Share via

Global Secure Access - Entra Private Access licensing

Anonymous
2024-08-15T21:40:51+00:00

What licenses are needed for Entra Private Access? Yes, I understand the required licenses are described in the Licensing section of the "What is Global Secure Access" page, What is Global Secure Access? - Global Secure Access | Microsoft Learn. Hear me out...

  • I am a Global Admin with an E5 license. All the testing I've done with MY account was successful.
  • Our users have the M365 Business Premium license.
  • GSA requires Entra P1 licenses.
  • The M365 Business Premium licenses INCLUDES the Entra P1 functionality.

Do I really need to buy Entra licenses for all users?

Microsoft 365 and Office | Install, redeem, activate | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-08-16T20:15:02+00:00

    I answered my own question. I realize now that I did not adequately explain my question because I did not realize the difference between Microsoft Traffic Profile and Private Access Profile.

    There are three separate elements in the GSA service that build upon each other.

    • The Microsoft Traffic Profile is the ZTNA/secure-connection to the Microsoft apps (Email, SharePoint, OneDrive, etc).
    • The Private Access Profile is for access to Azure applications and services within the Azure tenant.
    • The Internet Access Profile is the policy controlling general internet access outside of Microsoft services and Azure.

    I am preparing to deploy the Microsoft Traffic Profile to further secure access to our email, SharePoint, Teams, OneDrive, etc. I mistakenly thought we needed both the Microsoft Traffic Profile and the Private Access Profile to make that work. You do NOT need both. Furthermore, the Microsoft Traffic Profile does NOT require any licenses beyond the Entra P1, which all my users have included with their M365 Business Premium licenses. The Private Access Profile and Internet Access Profile requires the appropriate license, IAW Microsoft Entra Plans and Pricing | Microsoft Security.

    I have been using our test account with the Microsoft Traffic Profile for the past hour, an account with only the M365 Business Premium license. I've revoked sessions several times, to force new authentication tokens. So far, so good. I will keep progressing down this path. I will update this thread if anything changes. I hope this helps others to better understand the GSA offerings.

    Was this answer helpful?

    8 people found this answer helpful.
    0 comments
  2. Anonymous
    2024-11-01T09:30:34+00:00

    Hello Bertrand,

    It's not quite clear how the licensing works yet.
    My questions :
    Can my users have access to Entra Private Access by having 365 Business Premium license?
    Do i need to purchase the Entra Private Access licenses additionally?

    Thanks in advance

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  3. Anonymous
    2025-04-22T22:02:00+00:00

    I did all of this and I still get a message that i need a P1 License and support has been no help

    Was this answer helpful?

    0 comments
  4. Anonymous
    2025-01-24T10:15:02+00:00

    You're right it is not clear at all.

    Despite having a P1 license I had to start the 90 trial of Entra Suite to activate Private Access.

    It gives you 25 licenses so one would assume that each user needs one.

    However the test user had a Business Premium license and was able to connect to resources in our test environment.

    This would suggest that maybe only 1 Entra suite license is needed to turn everything on.

    The cost per user stays the same as they are already set up for 365 - I think!?!

    Was this answer helpful?

    0 comments
  5. Anonymous
    2024-08-16T00:59:10+00:00

    Hello Shawn Goodwin

    Good day and thanks for posting in Microsoft community

    To understand whether you need to purchase additional Entra licenses for your users who have Microsoft 365 Business Premium licenses, it's important to clarify a few key points regarding the licensing structure of Microsoft Entra and its functionalities associated with Global Secure Access (GSA) and Entra Private Access.

    The Microsoft 365 Business Premium license indeed includes the functionality of Entra ID P1. This suggests that your users should have the necessary capabilities to access services that require Entra P1 licensing, including Entra Private Access and Global Secure Access. GSA requires a valid license, and your users under the Business Premium license qualify due to the inclusion of Entra P1. Hence, they should be able to utilize GSA features as long as they are aligned with the permissions and settings applicable within your organization.

    You mentioned have been able to test with your Global Admin account and it was successful, this further supports that the Entra P1 functionalities associated with your users' licenses should work as intended.

    Since the M365 Business Premium license encompasses the capabilities of Entra P1 and hence should allow access to Entra Private Access features, you do not need to purchase extra Entra licenses for all users with M365 Business Premium. They already have the necessary permissions to access Entra Private Access functionalities. This scenario should hold valid as long as there are no additional constraints set at the organizational level that might restrict access.

    Hope this answers your query well. Please feel free to reach out if you need further assistance on the issue. We will be happy to help.

    Sincerely,

    Bertrand

    Was this answer helpful?

    0 comments