Funnel overlay image

Blog | 5-minute Read

What is Microsoft Global Secure Access?

Mat Richard profile headshot

Mathew Richards

Head of Secure Digital Transformation

Published: 11 July 2024

Microsoft Global Secure Access is now generally available. Discover how it promises to unlock secure, frictionless access to any resource, from any device, anywhere. Delivering identity-centric network access for greater security and frictionless user experience. And no more VPNs. 

The traditional concept of a network perimeter is becoming obsolete in a cloud-centric world where users require access from anywhere.

It’s a cultural and operational shift that’s forced organisations to rethink the way they balance security and productivity. And it’s paved the way for a new generation of cloud-based, identity-aware network security solutions, commonly known as Security Service Edge (SSE).

Microsoft announced their step into this arena in 2023 with the introduction of Global Secure Access with the promise of a solution to transform network access security and user experience.

Now generally available, we explore how this promise is coming to fruition.

So, what is Global Secure Access?

Global Secure Access is the unifying term for Microsoft Entra Internet Access and Microsoft Entra Private Access.

These components make up Microsoft’s cutting-edge SSE solution, and they are designed to deliver a smooth and secure user experience.

Microsoft Entra Internet Access

This component acts as a Secure Web Gateway (SWG), ensuring users have safe and uninterrupted access to internet resources, SaaS, and Microsoft 365 applications. It leverages advanced security measures, providing enriched traffic logs for rapid threat detection and enhanced visibility, crucial for safeguarding data and user interactions across the internet.

Microsoft Entra Private Access

Designed as a Zero Trust Network Access (ZTNA) solution, it offers secure and streamlined access to private applications. Whether users connect from any device, location, or network, Microsoft Entra Private Access ensures that access is tightly controlled and risk is minimised, serving as an effective replacement for traditional and cumbersome VPN solutions.

Microsoft’s Security Service Edge Demo: Global secure access

See how to secure access to ALL internet-connected resources, including SaaS and Microsoft 365 apps.

Solutions built upon the foundations of Zero Trust

At the heart of Microsoft’s Global Secure Access is the Zero Trust model, which operates on three fundamental principles: least privilege, verify explicitly, and assume breach.

In the context of network access, Zero Trust works on the premise that threats exist both outside and within network boundaries. Consequently, trust is not assumed, and all access requests must be continuously vetted before access is granted.

This approach is critical as it shifts the security focus from mere perimeter defence to comprehensive, context-based authentication and authorisation.

Now let’s examine each product in more detail.

Microsoft Entra Internet Access: Secure access to your apps, from anywhere

Microsoft Entra Internet Access is designed to protect users, devices, and data against internet threats. Promising to transform the way organisations secure access to Microsoft services, SaaS applications, and the public internet.

It utilises a cloud-delivered Secure Web Gateway (SWG) to enhance security and visibility across digital interactions.

Identity-centric and device aware, the solution protects all apps (Microsoft and non-Microsoft alike) through robust MFA, conditional access, and traffic monitoring.

For Microsoft 365 users, it ensures seamless, secure access with optimised routes and intelligent traffic management, maintaining productivity and minimising risks.

Key benefits

Ebony and green open eye icon on transparent background

Enhanced security and visibility for Microsoft 365

Fast and secure access to Microsoft 365 apps and resources with rapid threat detection through enriched traffic logs.

Ebony and green 'OK,' hand gesture icon on transparent background

Universal Conditional Access

By integrating with Microsoft Entra ID, Conditional Access is extended to any external destination, internet resource, or cloud application. Providing adaptive access from anywhere, while enhancing security and user experience.

Ebony and green password protected laptop icon on transparent background

Universal tenant restrictions

Enable Universal Tenant Restriction across all managed devices and network branches regardless of operating system (OS) and browser platform.

Ebony and green compliance and information protection icon on transparent background

Improve network compliance

Prevent users from bypassing the secure network edge while accessing cloud applications, and help protect against token replay attacks.

Microsoft Entra Private Access: Zero Trust Network Access and no VPNs

Microsoft Entra Private Access is a Zero Trust Network Access (ZTNA) solution that provides secure, frictionless access to private apps and resources.

Built upon a Zero Trust framework the solution enables users to connect to the resources they need from any location, device, cloud-network, or on-premises. Eliminating risk and offering the end-user a seamless, secure environment in which to work.

This allows organisations to free themselves from costly, complex, and often clunky legacy VPNs, while also cutting excessive access and preventing lateral movement of threats.

Key benefits

Ebony and green tick shield and globe icon on transparent background

A streamlined and secure alternative to VPN

Quickly set up extensive IP ranges and FQDNs for secure, Zero Trust access to private resources.

