Microsoft Entra ID, formerly known as Azure Active Directory (AD), represents a pivotal component in Azure’s security framework.
Microsoft Entra ID is a cloud-based identity and access management (IAM) service that enables your employees access external resources. Example resources include Microsoft 365, the Azure portal, and thousands of other SaaS applications.
Entra ID Licensing
Entra ID Free is enabled when you sign up for Azure. This provides most necessary security features such as:
- Single Sign On
- Multifactor Authentication (MFA)
- Azure Role-Based Access Control (RBAC)
- Security monitoring, alerts, and machine learning-based reports
- and more…
If there’s one thing very common in Azure - it’s SKUs.
Entra ID has premium licenses. There are some features available in those premium licenses that are not available in Entra ID Free.
Microsoft Entra ID is NOT Active Directory in the Cloud
Microsoft Entra ID (formerly Azure Active Directory) is confused as Active Directory Domain Services (ADDS) for Windows Servers in the cloud.
This confusion is the reason why Microsoft changed Azure AD’s name to Microsoft Entra ID.
Microsoft Entra ID is created with the cloud in mind. A lot of features is natively supported by Entra ID but not AD Domain Services - like providing SSO for Web Apps, managing mobile devices, managing Linux workloads, etc.
You can see the complete list of differences here - https://learn.microsoft.com/en-us/entra/fundamentals/compare
Azure does have a solution to manage Active Directory Domain Services in the cloud. It’s called Microsoft Entra Domain Services. You can see the comparison of ADDS, Entra ID and Microsoft Entra Domain Services here - https://learn.microsoft.com/en-us/entra/identity/domain-services/compare-identity-solutions
Personal Note
If this is your first time learning about Microsoft Entra ID, then here’s an easy way I think about it.
Microsoft has multiple products - majorly under Azure and Microsoft 365.
Instead of managing IAM for each and every service/subscription/product, Microsoft has created one robust IAM service called Microsoft Entra ID. This service acts as an Identity As A Service (IDaaS) to all products from Microsoft.
Subscribe here to get a weekly gist of Azure Security posts directly to your email.
Follow me on LinkedIn and X to be get my posts on Cloud Security and DevSecOps.