KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
During this Session you will learn how Microsoft is closing gaps in the Zero Trust area and how SSE can help you to reduce operations and process capacities and heavily improve Security. Additional we look into a future without a VPN solution and see how this can be modernise.
During this Session you will learn how Microsoft is closing gaps in the Zero Trust area and how SSE can help you to reduce operations and process capacities and heavily improve Security. Additional we look into a future without a VPN solution and see how this can be modernise.
I want to do with you today in the next 15 minutes is talking a little bit about Microsoft Zero security Service Edge. So something, what is it, how Microsoft is doing kind of this implementation. So in a traditional way. So we heard the last two days about modern digital identity, what we can achieve with that and what we can do. But let's also thinking about, okay, but we have currently also some problems. We're not talking about the problems for the future. We're talking about also problems that existing today and existing also over the past 20, 30 years, maybe more.
And this is some problems that we are facing with legacy network, okay? It's network. We are talking about an identity conference, but thinking about, hey, in a modern way where we are talking about security approaches. And some of you may be heard yesterday in one of the keynote, Hey, the old way of security was firewalls, who has firewalls most of you. But the new security approach is identity. And we're talking about identity but in the future. But we also need to thinking about, hey, what can we do with our network approach? How can we modernize it to make it more secure?
Our access to local resources and also the access to public resources like Facebook, like Google, like other clouds like Microsoft, like AWS like Google, yes, I know I'm from Microsoft, but they're also talking about other clouds. So if you see something, and I heard I got the fancy point that I will be from Star Wars.
So sadly, hey remote, sorry you don't see it. Happy to be here because you see something what I'm showing on the slides. So legacy networks, you all of you heard we have VPNs and we have kind of proxies. These are technologies where I would say they are older than me, so I don't want to face with them anymore. This is not what I want to do. What is the new approach? What's what is maybe kind of modern approach?
How we can accessing cloud topics, consumer topics and also our on-prem or inside of the cloud, if you make come some modern approach, our resources like servers, like file shares, like whatever you have in your on-premise environment like connectors, iot, whatever. And this is something where we've seen, okay, if you're talking about something, okay, we have remote workers. Hope of all of you are aware of it, so not need to describe it. And also we have our corporate network where we have kind of our security stack for all of the remote person.
That's what on the right side, our security stack where we have our VPN. But this is something, hey, we want to renew it, we want to get rid of it because this VPN for remote networks, remote workers and remote networks, this is something that calls us a lot of money, a lot of infrastructure. And also the part, hey, we are connecting to the cloud outbound proxies.
I have so many customers that beginning with Corona, they have a big, big problem with their network architecture because okay, with Corona we have let's say 100, 200% more network traffic on our virtual network appliance, on our VPNs. And this is something where many customers has problems with that because hey, we need to scale it up because since Corona 100% of our Americas are remote. Now do we have enough license? No. Do we want to buy something more?
No, we don't want, so I had some customers who say, okay, my peoples are now at home but not available to work because they have no access to their on-premise resources where most of the customers was. So this is something that we need to modernizing and also our access to the cloud, our outbound proxies. Because again, if we have on-premise resources, we need to go to the cloud and thinking about, okay, how can we modernize this?
And this is something where other companies coming into place where also Microsoft introduced something new or introducing something which was announced I would say one year before. And we will go GA with the solution in a few days. So this is kind of maybe cool news for you. So what's coming in the next few days where we will officially announcing the general available And what we wanna talking about is Microsoft identity centric SSE solutions or fancy names. But it's talking about, and hey, I'm just a technical, I'm not just a seller so I don't want to sell it to you.
I will show you what are the functionalities and kind of a technology related conversation. And this is what Microsoft approaches. So we have something on the right on the middle, it's anywhere, forget about, it's not the product name, it's just something, it's the Microsoft network. It's the second biggest micro global, private wide era network. The biggest one in the world. I think the biggest one is at and TI think. So we have it, and you are already, if you're using kind of Microsoft technology and I think all of you're using it, you're already using this.
This is the normal Microsoft network. Every time you're signing in with teams, you're doing something on the Microsoft platform, you are already using this one, but now it comes to the next evolution state. So what we want to do is we have our entry from my physical person on a mobile device, on a laptop, on whatever to accessing our resources to go inside of the digital world. So we need to thinking about endpoints. So where can I connect to from a mobile phone for example and for my remote remote network.
And hey, of course we are on identity conference, so we also have identities on top of it. So it's more identity related. Every single access is identity related with all of the threat protections, with all of the identity protection, all of the fancy names with something about protection, all of them applied to it. And what we are gonna do now is then using this informations we're talking about zero trust and all of the fancy names connecting and using this functionalities to connecting to something that is Microsoft hosted to our network, accessing to it.
So in one of the big benefits is then you don't need to host it and don't need to calculate how much latency or how big it was. This is what we as Microsoft do, this is what you are selling for what you buy us as a solution. We handle all of them. And then we are coming to the right side to internet access, private access and Microsoft 365 access. And let me quickly then introduce the two functionalities and yes, you'll see also Microsoft 365, let's do it together with internet access. It's a little bit more easy, a little bit more understandable.
