Microsoft Entra Internet Access: A Secure Web Gateway with Advanced Protection for SaaS Applications

Published: Sep 20, 2024

Cloud Computing

SHARE ARTICLE

Key Takeaways:

  • Microsoft Entra Internet Access integrates with Entra ID, providing features like Conditional Access and context-aware network security.
  • Administrators can enhance security by applying web category filtering, domain-specific policies.
  • Microsoft Entra Internet Access ensures network compliance, provides in-product reports, and logs real IP addresses.

Microsoft has announced the general availability of its Entra Internet Access service that launched in preview back in July. This new Internet Access solution is a Secure Web gateway (SWG) that provides secure access to all Internet and SaaS applications.

“Our solution integrates seamlessly with Microsoft Entra ID, eliminating the need to manage users, groups, and apps in multiple locations. It protects users, devices, and resources with capabilities such as universal Conditional Access, context aware network security, and web content filtering, so you no longer need to manage multiple disconnected network security tools,” Microsoft explained.

Microsoft Entra Internet Access combines conditional access policies with network conditions to protect organizations against malicious traffic and threats. It also provided advanced security capabilities (like data exfiltration controls) for Entra ID federated applications.

Microsoft Entra Internet Access
Microsoft Entra Internet Access (Image Credit: Microsoft)

Microsoft Entra Internet Access lets customers use web category filtering to allow/block websites based on pre-populated categories. Moreover, administrators can apply fully qualified domain name (FQDN) filtering for specific endpoint policies or to override general web category policies. Microsoft plans to enhance the service with new features like TLS inspection, URL filtering, and Threat Intelligence (TI) filtering.

Microsoft Entra Internet Access adds Compliant Network control

The new Compliant Network Control boosts security by ensuring network compliance and preventing token replay attacks for Microsoft Entra ID apps. Additionally, universal tenant restrictions (TRv2) can be enabled to prevent data exfiltration within enterprise environments.

Microsoft Entra Internet Access: A Secure Web Gateway with Advanced Protection for SaaS Applications
Universal tenant restrictions (Image Credit: Microsoft)

Unlike traditional solutions, Microsoft Entra Internet Access ensures that the user’s real IP address is visible in the logs. It also offers in-product reports and dashboards to track deployment status, detect emerging threats, and address potential issues.

Microsoft Entra Internet Access provides side-by-side interoperability with third-party SSE solutions. It is part of the Microsoft Entra Suite, priced at $12 per user per month. If you’re interested, you can request a free 1-month trial of the Internet Access solution on this page.

SHARE ARTICLE