Summary and resources
In this module, you learned how to configure and manage Microsoft's Security Service Edge (SSE) solution through Microsoft Entra Global Secure Access. This comprehensive solution provides secure access to any app or resource from anywhere by merging network, identity, and endpoint access controls into a unified cloud-delivered platform.
You explored the deployment and configuration of both Microsoft Entra Internet Access and Microsoft Entra Private Access, understanding how each component addresses different security needs. Microsoft Entra Internet Access protects users accessing Microsoft services, SaaS apps, and public internet resources through an identity-centric Secure Web Gateway. Microsoft Entra Private Access provides secure, VPN-less access to private corporate resources across hybrid and multicloud environments.
Throughout this module, you gained hands-on knowledge of key implementation tasks, including:
- Enabling traffic forwarding profiles for Microsoft, internet, and private access
- Deploying the Global Secure Access client to end-user devices
- Configuring tenant restrictions to prevent data exfiltration
- Setting up remote networks with IPsec tunnels for branch office connectivity
- Creating Quick Access applications for private resource access
- Implementing Conditional Access policies with compliant network checks and source IP restoration
- Monitoring network activity through the Global Secure Access dashboard and various log types
By completing this module, you now have the foundational knowledge to implement Microsoft Entra Global Secure Access as part of a Zero Trust security strategy, enabling your organization to secure access to resources while maintaining visibility and control over network traffic.