So this is the approach, this is the high level architecture. And I think that is the first time that on this conference that we see a technical architecture and not just arguments for, hey, how can we buy it? So this is something from a zero trust perspective where we want to introduce it and want to use it and give it also to you. So coming back also fancy slide, we will jump over it. So we have two different functionalities, internet access, Microsoft enterra, internet access.
This is basically kind of the replacement of your existing proxies completely hosted in the cloud, completely managed by Microsoft. And you just give the configuration which websites you want to give allow, which you block. And then we have kind of I-D-S-I-P-S on top of it. So everything where you are then functional to replace your existing outbound proxies. So let's have a little bit look about the architecture.
Again, we have two products using the same infrastructure. So everything on the left side we already covered. And then on the right side, it's everything about internet access Facebook teams. So it's also Microsoft 365 parts and also everything of the resources that you want to control. So everything which is outbound related, so some use cases for it.
It's also, hey, do you want to maybe want some, make some white listing or some black listing for your clients that are allowed to only accessing your resources or also accessing Facebook. And we also heard yesterday about the session, how many persons are using social media on their business time a lot. And if you want to block it for whatever reason, I'm kind of the next generation, I would say, Hey, social media on on my business, it's kind of my job. So maybe not block it, but hey, for let's say most of the companies, yeah, we need to block it.
So this is what you can achieve with internet access. It's kind of maybe for all of our people's kind of secure web gateway functionalities. One of the big benefits is you can make it all based on what's happened with your identity, what happens with your endpoint and what's happened inside of your remote network. So everything is connected to all of the signals, everything that you already know about compliance state, everything you know about other functionalities with Fido Key. So you can do something like, hey, if you want to access Facebook on a network perspective, you need to make Fido.
So this is something that the solution can achieve. But I would say, okay, this is kind of, let's say the boring stuff. Let's come to the cool stuff which I really like more. This is the Microsoft Enter our private access part and private access, that means access to your own resources if it's on premise, if it's in other clouds, wherever you want. And architecture, again, going back to the next one here, this one, and again, the architecture is the same. What we have on the left side with all of our security controls.
And then on the right one where you can say, okay, it doesn't matter where your user on the world is, if it's connected to our solution, if your mobile phone, it has kind of a client on your Windows platform, on your Linux, whatever, you can access your on-premise resources. Okay, again, the question, but what is then different to traditional VPNs? Everything is related to your identity. And some of the big difference is if you establish the VPN with your network, it's kind of open to everything and then you need to shut down everything that you don't want it.
If that solution is hey, everything is blocked and you need to open for every single user what they want to achieve, and then also based on all of your security controls, threat protections, whatever of the cool names, it will then make the decision based on your configuration, Hey, is my user allowed to access the resources or not? Or maybe is it limited in the functionality it has? So this is what private access bring us as a really valid point to where we can today completely removing traditional VPNs. I know that is a big statement, but it's really possible.
I have a few customers who are already doing it and say, Hey, we already have VPN not this disabled because they have some really special use cases and some legal requirements which say, okay, maybe we don't want to shut it down, but it's already there. And this also before we are going ga, and this is really interesting that customers say, Hey, this is so important. We are already using it even if it's not generally available at our cloud. So some of the use cases and functionalities, what you can do with that. So there's a few informations and I also have a lot more on the slides already.
You know you can download it so it's also public available then after that. But one of the major functionalities, what I really like the most is if you're going one back, Hopefully it's working, no two back.
Okay, fine. What you can also achieve with that, remember what I say, Hey, you can using file keys for the access against Facebook, hey, you can, using the same for your on-premise resources, which means everybody of you have maybe the requirement of you need to make MFA for the access to your local resources. Maybe some of you have it, maybe raise your hands. Who has this kind of requirement? Nobody facing, I not trust you because I think all of you has this kind of requirement, but you're not kind of implementing it.
I really think most of you who has kind of legal requirement compliance, whatever compliance regulatory, you need to do it in kind of way. And this functionality can bring it to you because every time you need to address your, for example, your printers for whatever reason you need to make MFA for printers, but also for RDP to your domain controller or to SMB, to your high privilege data file. Whatever you can make and require MFA on top of it.
And this also mean not only require MFA, you can also say, hey, if the user's kind of inside of a risk for whatever reason, because he's maybe coming out of of Russia, then five minutes later out of Africa, whatever. And then you can say, okay, now we are blocking it. I don't want to use the AI word, but hey, there's also some AI machine learning functionalities in the background. So now I'm seeing my time. Some of the use cases are also on the slide so you can read or come coming to me, Hey, what is this benefit of the solution?
Why we should using the Microsoft solution and not some of our competitors. I can give you some really clear answers about this because we have some more functionalities that others don't have.
But hey, this is more marketing. I'm just talking about the technical perspective. So really want to advise you, hey, have a look and bring together your identity people and your networking people and thinking about, hey, how can we shut down or enable on the more secure way our network infrastructure with modern identities, with kind of modern network approach and how to make LA the life of both the identities, the network and our end users who make the life easier and more secure. And this is where I will end, will say, thank to you. Thanks very much. I'm afraid we're in a bit of a.
