Managing Identities in the Microsoft Cloud

  • Published on
    12-Apr-2017

  • View
    61

  • Download
    1

Embed Size (px)

Transcript

COMBINING STRENGTHS, DELIVERING SOLUTIONS

MANAGING IDENTITIES IN THE MICROSOFT CLOUD

Wim Buysse

1

2

ENABLEYOURUSERSUSER

PROTECTYOURDATAIT

WHY AZURE ACTIVE DIRECTORY?

3

AM

YE OLDEN DAYS

I

EmailFileServerDatabase

4

AM

YE OLDEN DAYS

I

DIRECTORY SERVICES

5

AM

YE OLDEN DAYS

I

DIRECTORY SERVICES

6

TODAYS MESH (MESS?)

EC2

ON-PREMISES

PRIVATE CLOUD

MANAGED DEVICES

7

SELFSERVICE

SINGLESIGN-ON

UsernameADRESSING THE MESH (MESS?)

SINGLESYNCH

CLOUD

SaaS

Azure

Office 365

Publiccloud

ACTIVE DIRECTORY

ON-PREMISES

AZURE ACTIVE DIRECTORY

Build 20129/15/20168

TIP: CLOUD APP DISCOVERY

9

EMPOWER YOURUSERS

CENTRALLY MANAGED IDENTITY & ACCESS

MONITOR & PROTECT CLOUD APP ACCESS

YOUR DIRECTORY IN THE CLOUD

WHAT IS IAM ALL ABOUT?

Windows Server Management Marketing 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.9/15/201610

Active Directory

AADCONNECT password hash sync

AADCONNECT

AD FS

AZURE ACTIVE DIRECTORY

AZURE ACTIVE DIRECTORYYOUR DIRECTORY IN THE CLOUD

AZURE ACTIVE DIRECTORY

CLOUDIDENTITYSYNCHEDIDENTITYFEDERATEDIDENTITY

2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.9/15/201611

DIRSYNC SHORTCOMINGS ADDRESSEDAADCONNECT REPLACES DIRSYNCSYNCHRONIZE MULTIPLE FORESTS TO SINGLE TENANTEXTENDING AZURE AD SCHEMAIMPROVED RULES EDITOR

12

APPLICATION INTEGRATION

SaaS APPS

OWN APPS

13

CENTRALLY MANAGED IDENTITIES & ACCESS

SaaS APPS

AZURE ACTIVE DIRECTORY

This scenario is about managing identities, users, groups, and access to applications though a central Azure AD management console. This also includes the capability to provision and de-provision users to a small subset of standards-supporting apps such as Box

Within Azure AD Premium, you not only manage Identities, but from the same console you will configure access to the integrated applications. and assign the application to groups or individual users. The application will then come available in their application portal

14

CENTRALLY MANAGED IDENTITIES & ACCESS

SaaS APPS

AZURE ACTIVE DIRECTORY

USER ATTRIBUTE

DEVICE

LOCATION

ALLOWBLOCKMFA

15

MONITOR & PROTECT CLOUD APP ACCESS

ULTIMATE SECURITY VS. ULTIMATE USABILITY

16

EMPOWER YOUR USERS

APPLICATION PORTAL

17

EMPOWER YOUR USERS

PASSWORD SELF-SERVICE(Writeback)

18

TAKE IT FURTHER: B2B COLLABORATIONI need my partners to access my enterprise applications using their own credentials

PARTNER MANAGED IDENTITIESSHARING INVITATION MODELCONTROL APPLICATION ACCESS

19

TAKE IT FURTHER: B2CI have an online application and I need individual customers to sign-up and enroll for IT

SELF SERVICE REGISTRATIONSUPPORT SOCIAL ACCOUNTSMFA (OPTIONAL)

20

KEY TAKEAWAYS

EC2

ON-PREMISES

PRIVATE CLOUD

MANAGED DEVICES

SIMPLICITYIS THE ULTIMATE SOPHISTICATION

21

Recommended

View more >