Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory

Similar documents
What s New in Netwrix Auditor 9.5

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

What s New in Netwrix Auditor 8.0. PRESENTER: Jeff Melnick Manager of Sales Engineering x 971

Expert Webinar: Hacking Your Windows IT Environment

Product Overview. Netwrix Auditor. Presenter: Jeff Melnick Manager of Sales Engineering x 971

Top Critical Changes to Audit

Monitoring Active Directory: Both Azure AD and On-Premise AD and How Synchronization and Federation Play In

The 3 Pillars of SharePoint Security

Back to Basics IT Infrastructure Configuration Tips & Tricks Active Directory / Group Policy / Exchange

Become an Active Directory Auditing Superstar: an all-in-one guide!

4 Ways Your Organization Can Be Hacked

Ten most common Mistakes with AD FS and Hybrid Identity. Sander Berkouwer MVP, DirTeam.com

What the GDPR is and how to deal with it. Russell McDermott Sales Engineer +44 (0) x 2208

Withstanding Ransomware Attack: A Step-by-Step Guide Presenter:

Netwrix Auditor. Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer

How to Survive an IT Audit and Thrive Off It!

Top 7 Questions to Assess Data Security in the Enterprise

Netwrix Auditor for File Servers and SQL Server

Outsmarting Ransomware: Hints and Tricks. Netwrix Corporation Adam Stetson System Engineer

Top 5 NetApp Filer Incidents You Need Visibility Into

Don't 'WannaCry' No More: How to Shield Your IT Infrastructure from Ransomware. Netwrix Corporation Roy Lopez System Engineer

Install and Configure Active Directory Domain Services

Identity as the core of enterprise mobility

Top 5 Oracle Database Incidents You Need Visibility Into

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

HOW TO MAXIMIZE THE VALUE OF YOUR SPLUNK INVESTMENT. PRESENTER: Adam Stetson Presales Engineer

Hacker Explains Privilege Escalation: How Hackers Get Elevated Permissions

Use EMS to protect your mobile data and mobile app

Manage and Maintain Active Directory Domain Services

Office 365 and Azure Active Directory Identities In-depth

DATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz

Course 10993A: Integrating On-Premises Identity Infrastructure with Microsoft Azure

Liferay Security Features Overview. How Liferay Approaches Security

Hybrid Identity de paraplu in de cloud

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

What s New in Netwrix Auditor 9.7

How to Ensure Continuous Compliance?

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Azure Active Directory from Zero to Hero

Netwrix Virtual. Customer Summit 2016

Jay Ferron. CEHi, CISSP, CHFIi, C)PTEi, CISM, CRISC, CVEi, MCITP, MCSE, MCT, MVP, NSA-IAM blog.mir.

News and Updates June 1, 2017

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Crash course in Azure Active Directory

Managing Microsoft 365 Identity and Access

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

CONDITIONAL ACCESS FROM A TO Z

Google Identity Services for work

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Active Directory Services with Windows Server

Netwrix Auditor Competitive Checklist

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

Active Directory Services with Windows Server

SOX/COBIT Framework. and Netwrix Auditor Mapping. Toll-free:

Active Directory Services with Windows Server

Top. Reasons Legal Teams Select kiteworks by Accellion

HIPAA Requirements. and Netwrix Auditor Mapping. Toll-free:

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

Q&As Managing Office 365 Identities and Requirements

Azure Multi-Factor Authentication: Who do you think you are?

