Time
8 hours 33 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:00
Hello, Siberians. Welcome to this lesson titled as Your Haiti Overview.
00:06
This lesson is part of the second Madu off the is that 500 Microsoft Azure security technologies cuss
00:15
quick information on what will be covering in this lesson.
00:19
We'll start out by covering what as you're 80 East on what as you're 80 is enough.
00:24
From my experience, knowing what has your lady is not is as important as knowing what a joy it is.
00:32
Well, that explain the differences between on Premises Active Directory on Azure Haiti so that the use cases of both solutions are cleared to house.
00:42
We'll conclude this lesson with discussions off a Joy D additions that are available so that we'll have the information needed to select the right option for different requirements and use cases. Let's get into this.
00:58
Let's not by clarifying what I think is a popular misunderstanding around azure Haiti,
01:03
and that is a giant D is not on premises Active directory in hasher.
01:11
As a matter of fact, it as a different use case on a different structure from on Premises Active directory.
01:18
I personally would have called it a July date of the service tow. Avoid the confusion with naming by Simples of Microsoft, wanted to keep the active directory brand name going and the name.
01:30
So if azure Haiti is not on premises. Active Directory Hasher.
01:34
What is it, then?
01:37
Has my first description off a jury 80 toe Help us to understand this service.
01:42
Azure Haiti is the identity provider for Microsoft Cloud Services.
01:49
What does this mean
01:51
when a customer's signs up for any Microsoft Cloud Service like Anna, Just description or on office? 365 Subscription
02:00
on Azure Hey, detainment is created in the background on this is where the identities uses groups. Service principles are stop.
02:12
This is where authentication happens. Organizations don't have toe have a different a J D tenant for different Microsoft Cloud services. Either
02:22
an organization can link the different services, which the same joy et tenant, for example. It is common for organizations tohave it different as you're 80. Subscription for different workloads one for development, one for production on both can share the same as your a D tenant.
02:43
My second description off azure Haiti is this.
02:47
As your Haiti implements modern authentication protocols,
02:53
what does this mean
02:55
to understand these? It's important to know why we needed new authentication protocols To begin with
03:02
on premises, Active Directory uses two men authentication protocols. Cabral's on NTL. Um,
03:10
this protocols were created at a time when applications lived on the same network as the identity provider.
03:20
Times have changed, however,
03:22
for an increasing number off organizations, the applications that they use are in the cloud and accessed over the Internet.
03:30
Not many organizations would be comfortable with opening the parts that cables uses to the Internet
03:38
so and the modern reality that we live in. We need new authentication for the cause that can walk fluently off a Web transport.
03:46
That's where Mother not indication protocols like AWS fed Sammo on Open I d Connect comes into play.
03:58
This modern authentication protocols have one thing in common.
04:01
They achieve authentication off a Web transport to pass authentication tokens fluently across organizations.
04:14
The total description that I have for joy 80 is this.
04:17
The primary use case off azure Haiti is to securely manage access to applications and resources that supports modern authentication protocols. Regardless off where the applications are hosted,
04:32
they could be posted in the cloud they could be posted on premises.
04:38
Let's have a quick look at the differences between Hodja. Haiti on on Premises 80
04:44
fussed
04:45
on premises. 80 is queried using held up off a part 389 or 686 for secure transport. While Has Your Haiti is queried use invest a p I.
04:58
The rest in point off RJD is referred to as Microsoft graph, and this is over. Web trans spot.
05:04
Second,
05:06
a giant he uses modern authentication protocols like we just described why, on Premises 80 uses what are called legacy authentication protocols like cattles on Mt. Ellen.
05:20
Stunt
05:21
as I headed does not use the same hierarchical structure that on premises 80 years is.
05:29
And it doesn't support constructs like organization you need or group policy objects.
05:34
And finally, as your Haiti has native federation beauty into eat, it does not have to rely on a DFS for federation like on Premises Active directory as to do.
05:46
Let's have a look had a different has your hate, the additions that are available today.
05:53
Before July 2019 we actually had five additions off Jahidi
05:58
the Free, the basic office stressing five APS premium P one on premium pizza.
06:04
Now that's been reduced to just fall,
06:08
with the basic option essentially going away and being removed from Microsoft's documentations.
06:15
So what about this? Four additions that remain?
06:18
The free addition is included with new azure subscriptions,
06:24
so it includes enough features to get I was introduced to the capabilities off azure Haiti, but it lacks advanced management and security features.
06:34
The office trey 65 addition is included with Office 365 subscriptions.
06:41
It has a bit more functionality than the free addition. So, for example, it as advanced management capabilities on but more importantly, it as s early.
06:53
The premium P one addition includes advanced access management features like conditional access,
07:00
while the premium pizza edition includes advanced security capabilities like identity protection on identity governance,
07:09
both Freemium additions can be purchased either as a stand alone hardens or US part off E. M s or Microsoft 365 license bundles.
07:23
Let's look more closely at the differences between the additions.
07:27
Hold editions, shake common set off functionality
07:30
like single sign um,
07:32
Jahidi connects on multi factor authentication. These are whole capabilities that present in all the additions off a giant E.
07:44
How does the office 365 addition differ from the free addition.
07:49
The men differences are support for organization branding
07:54
for log on and log out pages on more importantly, the office. 365 addition as a s a layoff nights 9.9%.
08:03
The free addition does not RVs Ellie, and it is not recommended for production gives.
08:11
How about the differences between the office? 365 addition on the premium p one addition,
08:18
the men differences as support for security features like password protection. Which else? To achieve better credential security
08:26
and self service Password reset With on premises right back, which allows users to be able to reset their passwords.
08:35
I would doubt visiting the service test tickets,
08:37
better security and usage reporting
08:41
on advanced management features like dynamic groups and conditional access.
08:48
Finally, the differences between the premium P one on opinion Peter Addition.
08:54
The difference is sentimentally around. Security capabilities like identity protection on identity governance will be covering bought off this capabilities. In this model,
09:07
he has some quiz questions for this lesson.
09:11
Quiz question one.
09:13
As I D.
09:15
Is on premises Active directory on nausea. True or false?
09:22
If you had said false, you would be correct. A jury 80 is not on premises Active directory on Hajer.
09:33
Quiz Question number two,
09:35
which, as your A D. Additions Support cloud multi factor authentication.
09:43
Free
09:43
office 365
09:46
freemium P one Premium pizza all of the above.
09:52
If you selected all of the above, you would be correct on off these azure lady Additions Support cloud multi factor authentication.
10:03
Here's some supplemental links for further studies on the topics covered in this lesson.
10:09
And somebody. Yes, what we covered in this Listen,
10:13
recovered what I enjoyed the east on. What is your lady is nuts.
10:18
We didn't talk about the differences between our jury 80 on on Premises 80.
10:24
And finally we talked about the different as you're 80 additions on What are the differences between them?
10:33
Thanks very much for watching this lesson. And I'll see you in the next lesson.

Up Next

AZ-500: Microsoft Azure Security Technologies

In the AZ-500 Microsoft Azure Security Technologies training, students will learn the skills that are needed to pass the AZ-500 certification exam. All exam topics are covered as well as exam preparation strategies and hands-on practice.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor