VPNs have long been a necessary additional headache in the IT world. From dealing with user connection issues (increasing helpdesk load) to ensuring the latest updates are installed, and even paying for it as an add-on to your firewall, VPNs have been a constant headache. But now, it’s time to retire them! With the advent of more advanced and integrated solutions1, the reliance on traditional VPNs is becoming obsolete. But don’t worry, there’s a solution for you: Microsoft Entra Private Access.
The Challenge With Legacy Apps
You might still have legacy applications that can’t be migrated to the cloud yet, or you’re in the process of doing so. This modern approach not only simplifies access management but also enhances security by reducing the attack surface associated with legacy systems.
The Microsoft Entra Private Access Solution
Think of Entra Private Access as a way to ditch your VPN. It allows for an easy, one-time configuration setup and leverages a “Zero Trust” approach using your existing Entra Conditional Access policies, or new ones if your requirements dictate so. This is a quick and easy win that your users, IT department and budget will thank you for. By adopting Entra Private Access, organizations can streamline their IT operations and focus on more strategic initiatives.
The diagram above is an example of what the access looks like for remote users accessing on-premises applications. However, it is also possible to easily adjust the setup to customize it even further as per this example:
- Who: Finance team
- What: Accessing the finance application which is located on-premises
- Where: From a corporate workstation, restricted to access within the U.S.
- When: Allowed access only between 8:00 a.m. and 10:00 p.m. to even further lower security risks
This level of granularity ensures that access is tightly controlled and monitored, aligning with the principles of Zero Trust security.
For Those Already Using Zero Trust Network Access (ZTNA)
If you already have a Zero Trust Network Access (ZTNA) solution like ZScaler to access on-premises apps instead of VPN, Microsoft Entra Private Access is a ZTNA solution but fully integrated with Microsoft 365 (and Entra ID) natively. This seamless integration provides a unified security posture and simplifies management across your IT environment. Microsoft also offers Entra Internet Access, which competes with ZScaler Internet Access. This topic deserves its own blog post, so stay tuned for more details and updates on other network security solutions.
Contact Us
If you need help navigating these solutions, please reach out to Withum’s Digital Workplace Solutions Team to move beyond VPNs. We’re here to help!