Cloud Customer Architecture for Securing Workloads on Cloud Services

Netwrix Auditor for SQL Server

Integrating On-Premises Identity Infrastructure with Microsoft Azure

IT Security Horrors That Keep You Up at Night

ACTIVE DIRECTORY SERVICES WITH WINDOWS SERVER

20398: Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) and On- Premises Tools

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

SAP Security in a Hybrid World. Kiran Kola

Best Practices for Augmenting IDaaS in a Cloud IAM Architecture PAM DINGLE, PING IDENTITY OFFICE OF THE CTO

Netwrix Auditor. Administration Guide. Version: /31/2017

Office : Enabling and Managing Office 365. Upcoming Dates. Course Description. Course Outline

At Course Completion After completing this course, students will be able to:

Extranets in SharePoint and Office 365 May 17, 2017

Extranet Identity Management and Authentication for SharePoint On Premise, Office 365 and Beyond

Office 365 External Sharing Webinar November 7, 2017

ISO/IEC Controls

the SWIFT Customer Security

Go mobile. Stay in control.

CAN MICROSOFT HELP MEET THE GDPR

ISACA Silicon Valley. APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems

Extranets in SharePoint and SSO for Claims Apps. January 18, 2017

COURSE OUTLINE: OD10969B Active Directory Services with Windows Server

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

App Gateway Deployment Guide

Enabling and Managing Office 365

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

"Charting the Course... MOC B Active Directory Services with Windows Server Course Summary

10969B: Active Directory Services with Windows Server

Course Outline 20742B

This module provides an overview of multiple Access and Information Protection (AIP) technologies

10969: Active Directory Services with Windows Server

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Microsoft Active Directory Services with Windows Server

ENABLING AND MANAGING OFFICE 365

THE SECURITY LEADER S GUIDE TO SSO

[ Sean TrimarcSecurity.com ]

#1 Enterprise File Share, Sync, Backup and Mobile Access for Business

Transcription:

Tracking changes in Hybrid Identity environments with both Active Directory and Azure Active Directory Presenters: Sander Berkouwer Senior Consultant at SCCT 10-fold Microsoft MVP Active Directory aficionado Jeff Melnick Systems Engineer Netwrix

Housekeeping All attendees are on mute Ask your questions! Questions will be answered during the session or at the Q&A at the end You will receive a copy of slides and webinar recording in the follow-up email Duration: Up to 60 minutes Type your question here Click Send We hope you enjoy!

Agenda Introduction to Hybrid Identity Active Directory and Azure AD What is involved with Hybrid Identity? Why you need monitoring Active Directory is the cornerstone Azure AD is all the hype But it s a service What does Netwrix offer?

AN INTRODUCTION TO HYBRID IDENTITY How Active Directory and Azure AD can work together to bring you the magic of Single Sign On on any device, anytime from anywhere

Hybrid Identity Expanding Active Directory Domain Services into the cloud Active Directory has been your Single Sign-On (SSO) solution for years Active Directory uses legacy protocols like Kerberos and NTLM Azure Active Directory is Microsoft s cloud-based identity solution Azure AD is Microsoft s Identity Management as a Service solution Offering Single Sign-On (SSO) to over 2800 apps Azure AD only offers open interconnection standards Like WS-Federation, SAML, OAuth2, OpenID Connect Azure AD is for not just for admins

Benefits of Hybrid Identity One identity to rule them all Single Sign-On (SSO) Both on-premises and in the cloud Leveraging Active Directory Federation Services (AD FS) Same Sign-On (SSO) Two identities, appearing as one Easy Multi-Factor Authentication Easy collaboration with partners without AD Trusts Relying Party Trusts (RPTs) are scalable, flexible and secure

How to setup Hybrid Identity First you need to identify your organization There are 13million organizations with +1B users in Azure AD Then, you need to specify your domain name and other info Create a TXT or MX DNS record temporarily Then, specify a sign-in method Active Directory Federation Services Password Hash Sync Pas-through Authentication Then, you ll need to synchronize your users Between 3 mandatory attributes and 151 standard attributes synced

Tools to setup Hybrid Identity For synchronization Azure AD Connect Forefront Identity Manager Microsoft Identity Manager 3rd party solutions FIM / MIM 1.9% Other 0.0% Deprecated Microsoft Sync Tools 7.6% For federation (optional) AD FS Ping Federate Azure AD Connect Azure AD Connect Deprecated Microsoft Sync tools FIM/MIM Other

