By Deepak Kumar Barik on Aug 3, 2017 7:12:38 AM
Azure Active Directory (Azure AD) is Microsoft’s multi-tenant cloud-based directory and identity management service.
Azure™ Active Directory® (Azure AD) provides a comprehensive solution that addresses identity and access management requirements for on-premises and cloud applications, including Office 365 and a world of non-Microsoft SaaS applications.
To enhance your Azure Active Directory, you can add paid capabilities using the Azure Active Directory Basic, Premium P1, and Premium P2 editions. Azure Active Directory paid editions are built on top of your existing free directory, providing enterprise-class capabilities spanning self-service, enhanced monitoring, security reporting, Multi-Factor Authentication (MFA), and secure access for your mobile workforce.
Azure AD lets you focus on building your application by making it fast and simple to integrate with a world class identity management solution used by millions of organizations around the world.
Related: Did you know that more than 57% of Fortune 500 companies rely on Azure for infrastructure services, platform services and hybrid solutions? Click to know what Azure can do for your organization.
Azure active directory is playing a major role in Azure cloud.
Benefits of improving the management of the Identity life-cycle include:
- Reduced cost and time to integrate new users
- Maximize investments of existing on-premises identities by extending them to the cloud
- Reduced time for new users to access corporate resources
- Reduced management overhead for provisioning(future) process
- Improved security by ensuring access to systems can be controlled centrally
- Consistent application of security policies
- Reduced time to integrate acquired companies
- Reduced business interruptions
- Reduced exposure to outdated credentials
- Reduced time and cost to enable applications to accessible from the internet
- Increased capacity of IT to develop core application features
- Increased security and auditing
- Increased flexibility by delegating specific administration tasks
Azure AD also includes a full suite of identity management capabilities including multi-factor authentication. Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transactions, device registration, self-service password management, self-service group management, privileged account management, role based access control, application usage monitoring, rich auditing and security monitoring and alerting and a lot more. These capabilities can help secure cloud-based applications, streamline IT processes, cut costs and help ensure that corporate compliance goals are met.
How reliable is Azure AD?
The multi-tenant, geo-distributed, high availability design of Azure AD means that you can rely on it for your most critical business needs. Running out of 28 data centers around the world with automated fail-over, you’ll have the comfort of knowing that Azure AD is highly reliable and that even if a data center goes down, copies of your directory data are live in at least two more regionally dispersed data centers and available for instant access.
Types of application supported the Azure Active Directory:
These are the five primary application scenarios supported by Azure AD:
- Web Browser to Web Application: A user needs to sign in to a web application that is secured by Azure AD.
- Single Page Application (SPA): A user needs to sign in to a single page application that is secured by Azure AD.
- Native Application to Web API: A native application that runs on a phone, tablet, or PC needs to authenticate a user to get resources from a web API that is secured by Azure AD.
- Web Application to Web API: A web application needs to get resources from a web API secured by Azure AD.
- Daemon or Server Application to Web API: A daemon application or a server application with no web user interface needs to get resources from a web API secured by Azure AD.
Through the admin role in Azure below, features can be automated in Azure Active Directory.
- Users and groups: This is most powerful automation capability
- Enterprise applications: It will provide the user or group who can access the SAAS application.
- Audit logs: IT will provide all user information.
- Single sign on: You can configure the azure AD with over 2000 application for single sign on
- Password reset: Self-service password reset without calling help desk. We can specify which user can reset the password
- Azure AD connect: Used to integrate your azure ad with your windows server AD or another directory on your network.
- Sign in: It will provide which user signed in successfully to the application.
When an organization moves to the cloud, new scenarios are enabled and new solutions become available to solve the organization’s problems. Identity and access management is one of the biggest concerns when integrating on-premises and cloud-based resources. Digital identities are at the core of all IT-related services because they control how people, devices, applications, and services access a variety of resources within and outside of the organization.
- Enterprise SLA of 99.9%
- Advanced security reports and alerts
- Company branding (Azure Active Directory provides this capability by allowing you to customize the appearance of the following web pages with your company logo and custom color schemes:)
- Group-based licensing and application access
- Self-service password reset and group management
- Multi-Factor authentication
Azure Multi-Factor Authentication (MFA) is Microsoft's two-step verification solution. Azure MFA helps safeguard access to data and applications while meeting user demand for a simple sign-in process. It delivers strong authentication via a range of verification methods, including phone call, text message, or mobile app verification.