Azure Active Directory and Its Key Features

Microsoft Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps users to sign in and utilize resources in:
  • We can use Azure AD as identity management in both internal and external application such as Microsoft Office 365, the Azure portal, On-premises Application (Firewall, etc.) and thousands of other SaaS applications which supports Active Directory.
  • Each account (email address) can contain multiple AADs
  • Each AAD can have multiple subscriptions
The Subscription is created inside the AAD, by switching one directory to another directory (AAD) will cause to create a new subscription.

Azure AD Features Pricing Details




Main Key Features of Azure AD

  • Single Sign-On
  • Self-service password reset
  • Multi-Factor Authentication
  • Conditional Access
  • Identity Protection

Single Sign-On:-

Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users their corporate devices connected to their corporate network.
  • We don’t have to enter our credentials for each service or application, one sign-in will be enough. 
  • Seamless SSO can be combined with either the Password Hash Synchronization or Pass-through Authentication sign-in methods.
  • Seamless SSO is not applicable to Active Directory Federation Services (ADFS). 

Self-Service Password Reset:-

  • The use of enabling Self Service Password Reset AAD users can easily change or reset their passwords by themselves.
  • To enable the SSPR, we need to upgrade our AAD type from Azure AD Free to Basic, Premium P1 or Premium P2 type. Azure offers a 1-month free trial of Premium P2.
  • We can also enable the SSPR to All or particular users or groups.

Multi-Factor Authentication:-

MFA is a work based on requiring two or more authentication methods

For example:-
  • Typically a password.
  • A trusted device that is not easily duplicated, like a phone.
  • Biometrics.
MFA is included for free in the Azure AD Premium P2, but it’s billable per user for the other types of AAD.

For O365 Users MFA is Free

Identity Protection

The identity protection feature is only available in the PREMIUM P2 standalone service.
This feature will help us:
  • Detect potential vulnerabilities for identities.
  • Automate responses to suspicious actions.
  • Investigate suspicious incidents and take action.
AAD uses ML algorithms to detect anomalies and generates a risk report determining the risk level.

Conditional Access:-



Thank you for reading, above contents are refered from Microsoft Official Docs and https://www.scribd.com/document/428801930/Azure-103-HandBook?fbclid=IwAR1juwECb4ols3ZbiHJdB88HtVBJSgQrlahQERU4Qjimp1DD62aZv4mk6CU









Comments

Popular posts from this blog

Docker for Beginners

Short Note of Azure Virtual Networking (VNET, SUBNET, NSG, VNET PEERING, VPN GATEWAY, EXPRESS ROUTE)