Steve Ballmer, if you remember him, was the one who came up with the name “Azure Active Directory.” But after many years of confusion, Microsoft has now shifted towards more explicit branding. This change is part of the broader renaming strategy in which security products have been grouped under the Microsoft Defender brand, compliance products under Microsoft 365 Compliance, and identity products under Microsoft Entra.
Key Renaming Announcements
Name Changes & Licensing details
The most prominent change is the name transition from Azure Active Directory to Microsoft Entra ID. Azure Active Directory will gradually fade out in the coming weeks and months. All documentation and exams will soon reflect the new name, Microsoft Entra ID.
In terms of licensing and costs, Azure Active Directory’s free version will become Entra ID for free. The Azure AD Premium P1 will become Entra ID P1, included with Microsoft’s E3 plan. For those with an E5 subscription, the P2 plan will be renamed as Microsoft Entra ID P2.
The functionality of the E3 version and the free version remains the same with no price increases. However, the P2 version sees a number of improvements.
Entra Portal Changes
The renaming is reflected in the various admin centers. “Azure Active Directory” has been replaced with “Identity,” which now leads to the Entra Admin Center. The categories have also been revamped. In place of Azure Active Directory, you’ll find categories such as Entra Identity, Entra ID Identity Governance, and Entra ID Verifiable Credentials.
What’s NOT Changing
Certain product names will remain the same. Notably, the Azure Active Directory B2C (Business-to-Consumer) feature will continue as an Azure service.
Exciting New Features
Entra Identity Governance
This feature, which has been in preview for quite a while, allows IT administrators to manage entitlements, access packages, lifecycle workflows, and access reviews. There’s also a range of templates for easy onboarding and workflow creation.
Entra Security Service Edge Solutions
One of the standout features is the Global Secure Access preview. This feature allows IT administrators to take advantage of Microsoft’s extensive data center and networking infrastructure, providing secure and configurable internet access for remote users.
Global Secure Access
To get started, go to the Microsoft Entra Admin Center and activate the Global Secure Access preview. From here, you can provide private or public internet access for your employees, similar to a VPN solution but at a much lower cost. Once you’ve activated the preview, you can download the client for both Windows 10 and Windows 11.
Conditional Access Enhancements
With these network innovations, a robust security solution is necessary. Microsoft is extending the capabilities of Conditional Access and Continuous Access Evaluation to enforce security policies not just on apps and devices, but also on your networking configurations. The new Unified Conditional Access feature allows IT administrators to enforce, monitor, and control access to certain websites or applications.
One key part of Microsoft’s security approach is its conditional access policy. These policies are built on signals such as user characteristics and the type of app being accessed. With the new Global Secure Access Preview feature, it becomes possible to add additional conditional access policies and set them up for specific types of traffic, like Microsoft 365 traffic.
These policies can account for user risk levels, device platforms, and even locations. For instance, we have the ability to restrict access to certain device platforms or allow only compliant network locations to access the system.
Moreover, it’s important to note that Microsoft is continuously enhancing its security measures to cover even older, legacy authentication clients, ensuring a safe environment for hybrid scenarios.
Another fascinating feature is the ability to filter for devices. This allows the creation of policies that specify which devices, or types of devices, can access Microsoft 365. The incorporation of dynamic rules makes this feature especially versatile.
After establishing the conditions, or signals, we can define the actions required for access. For instance, multi-factor authentication can be a requirement for granting access, unless the user is in a trusted location.
In conclusion, Microsoft’s transition from Azure AD to Entra ID provides IT administrators with improved naming conventions, enhanced security features, and the same robust functionality. As we delve deeper into these changes in future articles, it is clear that this shift promises exciting developments for identity and access management. The changes in Microsoft’s conditional access policy offer a level of flexibility and security that truly impresses.
What do you think about Microsoft’s new developments? Are they making the right moves? Your opinions and feedback are greatly appreciated, so don’t hesitate to share your thoughts and any session suggestions in the comments.