Lets dive into the Entra secure web gateway solution, Microsoft Entra Internet Access! Please make sure to read the description for the chapters and key information about this video and others. ⚠ P L E A S E N O T E ⚠ 🔎 If you are looking for content on a particular topic search the channel. If I have something it will be there! 🕰 I don't discuss future content nor take requests for future content so please don't ask 😇 🤔 Due to the channel growth and number of people wanting help I no longer can answer or even read questions and they will just stay in the moderation queue never to be seen so please post questions to other sites like Reddit, Microsoft Community Hub etc. 👂 Translate the captions to your native language via the auto-translate feature in settings! ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-v5b53-PgEmI.html for a demo of using this feature. Thanks for watching! 🤙
Listened to a podcast about GSE last week and knew it was going to be something I need to put in place within our business. I searched straight for Jon Savill knowing fine well that this quality content would be available. Another superb video Jon. Thanks as always!
This is really interesting, can this be used to access Azure SQL databases? We have an issue at our company where we need to VPN to our office to access SQL databases and this causes performance issues
Looks like an interesting challenge to services such as CloudFlare Argo tunnels and Tailscale networks, as well as traditional VPNs with split tunnelling.
I just do not know what we should do without these very easy to understand videos , Microsoft documentation only make sense after watching John's video. I guess these days Microsoft documentation is too much talk and heavy to understand . Thanks John
Very useful. You seem to be using an updated version of the client that I am. The version I used didn't really show if you were connected to the services or not. This is very welcome.
great content as always John, qq..does the 65000 weighted profile trump all/any other policy (possibly conflicting) setting ? thanks in advance and happy new year !
OpenDNS only in the sense of traffic filtering. OpenDNS manages filtering on a single IP and can be skirted by users updating their DNS server. This is far more advanced than OpenDNS. This can be used to manage traffic granularly by machine across your entire enterprise.
It does if http. You see that in demo. This is not a browser extension so tls is encrypted which means more difficult to inject a message from the OS into a browser page I suspect.
How the machine is going to recover if the global admin accidently applied Entra ID Conditional Access Policy with Block control? Because now local client is set up to Block Internet Access app.
So in case the user got accidently blocked by Entra ID CA policy, all need to be done is to sign out and GA to fix Entra ID CA applied to Internet access
Thanks for another great demo. I am assuming we can add block all rule to priority 6500 security profile to block any traffic that is outside the explicit rules.
Can add whatever you want but be careful you don't block things needed for authentication etc to function :-) You can easily break things if too agressive.
@@NTFAQGuy I was thinking more along the lines of traditional firewall rules where we explicitly allow traffic and then block everything else via default deny all rule in the end. I will look for the documentation on traffic/ports/rules needed for authentication.
Remember most firewalls are stateful so a response to an outbound works. Here you are blocking access to sites hence you need to give a lot more consideration.
That's not the case. Endpoint would have first dibs since it's hooked into the browser. the SSE client doesn't do anything until the edgeSWG has access to the connection.@@NTFAQGuy