Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Attention
The following webcast session was developed to provide an
expedient method of relaying information to Premier
cu...
AGENDA
1. Factors driving cloud identity
2. What is claim based authentication?
3. Azure Active Directory features
4. Demos
Devices Apps Data
The current reality…
Self-service Single
sign on
•••••••••••
Username
Identity as the control plane
Simple
connection
Cloud
SaaS
Azure
Office 3...
Claims-Based Identity
Applications
Need
Identities
10
Identities 5
Years Ago
11
• Authentication was integrated Auth (Kerberos/NTLM)
• Authorization : Active Directory Security...
?
!
A comprehensive identity and access
management cloud solution.
It combines directory services,
advanced identity governanc...
Microsoft Confidential
Standalone
Microsoft Confidential
Directory Sync
17
Microsoft Confidential
Directory Sync with
Password Sync
18
Microsoft Confidential
Directory Sync with
Single Sign-on
19
Azure Active Directory Connect
DirSync
Azure Active
Directory Sync
FIM+Azure Active
Directory Connector
Sync Engine
Microsoft Azure
Microsoft Azure
Microsoft Azure
Identities and applications in one place.
Web Apps
(Azure Active Directory
Application Proxy)
SaaS apps In...
Cloud App Discovery
AD Agent
Logs
A world of SaaS applications and services
Microsoft Azure
Active Directory
Corporate
Network
DMZ
https://app1-
contoso.msappproxy.net/
http://app1
IT professional
alerts.
alerts.
Users sign in from any device using
their existing username/password.1
On-Premises
Apps
Windows Server
Active Directory or...
How it works
Allow Access
Block Access
Cloud Apps
On-premises
Application Access policies
Enforce MFA per
user/per app
Location (IP Ran...
http://myapps.microsoft.com
Rich standards-based platform for developers
Azure AD Join makes it possible to connect
work-owned Windows 10 devices to your
company’s Azure Active Directory.
Users c...
No Object Limit No Object Limit
No Limit
Advanced Security
Reports
Premium
+ Basic
Features
Group-based access management/...
Windows Intune
Mobile device settings
management
Mobile application
management
Selective wipe
Microsoft Azure Active Direc...
Demo: Provisioning and
Application Integration
37
Microsoft Confidential
Reference links
http://msdn.microsoft.com/library/azure/jj673460.aspx
http://social.technet.microso...
We Want Your Feedback
You will receive a survey via email following this session. Please let
us know how we did. Thank you!
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
Upcoming SlideShare
Loading in …5
×

Premier Webcast - Identity Management with Windows Azure AD

883 views

Published on

  • Be the first to comment

  • Be the first to like this

Premier Webcast - Identity Management with Windows Azure AD

  1. 1. Attention The following webcast session was developed to provide an expedient method of relaying information to Premier customers. We would like to ask your help in ensuring that only registered attendees view this information. Please do not share the content of this delivery with peers who are not registered. Thank you.
  2. 2. AGENDA 1. Factors driving cloud identity 2. What is claim based authentication? 3. Azure Active Directory features 4. Demos
  3. 3. Devices Apps Data
  4. 4. The current reality…
  5. 5. Self-service Single sign on ••••••••••• Username Identity as the control plane Simple connection Cloud SaaS Azure Office 365Public cloud Other Directories Windows Server Active Directory On-premises Microsoft Azure Active Directory
  6. 6. Claims-Based Identity
  7. 7. Applications Need Identities 10
  8. 8. Identities 5 Years Ago 11 • Authentication was integrated Auth (Kerberos/NTLM) • Authorization : Active Directory Security Groups • User Data: LDAP and ADSI • Kerberos was not a problem, application servers were joined to domain and port 88 was open in the internal network • Kerberos tickets included group SIDs for access decisions Application Had Free Access to Corporate Identities Applications Ran Almost Entirely On- Premises • RPC to a DC was not a problem
  9. 9. ? !
  10. 10. A comprehensive identity and access management cloud solution. It combines directory services, advanced identity governance, application access management and a rich standards-based platform for developers It is available in 3 editions: free, Basic and Premium What is Azure Active Directory?
  11. 11. Microsoft Confidential Standalone
  12. 12. Microsoft Confidential Directory Sync 17
  13. 13. Microsoft Confidential Directory Sync with Password Sync 18
  14. 14. Microsoft Confidential Directory Sync with Single Sign-on 19
  15. 15. Azure Active Directory Connect DirSync Azure Active Directory Sync FIM+Azure Active Directory Connector Sync Engine
  16. 16. Microsoft Azure Microsoft Azure
  17. 17. Microsoft Azure Identities and applications in one place. Web Apps (Azure Active Directory Application Proxy) SaaS apps Integrated custom apps Other Directories
  18. 18. Cloud App Discovery AD Agent Logs A world of SaaS applications and services
  19. 19. Microsoft Azure Active Directory Corporate Network DMZ https://app1- contoso.msappproxy.net/ http://app1
  20. 20. IT professional
  21. 21. alerts.
  22. 22. alerts.
  23. 23. Users sign in from any device using their existing username/password.1 On-Premises Apps Windows Server Active Directory or Other LDAP Users must also authenticate using their phone or mobile device before access is granted.2 Microsoft Azure Active Directory Multi-Factor Authentication Server Multi-Factor Authentication Server User
  24. 24. How it works
  25. 25. Allow Access Block Access Cloud Apps On-premises Application Access policies Enforce MFA per user/per app Location (IP Range) Device State User Group
  26. 26. http://myapps.microsoft.com
  27. 27. Rich standards-based platform for developers
  28. 28. Azure AD Join makes it possible to connect work-owned Windows 10 devices to your company’s Azure Active Directory. Users can sign into Windows with their cloud- hosted work credentials and enjoy modern Windows experiences.  Enterprise-compliant services  SSO from the desktop to cloud and on- premises applications with no VPN  MDM auto enrollment  Support for hybrid environments Azure AD Join for Windows 10 Windows 10 Azure AD Joined Devices MDM Auto-enrolment
  29. 29. No Object Limit No Object Limit No Limit Advanced Security Reports Premium + Basic Features Group-based access management/provisioning Yes Yes Self-Service Password Reset for cloud users Yes Yes Company Branding (Logon Pages/Access Panel customization) Yes Yes Application Proxy Yes Yes SLA Yes Yes Yes Yes Yes Yes Yes
  30. 30. Windows Intune Mobile device settings management Mobile application management Selective wipe Microsoft Azure Active Directory Premium security reports, and audit reports, multi- factor authentication Self-service password reset and group management Connection between Active Directory and Azure Active Directory Microsoft Azure Rights Management service Information protection Connection to on- premises assets Bring your own key Enterprise Mobility Suite
  31. 31. Demo: Provisioning and Application Integration 37
  32. 32. Microsoft Confidential Reference links http://msdn.microsoft.com/library/azure/jj673460.aspx http://social.technet.microsoft.com/wiki/contents/articles/14133.windows-azure-ad- content-map.aspx http://blogs.technet.com/b/ad/ https://azure.microsoft.com/en-us/documentation/services/active-directory/ http://azure.microsoft.com/en-us/documentation/infographics/cloud-identity-and- access/ https://channel9.msdn.com/Series/Azure-Active-Directory-Videos-Demos?page=2 38
  33. 33. We Want Your Feedback You will receive a survey via email following this session. Please let us know how we did. Thank you!

×