Microsoft Entra Internet Access and Microsoft Entra Private Access comprise Microsoft’s Security Service Edge (SSE) solution named Microsoft Entra Global Secure Access. The way people work has changed. Instead of working in traditional offices, people now work from nearly anywhere. With applications and data moving to the cloud, an identity-aware, cloud-delivered network perimeter for the modern workforce is needed. This new network security category is called Security Service Edge (SSE) and expands Microsoft Entra capabilities with a zero trust network access (ZTNA) solution. Global Secure Access is built upon the core principles of Zero Trust to use least privilege, verify explicitly, and assume breach.
The baseVISION Global Secure Access Enablement service helps you to adopt Microsoft’s SSE solution, whether you intend to perform a proof of concept to replace your legacy VPN solution with Microsoft Entra Private Access or want to step-up your network security with a cloud-based secure web gateway by leveraging Microsoft Entra Internet Access. Microsoft Entra Internet Access and Microsoft Entra Private Access – coupled with Microsoft Defender for Cloud Apps, a SaaS-security focused Cloud Access Security Broker (CASB) – are uniquely built as a solution that converges network, identity, and endpoint access controls so you can secure access to any app or resource, from anywhere.
Secure your Microsoft 365 traffic with Global Secure Access — already included in your existing Microsoft Entra ID P1 or P2 license.
With Microsoft Entra Global Secure Access you can:
Enforce unified adaptive access controls
Eliminate gaps in your defenses. Protect access end-to-end with unified identity-centric access controls that extend Conditional Access and continuous access evaluation to any application, resource, or other network destination.
Simplify network access security
Minimize risk from threats and escape the complexity and cost of traditional stand-alone network security tools with comprehensive, simple to deploy, cloud-delivered security services that include Zero Trust network access (ZTNA), secure web gateway (SWG), and cloud access security broker (CASB).
Deliver a great user experience anywhere
Boost hybrid work productivity with fast and seamless access through a globally distributed secure network edge with points of presence (PoPs) closest to the user. Eliminate extra hops to optimize traffic routing to apps and resources—on-premises, across clouds, and anywhere in between.
Microsoft Entra Private Access is an identity-centric Zero Trust Network Access (ZTNA) solution that helps you to:
Replace legacy VPN with an identity-centric ZTNA solution
Retire your legacy VPN and level up to Zero Trust Network Access (ZTNA) that lets you quickly enable Zero Trust access to all legacy, custom, and modern private apps for users connecting from anywhere, on any device, over
any network
Enforce adaptive Conditional Access across all private resources
Enable Conditional Access across all your private apps and resources—including multifactor authentication (MFA), location-based security, advanced segmentation, and adaptive least-privilege access policies—without making any changes to your apps or resources
Deliver fast, consistent access at global scale
Improve user productivity with fast and easy access powered by a vast global edge presence built on Microsoft’s global private network. Enable single sign-on (SSO) across all private apps and resources, whether they’re on-premises or in any cloud.
With Microsoft Entra Internet access as an identity-centric secure web gateway solution you can secure access to all internet and SaaS apps and resources, protecting your organization against internet threats and benefit from the following scenarios:
User/context-aware web category and fully qualified domain name (FQDN) filtering to allow/block internet destinations
Provide defense in-depth with new compliant network check integrated with Microsoft Entra ID to protect against token replay attacks
Strengthen access controls for any network by enhancing Microsoft Entra ID Conditional Access and Tenant Restrictions v2 access controls to protect against data exfiltration
Enforce Conditional Access conditions and controls to all internet destinations
Revoke network access to Microsoft applications in near-real time with Universal Continuous Access Evaluation (CAE)
The baseVISION Global Secure Access Enablement service consists of the following deliverables:
Workshop: During the workshop we provide you with an overview of Microsoft Entra Internet Access and Microsoft Entra Private Access so that you understand the prerequisites, features and we demonstrate real world use-cases
Initial Setup and Configuration: We support you with getting Microsoft Entra Internet Access and Microsoft Entra Private Access up and running in your environment.
Documentation The documentation provides you with the most relevant information about Microsoft Entra Internet Access and Microsoft Entra Private Access and the configuration applied within your environment.
