top of page

EMAIL ADDRESS

14622 Ventura Blvd Ste 2047

Sherman Oaks, CA 91403

MAILING ADDRESS

Toll Free: 877-3GC-GROUP

Phone: 213-632-0155

PHONE NUMBER

Contact Us

3GC POST

An Introduction to the Microsoft Entra Security Service Edge



In 2023, Microsoft introduced the Security Service Edge (SSE), designed to be an agile security solution in today’s work environment. This solution integrates deeply with Microsoft’s security portfolio and enables an open partner ecosystem that is compatible with existing network and security solutions. 

 

But what exactly does Microsoft Entra SSE bring to the table and how can organizations benefit from it, especially with existing security infrastructures?

 

All About SASE

 

In understanding the capabilities of Microsoft Entra SSE, it is important to first understand the concept of Secure Access Service Edge (SASE), where SSE is based on. SASE is described as a cloud-native solution designed to strengthen network security by bringing together software-defined wide area networking (SD-WAN) and security protocols such as Zero Trust Network Access, Firewall as a Service, Cloud Access Security Broker, and Secure Web Gateway.

 

What Microsoft Entra SSE Offers

 

Microsoft Entra SSE offers the capabilities of SASE while leveraging Microsoft’s other cloud-based solutions and network infrastructure for optimized connectivity. As such, Microsoft Entra SSE includes Entra ID, Microsoft’s integrated cloud identity and access solution; the Global Secure Access client for Windows, which monitors and routes network traffic over the Microsoft backbone, and Defender for Cloud Apps, which acts as a broker between the communication of user identities and cloud apps and allows for policies regarding app governance.

 

Another notable feature of Microsoft Entra SSE is that users can set up different protocols or controls for traffic coming in from three app/resource channels.

  • Microsoft 365 - all traffic to Microsoft network endpoints

  • Private access - traffic to on-premises hosted apps

  • Internet access - traffic to the Internet or other external networks


With Microsoft Entra SSE, users can not only manage traffic via Internet Access through security traffic profiles and web content filtering policies. They can also configure Private Access allowing specific users to establish and secure access to any on-premises app.

 

At the same time, Internet Access and Private Access share the same agent, which works across operating systems and provides consistent connectivity across devices and networks. What this means is that users can also enforce unified Conditional Access policies that consider identity, device, application, and now network conditions with any application or website, regardless of which IDP the application uses, and without changing those applications.

 

Significance

 

The introduction of Microsoft Entra SSE is a significant step for Microsoft in expanding its identity portfolio, enhancing it not only with technologies developed by the company but also embracing security technologies from other vendors. For organizations that traditionally rely on a single vendor and cloud strategy, a product that is akin to Microsoft Entra SSE is a welcome development. Ultimately, a more capable security system provides better opportunities for growth and profitability for any organization that chooses to adopt such a system.

Comments


bottom of page