Microsoft bridges gap between identity and network access with the Microsoft Entra Suite

Microsoft’s journey to modern secure access began with adoption of the Microsoft Entra Suite, a unified solution that combines identity and network access capabilities. The transformation started with implementation of Microsoft Entra ID Governance using real-time lifecycle management and automated access policies to reduce risk through just-in-time, least-privilege, and role-based access. Next, Microsoft expanded into Microsoft Entra Private Access, replacing legacy VPNs and hardware-based solutions with a modern, identity-centric Security Service Edge (SSE) approach. This helped Microsoft meet the growing need for consistent access policies, automation, and resilience in the face of global cyber threats.

At the time, Microsoft operated 17 legacy access points globally, resulting in latency and inconsistent performance. Traffic routing was inefficient, and large file downloads were slow. “Users in South Africa had to route through London to access apps or browse the internet,” says Pete Apple, Principal Technical Program Manager Architect at Microsoft. “Using the Security Service Edge products in Microsoft Entra Suite, employees connect automatically to the nearest Microsoft 365 and Azure locations—dramatically improving performance and user experience. The feedback has been overwhelmingly positive.”

Security Service Edge capabilities of the Microsoft Entra Suite

Microsoft used the Entra Suite to enable progressive deployment, addressing identity governance, then network access security. The company manages SSE through Global Secure Access. This component of the Entra Suite is designed to secure access to private, internet, and SaaS applications and resources, for extensive visibility, real-time threat protection, and granular access controls across public and private resources. “With SSE capabilities in Microsoft Entra Suite, web filtering and threat protection are closer—whether through a nearby Azure data center or directly. Security is always on, no matter where people work,” says Apple.

Measurable results in speed, security, and simplicity

Today, Microsoft has more data centers globally, and employees authenticate using Microsoft Entra ID, which evaluates device health, location, and user risk. If criteria are met, access is granted—only to specific resources. This shrinks the attack surface while improving user experience. “With identity-based, zero trust access to important internal resources, like sales databases and financial information, we help ensure access stays appropriate and secure,” says Apple.

“In partnership with the Microsoft IT team, we architected a cloud-native, identity-centric SSE architecture. By replacing legacy VPN with real-time telemetry, threat intelligence, and adaptive policy, we deliver a seamless user experience. This empowers Microsoft’s AI-first, agentic enterprise with scalable and responsible connectivity for a globally distributed workforce,” says Ashish Jain, Principal Group Product Manager at Microsoft.

Microsoft IT has successfully deployed the Global Secure Access Client to 150,000 users and 250,000 devices across Windows, Mac, iOS, and Android platforms—a milestone in enhancing connectivity and security. In coming months, deployment will expand to all users across Microsoft Entra Private Access and Internet Access.

This initiative will deliver substantial performance and security improvements—latency reductions of 70–80% in many regions—boosting developer workflows and Microsoft 365 experiences. Enhanced telemetry and app visibility will accelerate incident response and improve access governance. Developers will benefit from fine-grained access to high-value resources such as source code repositories and labs. Conditional Access policies and real-time risk assessments will help prevent over-provisioning and unauthorized access, while also minimizing lateral threat movement. Seamless multifactor authentication and least privilege access by default will reinforce Microsoft’s Zero Trust principles, and adaptive access will further enhance user productivity and experience. “We’ve unified our identity, device, and network access strategy,” says Carmichael Patton, Principal Security Architect at Microsoft. “It’s incredibly powerful to control access end-to-end, evaluate risk continuously, and simplify everything from administration to support.”

Apple concludes, “As customer zero for new products, we’ve already done the hard work. Now we’re making it easier for customers to adopt Zero Trust access with confidence and clarity.”

Discover more about Microsoft on Facebook, Instagram, LinkedIn, X/Twitter, and YouTube.