Mike Groves (wgroves)

QuickDog Users Group Forum

Hosted by Mike Groves (wgroves)

Share information about your experience using QuickDog Handicapping Software for Windows.

  • 2225
    MEMBERS
  • 29764
    MESSAGES
  • 0
    POSTS TODAY

Discussions

Advantages of AD Azure Premium   General Discussion

Started Oct-5 by PeterGroft; 86 views.
PeterGroft

From: PeterGroft

Oct-5

Microsoft offers its domain management software, Active Directory, as a product in Azure services which provides all the same security features as an on-premise implementation. The Azure product can be used on its own or as a hybrid implementation with an on-premise AD structure, making it a highly valuable feature of Azure.

AD Azure Premium is present with all kinds of virtual and cloud services since security is an important feature in Azure. Since AAD is already functional in Azure and can be extended into an existing Active Directory structure, it’s important to understand the compatibility of additional versions which may already be in use. Either as a stand-alone product or an extension to the cloud, AAD is very important for organizational security, especially with integration into Office 365 and remote user sign-on.

The variation of tools in Azure AD replaced Dirsync and Azure AD Sync so that cloud and on-premise implementations mesh with each other seamlessly. Synchronization between the two is a key component for security as is AD Connect which is another integration tool that provides development and management of services for the use of single-user identities and single sign-on access including on-premise applications, cloud-based applications and Office 365.

With the Azure AD services, items in Active Directory are kept synchronized so that information about resource and identity security is up-to-date. Additionally, authentication methods in a wide variation are equally available in AAD including cloud authentication with Hash Synchronization, pass-through authentication and ADFS (federated authentication). Azure AD Connect Health monitors AD resources from the Azure portal for centralized management.

The premium additions of Azure AD are important to understand as these provide enterprise level tools for organizations in need of higher security measures, especially in Azure. While subscription services like Office 365 and Azure are automatically provided in Azure AD, these premium editions include important additional features for security and resource management. The premium versions are P1 and P2 and include these additional features to those basic in Azure AD.

Azure AD Premium P1 – is an enterprise-level edition that provides identity management for on-premise users, remote users and hybrid users accessing applications both locally and over the Azure PC. This edition includes support for self-service identity, access management, administration of dynamic groups including self-service group management, as well as Microsoft Identity Manager which is a suite of on-premise identity and access management tools.
Azure AD Premium P2 – is this edition includes all of the features of Azure AD Premium P1 with the addition of Identity Protection and Privileged Identity Management (PIM). Identity Protection provided management of conditional access to apps and critical data. PIM enhances management of privileged accounts tied to administrative access to resources.

One of the important factors in using a premium edition of AAD is dynamic group administration. IT administrators can receive many security group membership requests but the use of dynamic groups in premium editions provides for management with policies. Assigning policies to user ID’s means that group memberships are included based on assigned criteria and no additional requests are necessary.

The Premium P2 tier differs from the alternate P1 tier with added Identity Protection and Privileged Identity Management (PIM) which increase security measures to meet the toughest of expectations. Azure AD Identity Protection adds improved reporting of risk events so organizations can further assess potential vulnerabilities for all identities with the function of blocking or remediating these security risks with adaptive actions. PIM provides additional information about administrative accounts which allows for higher protection and lower risk of security breaches with this level of accounts. The Privileged Identity Management package clearly identifies Azure AD Administrators, adds a just-in-time administrative access for Office 365, provides reports about administrative access history and changes to admin assignments and sends alerts about access to privileged accounts.

...[Message truncated]
View Full Message
TOP