What is Global Secure Access?

The adoption of cloud workloads combined with an increasingly mobile workforce has put a strain on traditional corporate networks and network security models. Threat actors continue to adapt to the new paradigm, finding the gaps between security solutions. Employees also must contend with delays due to a complicated array of endpoint security measures that make accessing resources a headache.

This shift, coupled with the migration of applications and data to the cloud, necessitates a modern approach to network security tailored for today’s workforce. This innovative paradigm is known as Security Service Edge (SSE) and can replace existing services like VPNs with a more secure, integrated, and zero trust-compliant approach to allowing remote users access.

Within Microsoft’s SSE solution are Microsoft Entra Internet Access and Microsoft Entra Private Access. Both are encompassed under the unified term Global Secure Access, managed through the Microsoft Entra admin center. Global Secure Access embodies the foundational principles of Zero Trust, emphasizing least privilege, explicit verification, and the assumption of potential breaches.

Oxford Computer Group can help you deploy, configure, and manage Global Secure Access to suit your organization’s requirements. As a launch partner for three Microsoft Entra workloads, we can help you get the most out of your Microsoft 365 and Microsoft Entra licensing to create a streamlined zero trust identity and security infrastructure.

Securely connect users and devices to public and private resources seamlessly with Global Secure Access's unified portal.

Global Secure Access, Microsoft’s Security Service Edge (SSE), is the centralized location in the Microsoft Entra admin center where you can configure and manage Entra Internet Access and Entra Private Access in a cost-effective, streamlined manner.

Microsoft’s Security Service Edge (SSE) solution

Microsoft’s networking model brings together Microsoft Entra Internet Access and Microsoft Entra Private Access, along with Microsoft Defender for Cloud Apps, in the Security Service Edge (SSE) solution. It enables unified Conditional Access policies by taking into account attributes from identities, devices, apps, and network conditions. Organizations can greatly streamline network access security without compromising the end-user experience.

The features of Global Secure Access streamline the deployment and administration of access control capabilities through a unified portal. These capabilities leverage Microsoft’s extensive Wide Area Network, spanning over 140 regions and 190 network edge locations worldwide. This vast private network, among the largest globally, optimizes the secure connection of users and devices to both public and private resources.

Microsoft Entra Internet Access

Microsoft Entra Internet Access offers secure access to Microsoft services, SaaS applications, and public internet applications. It protects users, devices, and data from internet threats while providing best-in-class security, visibility, and fast access to Microsoft 365 apps. It includes a cloud-delivered Secure Web Gateway (SWG) that is identity-centric and device-aware, ensuring secure access to public internet applications.

Easy to activate: All OS types supported and no new agent needed
Adaptive access controls: New network signals for conditional access and data exfiltration with tenant restrictions
Gain visibility into your environment: Faster threat detection, near real-time security logs, and threat correlation with cross-tenant, cross workload insight
Optimized end-user experience: Optimal path routing for best-in-class performance and availability

Microsoft Entra Private Access

Microsoft Entra Private Access ensures secure access to your organization’s private resources for users, whether they are in-office or working remotely. It leverages the capabilities of Microsoft Entra application proxy to extend access to any private resource, port, or protocol.

Remote users can securely connect to private applications across hybrid and multicloud environments, private networks, and data centers from any device and network, eliminating the need for a VPN. The service provides per-app adaptive access governed by Conditional Access policies, offering more granular security controls compared to traditional VPN solutions.

Broad application support: Provide secure access to all private apps and access non-web apps
Identity-centric security controls: Control access using Entra Conditional Access policies and provide single sign-on to private apps
Segmented app access: Assign policies and access to individual apps or to groups
App discovery: Discover private apps and onboard them in Microsoft Entra ID to segment access to resources
Intelligent local access: Adaptive local access to private apps for hybrid users

Global Secure Access Resources from OCG

Contact OCG to Learn More About Global Secure Access

Oxford Computer Group can help your organization get the most out of your Microsoft 365 and Microsoft Entra licensing to create a streamlined, zero trust identity and security infrastructure. We can help you deploy, configure, and manage Global Secure Access to suit your organization’s requirements.

Contact OCG

Introduction to Microsoft’s Security Service Edge for Identity-Centric Network Access

In this webinar recording, learn how Microsoft’s SSE can address the threats associated with cloud adoption and a mobile workforce while integrating seamlessly into your existing security control plane.

View

Microsoft Global Secure Access

Adhering to the core principles of Zero Trust, Microsoft Global Secure Access is an identity-aware, cloud-delivered network perimeter for the modern workforce.