Active Directory

Azure Active Directory Premium P1


 

First off, let’s quickly explain what Active Directory is.


Active Directory is a way of knowing who is within the business and which department/group they are in so they can access to required areas of the business. AD helps to control access on a hierarchy policy. If you have on-premises servers you’ll use Windows Server Active Directory, but with many businesses using Microsoft 365 services, Azure Active Directory is designed to provide similar to its cloud services. Azure AD enables the business to manage the identity of users, groups and more. Giving permission to Apps, Devices and Data via the cloud management portal. The identity and access are managed entirely from the cloud and all the cloud services will work in partnership with Azure AD.
Some businesses use a hybrid approach that synchronises both Azure AD with Windows Server AD to ensure security across users and groups. Windows Servers AD is typically used on-premises when Single Sign On is required.
Azure AD provides Multi-Factor Authentication to give users protection against 99.9% of cyber security attacks. Users will be connected seamlessly no matter if they are in the office, working from home or working from a remote location. Users’ credentials are safeguarded by enforcing robust authentication and conditional access policies. Management of identities is a very efficient way to determine whether the right person is requesting access.

Provisioning Applications and Federating


Azure AD doesn’t only work with just Microsoft applications, it also works with thousands of other cloud applications (SaaS). You can use Azure AD federation with most SaaS applications including in-house developed applications. Azure AD uses outbound provisioning capabilities as well as inbound.

Conditioning Policies


One of the key features of Azure AD is Conditional Access (CA). CA enables management to define to a granular level of Who, What and When access is allowed to which application. It can go as far as Zero-Trust. Conditions can be set to the User and the IP address of the network.

Azure AD features:

  • Office 365 features, plus
  • Advanced group management (Dynamic groups, naming policies, expiration, default classification)
  • Advanced security and usage reports
  • Application Proxy for on-premises, header-based, and Integrated Windows Authentication
  • Automated group provisioning to apps
  • Azure AD Connect Health Reporting
  • Cloud app discovery (Microsoft Defender for Cloud Apps)
  • Conditional Access
  • Global password protection and management – custom banned passwords, users synchronized from on-premises Active Directory
  • Group assignment to applications
  • Microsoft Identity Manager user client access license (CAL)
  • Self-service group management (My Groups)
  • Service-level agreement
  • Session lifetime management Learn more
  • SharePoint limited access
  • Terms of use attestation
IT Helpdesk