Zero Trust Network Access (ZTNA)
Are you looking for information about ZTNA of Microsoft Azure and Microsoft 365? In this archive you will find all our posts about ZTNA.
-
Microsoft Entra Private Access: Secure Access to Internal Resources and Cloud Services without VPN
Microsoft Entra Private Access enables identity-based access to private enterprise applications and resources located on premises and in the cloud, without relying on traditional VPN connections. Access control is provided by Microsoft Entra ID, which enforces Zero Trust principles based on contextual signals. As a component of Microsoft Entra Global Secure Access, the service delivers location independent network access. Microsoft Entra ID evaluates identity, device status and applicable policies to determine access. This article describes how to configure Microsoft Entra Private Access, starting with service activation and Quick Access configuration through to the installation of the Global Secure Access client. Validation of the setup is performed using name resolution and…
-
Deploy Azure Bastion and shareable links
With Azure Bastion and shareable links deployment, RDP and SSH connections to virtual machines in Azure can be made quickly and securely from anywhere. The virtual machines do not need a public IP address, agents or other software, and the time-consuming management of NSGs (network security groups) or VPNs is also eliminated. Azure Bastion uses a web client based on HTML5 that uses TLS over port 443 and is a PaaS (Platform-as-a-Service) service. Regular updated and managed by Microsoft, this Azure service provides an extra layer of protection against zero-day exploits.
-
Passwordless Sign In with Microsoft Entra ID (Azure AD) and YubiKey (FIDO2)
Passwordless Sign In with a FIDO2-enabled security key such as a YubiKey in conjunction with Microsoft Entra ID (Azure AD) provides high security while maintaining ease of use. There is no longer any need to enter a username and password. For users with private mobile devices who do not want to install the Microsoft Authenticator app, a security key from YubiKey offers a good alternative. This tutorial sets up a YubiKey 5 security key for passwordless sign in to Microsoft Azure and Microsoft 365 services.
-
Passwordless Sign In with Microsoft Authenticator App
Passwordless sign in with the Microsoft Authenticator App makes sign in to Azure and Microsoft 365 cloud services more secure and convenient for the user. The typing of a password is replaced by a modern method, e.g. the Microsoft Authenticator app. Passwordless sign-in to cloud apps can be achieved using various methods: For a significant increase of identities security, the cost-effective variant with the Microsoft Authenticator App is the best choice.
-
Microsoft Entra Privileged Identity Management (PIM): Request Microsoft Entra roles or Microsoft Azure roles by User
Microsoft Entra Privileged Identity Management (PIM) optimizes the management of privileged roles to Microsoft Azure and Microsoft 365 resources. This contributes to the improvement of the security standards of cloud services. An additional feature is the Just-in-Time authorization, where a user is granted elevated privileges only for the period in which they are actually needed. This minimizes the risk of misuse and unauthorized access. This guide explains how a user can apply for a Microsoft Entra role or Microsoft Azure role for a specific period of time and how an administrator can efficiently manage this requests.