• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
How to use Microsoft Sysmon, Azure Sentinel to log security events

Scenarios To Consider Before Adopting Azure Active Directory

January 1, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

March 5, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft makes passwordless push in Azure Active Directory

March 5, 2021
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

Microsoft Power BI Premium Per User pricing is a game changer

March 4, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 4, 2021
8×8 makes raft of updates to platform

BitDam ATP+ protects Office 365 users from unknown threats

March 4, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

Cloud Network Engineer – Associate – ATL

March 3, 2021
Microsoft Outlines How To Set Up Windows Virtual Desktop

What’s New in Tufin Orchestration Suite 21-1

March 3, 2021
Innovative solutions for IT workers at home

BitDam Offers Complete Security for Office 365 Email, OneDrive and Teams With The Introduction of BitDam ATP+

March 2, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft to add new shared channels, encryption for calls, webinar features to Teams

March 2, 2021
Microsoft Declares ‘General Availability’ of Threat Experts Security Service

Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

March 1, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

March 1, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

March 1, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, March 7, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Microsoft To Build New Azure Cloud Data Centers In Greece

    Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft makes passwordless push in Azure Active Directory

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

    8×8 makes raft of updates to platform

    BitDam ATP+ protects Office 365 users from unknown threats

    Microsoft Outlines How To Set Up Windows Virtual Desktop

    What’s New in Tufin Orchestration Suite 21-1

    Innovative solutions for IT workers at home

    BitDam Offers Complete Security for Office 365 Email, OneDrive and Teams With The Introduction of BitDam ATP+

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Cloud Announces Three New Vertical Cloud Solutions

    Innovative solutions for IT workers at home

    Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

    Innovative solutions for IT workers at home

    What is database encryption?

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

    Microsoft Power BI Premium Per User pricing is a game changer

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Cloud Network Engineer – Associate – ATL

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft to add new shared channels, encryption for calls, webinar features to Teams

    Microsoft Declares ‘General Availability’ of Threat Experts Security Service

    Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Releases Azure Firewall Premium in Public Preview

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

    8×8 makes raft of updates to platform

    Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News Business

Scenarios To Consider Before Adopting Azure Active Directory

by AZURE SECURITY NEWS EDITOR
January 1, 2021
in Business
0
How to use Microsoft Sysmon, Azure Sentinel to log security events
491
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

Organizations considering the use of Microsoft’s Azure Active Directory (AD) services need to examine some complex scenarios that involve user management, authentication and on-premises app support.

That complex message was outlined by Mark Diodati, a research vice president at Gartner Inc., at Gartner’s Catalyst event, which took place this month in San Diego. He described how to decide among various Microsoft Azure AD technologies in his talk, “Adoption Considerations for Microsoft Azure Active Directory.” In his session, Diodati also alluded to some emerging Microsoft technologies, such as “Azure AD as a Service,” “Azure Domain Compatibility Service” and an “Azure B2C Service” that possibly are yet to come.

Microsoft’s identity and access management (IAM) strategy has mostly been playing out in the cloud with its Azure AD service. There have been few enhancements to its premises-based AD solution. The Workplace Join capability for Windows client devices, as enabled through Windows Server 2012 R2, was the one premises-based AD improvement that Microsoft has rolled out in recent times, Diodati noted.

Azure IAM Components
Microsoft has three components that power its Azure IAM solutions. The first component is its Azure cloud computing services, which serve as Microsoft’s infrastructure-as-a-service (IaaS) solution. The second component is Azure AD Premium, which Diodati described as Microsoft’s “Identity Management as a Service” offering (abbreviated as “IDaaS”). Microsoft’s IDaaS provides IAM services for Azure services that are built on the Azure platform. Lastly, Microsoft makes what Diodati called “identity bridge” solutions. An identity bridge is an on-premises component that’s used to synchronize local directories to Microsoft’s IDaaS and enable single sign-on to IDaaS. Microsoft’s identity bridge solutions can bridge Kerberos and LDAP to JSON over REST, as well as SAML.

Other Microsoft IAM components include Azure AD Connect, which has the task of creating users by syncing them from premises-based environments to Azure AD. Also, Microsoft’s Azure AD Federation Services (ADFS) works on premises to enable single sign-on (SSO) connections to Azure AD. Microsoft also has its Azure AD Application Proxy Service, which enables SSO capabilities for apps housed on premises, particularly apps that are Kerberos driven.

Diodati outlined three main categories to consider when assessing the use of Azure AD. Organizations should consider user management capabilities, user authentication and SSO, and the handling of on-premises applications.

User Management Considerations
Organizations that are all in the cloud, with no on-premises AD, are all set in terms of user management. Diodati said that Azure AD has a semicapable console for the purpose. Another way to manage users at scale is to leverage Azure Graph APIs, which have GET, PUT, POST and DELETE operators.

