, currently in public preview, enables secure and seamless connectivity to any TCP/UDP-based application with modern authentication strategies.

Microsoft's comprehensive approach joins Internet Access and Private Access with Microsoft Defender for Cloud apps to form a robust Security Service Edge solution. This integrated system is open to collaboration with existing network and security solutions. Microsoft's extensive global network underpins the delivery of these services, offering high-quality, secure, and seamless connectivity.

By implementing these solutions, organizations can secure access using a unified, identity-centric approach across their digital environment with user identity, device compliance, and now network compliance as conditions. Microsoft encourages users to join the public preview to help refine this promising solution. For more information, there are various resources available to explore Microsoft Entra's expanded capabilities.

Understanding Microsoft Entra

Microsoft Entra redefines network security by offering an integrated suite of solutions, aligning with the modern Zero Trust security model. With identity at its core, Entra facilitates the protection of network access across diverse and dynamic digital environments. The emphasis on seamless integration with existing platforms positions Entra as a transformative force in enterprise security, paving the way for more secure, flexible, and user-friendly network access methodologies. This novel service edge ensures both efficiency and the safeguarding of sensitive corporate assets, driving forward the evolution of cybersecurity in an increasingly interconnected world.

Exploring Microsoft Entra Security Service Edge

Microsoft Entra Security Service Edge is being unveiled as a revolutionary approach to network solutions. In a series of three special episodes, Jeremy Chapman, the host of Microsoft Mechanics and Director of Microsoft 365, shares insights into these advancements.

The episodes focus on the Microsoft Global Secure Access and other groundbreaking technologies. For instance, they cover how to enable Kerberos authentication for SMB file shares and providing secure access to a VM from an iPad, showcasing the adaptability and forward-thinking design of this service.

Professionals seeking to stay ahead in the security domain will find this information critical. The new developments discussed are poised to transform the way digital security is handled in a dynamic work environment.

Flexible work arrangements and the fast pace of digital transformation have necessitated a shift in how secure access is managed. Traditional network security methods are unable to keep up with increasing demands, often compromising the user experience and giving users needless access to the corporate network.

A simple network breach can translate into significant risks for the entire network, highlighting the inadequacies of legacy network security models. Modern access solutions require seamless integration with multiple identity tools without any gaps that can be exploited by savvy cyber attackers.

A new networking model is essential to grant secure and agile access across all systems. Microsoft Entra Internet Access and Microsoft Entra Private Access are two new products designed to offer a united identity and network control, greatly simplifying and securing access.

Key Features of Microsoft Entra Offerings

Microsoft Entra Internet Access: This identity-centric Secure Web Gateway (SWG) effectively protects against online threats for various applications and general internet usage. Through innovative features such as Universal Tenant Restrictions for Microsoft 365 and enhanced risk assessment, it keeps your network safe while offering seamless integration with Microsoft Graph API.

Microsoft Entra Private Access: Building on the capabilities of the Application Proxy in Microsoft Entra, Private Access offers an identity-centric Zero Trust Network Access (ZTNA) solution. It simplifies and secures the connection to private apps from any location, without the need for any changes to those applications, while bolstering security with multifactor authentication, compliance checks, and single sign-on.

Both services, along with Microsoft Defender for Cloud apps, form the foundation of Microsoft's Security Service Edge solution. This integration offers consistent connectivity across devices and lets enterprises enforce unified Conditional Access policies across their digital environment.

Microsoft's Security Service Edge is supported by a vast private network that ensures optimal user connectivity to public and private resources. Though currently limited in geographical availability, expansions are planned throughout the year to further bolster its reach and effectiveness.

This unified SSE solution from Microsoft stands to centralize and strengthen access policies across the board. With continuous access evaluations, it ensures perpetual security and access alignment with organizational policies and needs.

The invitation to participate in the public preview reflects Microsoft's commitment to user feedback and continuous improvement of their secure access services for the digital landscape.

Microsoft Entra in Workplace Security

In a landscape where traditional security practices are becoming redundant, Microsoft Entra is introducing a paradigm shift towards more secure, efficient, and user-focused network security solutions. These advancements are accompanied by comprehensive integration with existing systems, making it easier for organizations to protect their digital spaces against ever-evolving threats.

Microsoft Entra - First Look: Microsoft Entra SSE Features & Benefits

People also ask

What is Microsoft Entra replacing?

Microsoft Entra is set to replace Azure Active Directory (Azure AD) as Microsoft's umbrella brand for identity and access capabilities. The change reflects a broadening of services to encompass a wider scope of identity and access management solutions.

What is the Microsoft Entra app?

The Microsoft Entra app represents the various applications and services within the Microsoft Entra product line. This encompasses tools that manage user access, permissions, and identity verification across a business's applications and infrastructure.

Which two services are provided by Microsoft Entra?

Microsoft Entra provides several services, but two key offerings include Microsoft Entra Permissions Management, which is a cloud infrastructure entitlement management (CIEM) service, and Microsoft Entra Verified ID, which helps users control their digital identity with verifiable credentials.

Is Microsoft Entra included in E5 license?

As of my knowledge cutoff in 2023, specific Microsoft Entra services were indeed included in the Microsoft E5 license. However, it's important to verify current licensing details, as Microsoft's offerings and what is included in its licenses might change over time.


Microsoft Entra Security Service Edge, Entra SSE First Look, Microsoft Entra SSE Preview, Microsoft Identity and Security, Entra Security Service Edge Introduction, Microsoft Cloud Security Solutions, Microsoft SSE Capabilities, Entra Security Edge Overview, Microsoft Entra Platform, Entra Identity Security Services