Microsoft has been on a roll lately, in terms of packaging up a group of products into a newly branded suite. (See the ever-expanding Microsoft Defender family, the Microsoft Priva privacy-management suite and the Microsoft Purview compliance and governance brand for the latest examples.) On May 31, the company did it again with a suite of identity and access products it has christened “Microsoft Entra.”
Microsoft’s contention is managing digital access is not straightforward because it’s impossible for organizations to plan ahead for all the access scenarios that can happen across an organization and its third-party suppliers, who maintain devices outside of a company’s security perimeter. That’s where Entra is meant to fit in.
Microsoft Entra includes all of Microsoft’s identity and access products: Azure Active Directory, Cloud Infrastructure Entitlement Management (CIEM) and Decentralized Identity. Azure AD is what manages everything from conditional access to passwordless authentication and Azure AD External Identities, which manages B2B and B2C (business to consumer) connections is part of Entra, as well. The CIEM piece of this is the rebranded CloudKnox permission technology. Microsoft bought CloudKnox Security in 2021. The Verified Identity capability started out as an incubation about five years ago and debuted as a public preview of Azure AD Verifiable Credentials.
Entra is designed to provide identity and access management, cloud-infrastructure management and identity verification. It will work on-premises, across Azure, AWS, Google Cloud and across Microsoft and third-party apps, websites and devices.
“Now that people are doing zero trust, how do they wire in partners, distribution channels and more in a multi-cloud way?” said Alex Simons, Microsoft Corporate Vice President of PM, Identity and Network Access. Identity needs to be at the center of this, he said — and not just for verifying people, but also devices, IoT and across the whole virtual supply chain.
Simons said Microsoft chose the name “Entra” because “it indicates an entry-way to new world of doing business.” It’s not meant to be a gate with restrictive access, he added.
Microsoft is making Entra, and a new admin portal associated with it, available today. In terms of pricing, customers who want Entra will continue to pay per user per month for Azure AD; per active user per month for external identities; and per resource for permissions, Simons said. Verified ID is part of the base Azure AD paid platform, but a set of paid services that will run on top of it will be added at some point in the future, he said.