Deep dive into Microsoft Entra Private Access, a zero trust network access solution! Please make sure to read the description for the chapters and key information about this video and others. ⚠ P L E A S E N O T E ⚠ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰 I don't discuss future content nor take requests for future content so please don't ask 😇 🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc. 👂 Translate the captions to your native language via the auto-translate feature in settings! ua-cam.com/video/v5b53-PgEmI/v-deo.html for a demo of using this feature. Thanks for watching! 🤙
Great delivery John. I was thinking how the whole name resolving thing would work but really glad you spent a good chunk on the video explaining it! It really is magic! Looking forward to testing it!
Product looks pretty comprehensive to be fair, the MS EPA & EIA will be a great addition to the MS SSE suite. Waiting for GA to see what the costs look like. Great overview John. Thanks
This is really cool, not only because it gets you into the Zero-trust game easier, but because it also solves for private Azure DNS resolution for your user endpoints. Looks like if you roll this out correctly you don't have to rely on centralized FW forwarding to Private DNS resolver anymore, and you can roll this out using the client and adopt on as granular level (e.g. per app) as you need.
AWESOME John. Thanks. I'm trying to get the old guard off straight rdp into servers on VMs. I presented this idea few months back in preview and have a provisioning server on prem to be in a private network not on domain join. The suffix dns like using .off for office I can keep that 2019 server for provisioning they want off company main, but cloud sync and run mfa policies to it for quick access. Your video is the distributed watch. Appreciated.
Looks great, it would be interesting if this could be used by workstations to refresh their trust relationship with the domain rather than relying on a traditional vpn.
John, Some of the features that you've shown aren't currently available in the public preview (UDP support being one of them.) How would we go about getting this enabled for customer tenants?
Good video, makes everything easier to understand. When comes to DNS, would this only work if there is Azure DNS service setup? In existing hybrid enviroment with VMs running DNS server, would it possible to tell EPA to use existing DNS address?
Zero relationship to azure dns. You are just saying which suffixes should be sent via gsa for resolution. My dns servers were windows server that connectors spoke to.
Any idea when the UDP can you used in the normal preview? Its the biggest limitation for a POC rollout. Private preview requests are not being taken anymore.
We've looked at the solution and the beauty of a single pane of glass SSE/ZTNA solution impressed me. Unfortunately we have a lot of private devices, which are only Entra ID registered but not joined, which makes the solution unusable for us. I don't get, why Entra ID registered is fine for Android, but not for Windows devices.
Deep dive into Microsoft Entra Private Access, a zero trust network access solution! Please make sure to read the description for the chapters and key information about this video and others.
⚠ P L E A S E N O T E ⚠
🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there!
🕰 I don't discuss future content nor take requests for future content so please don't ask 😇
🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc.
👂 Translate the captions to your native language via the auto-translate feature in settings! ua-cam.com/video/v5b53-PgEmI/v-deo.html for a demo of using this feature.
Thanks for watching!
🤙
I love the way you slowly build up the complexity but make it fully understandable!
Thanks!
Love that you appreciate the skill involved in this delivery!
Your videos prove invaluable to me, sooo much better than reading pages and pages of MS webpages.
Great delivery John. I was thinking how the whole name resolving thing would work but really glad you spent a good chunk on the video explaining it! It really is magic! Looking forward to testing it!
Glad to help
Product looks pretty comprehensive to be fair, the MS EPA & EIA will be a great addition to the MS SSE suite. Waiting for GA to see what the costs look like. Great overview John. Thanks
Brilliant!!!!!! Awesome new resource/tool and great video John.
Glad you liked it!
As usual, fantastic video John. Appreciate the work.
Glad you enjoyed it
Hi John, It's my pleasure to watch your videos. Thanks for such great explanations. Let me try it in my lab.
Ya thats not my real face lol. This video delivers. Keep up the great work.
This is really cool, not only because it gets you into the Zero-trust game easier, but because it also solves for private Azure DNS resolution for your user endpoints. Looks like if you roll this out correctly you don't have to rely on centralized FW forwarding to Private DNS resolver anymore, and you can roll this out using the client and adopt on as granular level (e.g. per app) as you need.
If it had a PE into a vnet the connector had path to etc.
Absolutely brilliant 👏
Absolutely brilliant explanation. Just loved it.
I'm glad you found it helpful!
I'm so thankful for your videos, you explain everything so well.
Glad you like them!
Thank you, John! This tool looks just like magic.
AWESOME John. Thanks. I'm trying to get the old guard off straight rdp into servers on VMs. I presented this idea few months back in preview and have a provisioning server on prem to be in a private network not on domain join. The suffix dns like using .off for office I can keep that 2019 server for provisioning they want off company main, but cloud sync and run mfa policies to it for quick access. Your video is the distributed watch. Appreciated.
Thank you for a great dive in to this topic.
enjoying this video for today learning, thanks a lot!
Amazing video as usual, Thanks John
My pleasure!
Well done in explaining all the details!
Glad it was helpful!
Looks great, it would be interesting if this could be used by workstations to refresh their trust relationship with the domain rather than relying on a traditional vpn.
Good Afternoon John
This was great. Learned a oot. Thank you
Great to hear!
Really nice overview! 👍
Thanks! 👍
Great video John and great feature as well, I think that could easily be a game changer.
Any news about the GA date?
Thanks
Really good explanation thanks :-)
You are welcome!
Oh wow, Private DNS in Quick Access and UDP Support. Very nice, and thanks for the Video as always. I really hope that it will be included in Entra P1
My pleasure!
I heard that it will be a stand-alone license with Entra ID - they may add it to a suite too - should be revealed at GA in the next month or so
Great Video! Have you tested SMB performance? Is this potentially a solution for poor SMB performance over a traditional VPN?
I have not.
John,
Some of the features that you've shown aren't currently available in the public preview (UDP support being one of them.) How would we go about getting this enabled for customer tenants?
You can sign up for preview.
aka.ms/entra-qa-signup
Good video, makes everything easier to understand.
When comes to DNS, would this only work if there is Azure DNS service setup?
In existing hybrid enviroment with VMs running DNS server, would it possible to tell EPA to use existing DNS address?
Zero relationship to azure dns. You are just saying which suffixes should be sent via gsa for resolution. My dns servers were windows server that connectors spoke to.
Any idea when the UDP can you used in the normal preview? Its the biggest limitation for a POC rollout. Private preview requests are not being taken anymore.
I think this technology will overtake zscalar ZPA in few days..
That'll depend on the cost...
Thank you!
Cannot find the Private DNS....
Part of preview right now you need to sign up for.
Microsoft needs a new category for best of the best. Call it MVP squared. And Mr. Savill would be it.
awesome
We've looked at the solution and the beauty of a single pane of glass SSE/ZTNA solution impressed me.
Unfortunately we have a lot of private devices, which are only Entra ID registered but not joined, which makes the solution unusable for us.
I don't get, why Entra ID registered is fine for Android, but not for Windows devices.
Thank you!
You're welcome!