Ebony fingerprint icon on transparent background

Secure legacy protocols with multi-factor authentication (MFA)

Boost the security of traditional protocols like Kerberos and NTLM. Integrate MFA to modernise and secure access. Enhancing both security and functionality.

Ebony and green mobile phone padlock icon on transparent background

Adaptive per-app access

Customise access rights based on the user, device, and application context. This improves security and compliance, maintaining flexibility and user experience without compromise.

Enhancing user experience and security

While Microsoft Entra Internet Access and Microsoft Entra Private Access are distinct products in their own right, they also have complementary benefits that can significantly enhance security and user experience across the full digital network.

For instance, the Universal Conditional Access feature across Microsoft Entra Internet Access provides adaptive access controls tailored to specific network destinations, enhancing both security and user experience.

On the other hand, Microsoft Entra Private Access facilitates secure and direct connections to private apps, eliminating the risks associated with legacy VPNs and reducing the potential for lateral movement of threats within the network.

A step change in network security

Global Secure Access represents a massive step forward in network security for organisations.

A solution that promises to redefine the way users access resources in increasingly remote environments.

  • Reduced attack surface: Isolating traffic for Microsoft 365 and on-premises applications minimises the potential attack surface, making it more difficult for attackers to gain access to sensitive information.
  • Continuous monitoring: Global Secure Access allows for continuous monitoring and dynamic adjustments to user access based on real-time risk assessments. This proactive approach ensures that only authorised users with compliant devices can access resources.
  • Compliance adherence: Global Secure Access facilitates easier adherence to industry regulations and compliance standards. Its granular access control and centralised management ensure that access policies are consistently enforced.

With its focus on Zero Trust principles, enhanced security features, and simplified management, it empowers organisations to achieve a more secure and user-friendly access environment.

Looking ahead: the future of network access

As organisations continue to navigate the complexities of digital transformation, the role of innovative network security solutions like Microsoft’s Global Secure Access is going to be increasingly important.

Rapidly changing environments and threats necessitates the agility and robust security enabled by advanced cloud-based solutions if they want to remain safe, compliant, and at the forefront of their sector.

Microsoft’s Global Secure Access offers a forward-thinking solution that’s redefining network security. Ensuring businesses can operate seamlessly and securely in today’s distributed work environments.

Ready to learn how to configure Global Secure Access for your organisation?

Did you know that Kocho are an official Microsoft launch partner for Global Secure Access?

So, if you’re looking to revolutionise your network security posture, talk to our team of experts and discover how it could transform your network security and your team’s productivity. 

Key takeaways

  • Global Secure Access, Microsoft’s Security Service Edge (SSE) solution, is now generally available.

  • The solution includes Entra Internet Access (Secure Web Gateway) and Entra Private Access (Zero Trust Network Access).

  • Global Secure Access ensures secure, seamless access from any device, transforming network security and user experience.

  • Built upon Zero Trust principles, it emphasises least privilege, explicit verification, and continuous authentication.

  • Entra Internet Access enhances security and visibility for Microsoft 365 and SaaS with advanced threat detection.

  • Entra Private Access offers a secure VPN alternative with multi-factor authentication and adaptive access.

  • Global Secure Access reduces attack surfaces, enables continuous monitoring, and supports compliance for secure network access.

Microsoft’s Security Service Edge Demo: Global secure access

Provide safe, frictionless digital experiences from any location.

  • Extend Conditional Access across your network.
  • Modernise network security to protect users and apps.

Next steps

Like this guide? Then don’t forget to share it with your followers. 

tag icon

Great emails start here

Sign up for free resources and exclusive invites

Subscribe to the Kocho mailing list if you want:

  • Demos of the latest Microsoft tech
  • Invites to exclusive events and webinars
  • Resources that make your job easier
Butterfly overlay image
Mat Richard profile headshot

Author

Mathew Richards

Head of Secure Digital Transformation

Mat has over 25 years’ IT experience, including seven years at Microsoft. He leads a team of consultants and architects that live and breathe secure transformation – delivering excellence across Microsoft 365 and Azure.

arrow icon Learn more
tag icon

Don't Miss

Great enterprise identity resources

  • Webinar

Microsoft Purview: Enable compliance and enhance Copilot for Microsoft 365 adoption

02 October 2024
  • Blog

Microsoft make MFA mandatory in Azure: User implications and actions

Securing cloud access
  • Blog

How does CAF 3.2 impact identity strategies in critical national infrastructure?

Achieving CNI Compliance

  • Webinar

Microsoft Entra Suite: Enable Seamless User Lifecycles

17 September 2024
arrow icon View More
Butterfly overlay image

Got a question? Need more information?

Our expert team is here to help.

chevron icon Contact Us