question

AndrBorgeld-4035 avatar image
0 Votes"
AndrBorgeld-4035 asked AndrBorgeld-4035 answered

Credential Guard and MFA

Dear contributors,

In Microsoft Azure i've implemented conditional access and that works fine.

Now I want to know if on prem credential guard is enough protecting your credentials or is AND/AND better?

What i mean is do i still need on PREM MFA beside Credential Guard?



Kind regards,

windows-serverazure-ad-conditional-access
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ELBANNOUNIMOHAMMED-6711 avatar image
0 Votes"
ELBANNOUNIMOHAMMED-6711 answered

Un accès conditionnel regroupe des signaux pour prendre des décisions et appliquer des stratégies organisationnelles. L’accès conditionnel Azure AD est au cœur du nouveau plan de contrôle basé sur les identités.

Conceptual Conditional signal plus decision to get enforcement

Les stratégies d’accès conditionnel, dans leur forme la plus simple, sont des instructions if-then : si un utilisateur souhaite accéder à une ressource, il doit effectuer une action. Exemple : Un responsable paie souhaite accéder à l’application de paie et il doit effectuer une authentification multifacteur pour y accéder.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndrBorgeld-4035 avatar image
0 Votes"
AndrBorgeld-4035 answered

I know and in Azure Conditional Access with MFA challenge works great.
Only we have servers On Prem and even with a Device Join you cannot use Azure MFA for On Prem Windows. You need to implement Windows Hello with RDS and NPS. So i wonder would Credential Guard (Defender) a good option instead of MFA or do i still need to create an MFA solution for on Prem servers besides Credential Guard.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.