Microsoft Entra Security Service Edge Internet Access & Private Access Overview

In this video we are going to give a overview of Microsoft Entra Security Service Edge (SSE) with a demo included showing private access connectivity over RDP, SMB, HTTP.

We start by looking at typical legacy network security approches with office environments and cloud and whats the need for this change to keep up with our flexible and modern ways of working with digital transformation and the way we secure access.

This is where Microsoft have now introduced the Microsoft Entra Security Service Edge. This is in public preview right now and provides Microsoft Entra Internet Access and Microsoft Entra Private Access.

Global secure access client is installed on the end device and this is an agent that can monitor and route network traffic over the Microsoft backbone and apply controls for internet and private access.

Entra Internet Access protects access to any public cloud app or SaaS. The Internet traffic can be managed through traffic profiles.

It protects against malicious and unsafe internet traffic where you can block access for users or non compliant devices using conditional access policies. We can also apply these policies at the network level. So basically with Entra Internet Access we can secure access to all internet, SaaS, and Microsoft 365 apps.

This is all based on Entra ID, such as ID protection and Conditional Access to provide secure authentication, apply tenant restrictions or to detect risky signals and gather activity data based on the principles of Zero Trust.

We then have Entra Private Access which works using application proxy which has been around for a long time and you may be using it to access private web apps currently. This solution has been enhanced for Zero Trust where we can secure access to any private resource, port or protocol.

We would install the application proxy connector on a server, connectors must be installed on a Windows Server that has access to the backend application. The Application Proxy Connector doesn’t require you to open inbound connections through your firewall and proxys the connection.

Then we can create a azure enterprise app to gain access to our private workloads and apps over the internet. The application can be located anywhere, on premise or in the cloud.

Microsoft Entra Security Service Edge

Microsoft Entra Security Service Edge

Defender for Endpoint

Microsoft Entra Expands into Security Service Edge


About cloudinspired

Cloud Inspired authors have over 30 years experience within the IT industry, providing expertise and knowledge on infrastructure, hybrid, public and private clouds platforms. Detailed easy to follow technical videos, training and tutorial guides are provided by subject matter experts covering various technologies including Azure, IaaS, SaaS, PaaS and Microsoft 365. This website focuses mainly on the Microsoft 365 and Azure Cloud platform and provides easy to follow step by step technical guides, diagrams, cloud certifications and tutorials. The aim is to deliver articles and videos on Microsoft 365 and Azure Cloud from start to finish on many different Azure services and certifications, building and increasing the viewers knowledge in a short, logical, easy to understand format quickly getting to the point of the subject matter! Check out the YouTube channel for a full list of published Cloud Inspired videos and lets get inspired about Cloud!

View all posts by cloudinspired →

Leave a Reply

Your email address will not be published. Required fields are marked *