However, most organizations will have an on-premises AD environment in place. These organizations will need to use an identity bridge for their user management operations. The identity bridge acts to monitor an AD environment and will detect any changes. The benefit of using an identity bridge is that it can transparently extend user management capabilities to get into Azure AD IDaaS.

Organizations considering Azure AD should take a few steps to assure support for user management capabilities. First, they should resolve forest trust issues on premises. Next, they should clean up their local AD before using Azure AD. Gartner recommends using Microsoft’s free IdFix tool to identify and fix any inconsistences, such as oddities in the way users were named. If necessary, organizations should consider using a virtual directory solution to enable runtime consolidation of multiple, heterogeneous user directories.

In addition, organizations should support user management by using the right identity bridge for directory synchronization with Azure AD. Organizations should select Azure AD Connect as the identity bridge solution if Azure AD manages all SaaS app users or if Azure password sync or writeback is used. Organizations should select a third-party app as the identity bridge solution to carry out user management and SSO, or if the organization has multiple, heterogeneous user directories.

Organizations can also leverage Azure Graph APIs to manage users. PowerShell cmdlets can be used, too, but it depends on the user management tasks that need to get done, Diodati said.

Azure Virtual Machines
Another management option is to install a version of AD into an Azure Virtual Machine, which requires an on-premises AD to work. However, there are lots of challenges with this approach. You don’t have access to on-premises AD users. There are difficulties with private networking and firewalls. And you need domain controllers for the Virtual Machines.

Gartner advises making an assessment before trying the Azure Virtual Machine route. If organizations have applications that require AD-type services, then they should wait until Microsoft rolls out something new that Diodati called the “Azure Domain Compatibility Service.” They should only proceed with the Azure Virtual Machine route if they have apps that absolutely require AD-type services.

Diodati added that Microsoft will be coming out with new technology that he called “Azure AD as a Service.” It supports user store, Kerberos and Group Policy, but it also has some narrow aspects of a virtual directory. He didn’t elaborate.

Authentication and SSO Considerations
Azure AD can be used to provide authentication and SSO access for employees, partners and customers. Organizations should decide if they want to enforce the use of passwords, SSO or both. Organizations should use both to support anywhere access.

Many small-to-medium businesses use password sync for authentication with Azure AD, which requires having Azure AD Connect in place. ADFS may be the tool to use if Azure AD is used for all authentications. In general, federated identity provides better security and SSO for on-premises users.

Organizations should use third-party tools if they want a single bridge solution for both user management and authentication/SSO or if they are using SSO with SaaS applications on premises. Another case for third-party tools is support for Web access management systems.

Authenticating with consumer users in a business-to-consumer (B2C) scenario is a special case. It means supporting social media logins, such as those of Twitter and Facebook. Diodati said using Azure AD for these B2C cases may require a fair amount of customization to work today. He recommended waiting for “Azure’s new B2C service” before trying to enable it.

On-Premises App Handling
Integrating on-premises apps, such as Web apps, with Azure AD requires using Azure AD Application Proxy. That means installing the Azure Application Proxy Connector on premises, which functions like a reverse-proxy server. The on-premises Web apps then get published via the Azure AD portal.

If an organization is only using Azure AD, then the use of the Azure Application Proxy might be great. Another case for using Azure Application Proxy is if the on-premises apps are Kerberos based. Third-party solutions should be considered when there are mixtures of users coming from other IDaaS environments or if there’s a need for SSO with non-Kerberos apps.

Diodati’s 45-minute talk at Gartner Catalyst was quite nuanced. It’s currently available on demand for Catalyst attendees and Gartner clients.

Reference: https://redmondmag.com/articles/2015/08/21/azure-active-directory-considerations.aspx

Share196Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

by AZURE SECURITY NEWS EDITOR
March 4, 2021
0

Microsoft recently released a few new Azure Active Directory (AD) features, namely My Apps "collections" and new "risk detections" capabilities, into general availability (GA)....

Microsoft Outlines How To Set Up Windows Virtual Desktop

What’s New in Tufin Orchestration Suite 21-1

by AZURE SECURITY NEWS EDITOR
March 3, 2021
0

Tufin 21-1 is packed full of new features and product enhancements, including incorporating many of our customers’ requests, to help...

Innovative solutions for IT workers at home

BitDam Offers Complete Security for Office 365 Email, OneDrive and Teams With The Introduction of BitDam ATP+

by AZURE SECURITY NEWS EDITOR
March 2, 2021
0

BitDam, a leading provider of cybersecurity solutions that protect business communications from unknown threats, today announced the availability of BitDam ATP+, its...

Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

by AZURE SECURITY NEWS EDITOR
March 1, 2021
0

The Global Cloud Security in Banking Market Report provides a holistic evaluation of the market for the forecast period (2020–2026)....

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Microsoft To Build New Azure Cloud Data Centers In Greece

Yubico Makes Passwordless Authentication Generally Available for Azure AD Users

March 5, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft makes passwordless push in Azure Active Directory

March 5, 2021
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

Microsoft Power BI Premium Per User pricing is a game changer

March 4, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In