Risks of Hybrid Identity Oversight and negligence Lingering (privileged) accounts Complex issuing and revocation of privileges Complex issuing and revocation of access Expiring certificates and other certificate trust issues Attacks Undetected token deflection attacks Leaked on-premises credentials, reused in the cloud DoS attacks using your publicly available federation endpoints MiTM attacks leveraging downgraded encryption algorithms Vulnerabilities in web standards, leveraged by attackers Fines For not meeting regulations like GDPR with breaches of PII data as a result

Common risk mitigation strategies Every piece of access is governed by group memberships Azure AD as slave to Active Directory Risk of token bloat Not taking advantage of attribute-based functionality Dynamic group memberships for licensing Dynamic group memberships for applications Etc. AD FS solutions not published to the Internet Office 365 unusable on ipads and other portable devices outside the office Not a recommended practice from Microsoft because of MEX

WE NEED PROPER MONITORING There are two types of organizations; Those that have been hacked, and those that don t yet know they ve been hacked.

Monitoring of Active Directory Active Directory is the cornerstone of almost every infrastructure Active Directory has been around for two decades (NT5 Beta) Domain Controllers are Castles of Identity Some organizations still run them as physical hosts Auditing is alive and well Many solutions to choose from Solutions like Netwrix, SPLUNK, ArcSight and STEALTHaudit. Solutions like Microsoft s own Advanced Threat Analytics

Monitoring of Azure Active Directory Azure AD is all the hype! Office 365 uses Azure AD as its identity platform Azure AD allows for Single Sign-On (SSO) access to 2800+ readily integratable apps to your own apps using Azure App Proxy Some organizations are cloud-only. A minority today, but increasing fast! But Azure AD is a service Microsoft runs it and takes care of auditing Auditing is exposed through the Graph API for a maximum of 180 days Not every vendor has a solution out there today

Monitoring Hybrid Identity Monitoring both Active Directory and Azure Active Directory One Single Pane of Glass Up to date Enterprise Overview Reporting On privilege use On anomalies and vulnerabilities across Hybrid Identity On objects being migrated, managed, extended without blind spots Notifications Machine Learning (ML)

What Microsoft offers Azure AD Connect Health Monitors Azure AD Connect, AD FS and AD DS Reports on outages Part of Azure AD Premium Initially designed to aid admins in restoring the functionality of Azure AD Connect, as its architecture makes it a single point of failure Advanced Threat Analytics Monitors Active Directory Domain Services Initially designed to detect anomalies like golden ticket attacks in Enterprise Active Directory environments Part of Microsoft EMS E5

WHAT DOES NETWRIX OFFER? A Single Pane of Glass to monitor, analyze and report on both Active Directory and Azure AD

Netwrix Auditor Demonstration

Netwrix Auditor Applications Active Directory Azure AD Exchange Office 365 Windows File Servers EMC NetApp SharePoint Oracle Database SQL Server Windows Server VMware

Netwrix Customers Financial Healthcare & Pharmaceutical Federal, State, Local, Government GA Industrial/Technology/Other

Industry Awards and Recognition All awards: www.netwrix.com/awards

Concluding Hybrid Identity Active Directory Domain Services Azure Active Directory Azure AD Connect Monitoring Solutions from Microsoft Azure AD Connect Health Advanced Threat Analytics Netwrix Auditor 9.5

Next Steps Free Trial: setup in your own test environment: On-premises: netwrix.com/freetrial Virtual: netwrix.com/go/appliance Cloud: netwrix.com/go/cloud Test Drive: run a virtual POС in a Netwrix-hosted test lab netwrix.com/testdrive Webinars: join our upcoming webinars and watch the recorded sessions netwrix.com/webinars

Thank you Thank You! Presenters: Sander Berkouwer Senior Consultant at SCCT 10-fold Microsoft MVP Active Directory aficionado Jeff Melnick Systems Engineer Netwrix

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback