Microsoft announces migration plans and ‘Entras’ SSE space

Microsoft building | SSE

Microsoft has unveiled plans to migrate offers based on its cloud solution provider (CSP) structure to its new commerce experience (NCE), starting next year. In addition to the new plans, Redmond has also announced it is entering the competitive Secure Service Edge (SSE) market.

The migration move comes in response to partner requests for assistance in managing customers’ business on two platforms simultaneously. By migrating legacy seat-based subscriptions to the new commerce, Microsoft aims to streamline operations and reduce the burden for its partners.

The migration process will begin with subscription renewals in January 2024 and continue throughout the year. Partners will have seven days after migration to make any necessary changes or cancel the subscription.

To facilitate the migration process, Microsoft advises partners to proactively manage their customers’ transitions. Migrating subscriptions ahead of the legacy subscriptions’ end of term in 2024 enables partners to enjoy benefits such as the ability to modify terms and conditions and communicate the changes with indirect resellers and other partners in their ecosystem.

In addition to its migration plans, Microsoft has entered the competitive SSE market with a new software package designed to protect its Windows and Azure customers, as well as other cloud-based enterprise resources. The SSE package, part of Microsoft’s Entra identity and network access suite, consists of two new components, Entra Internet Access and Entra Private Access.

Entra Internet Access serves as a secure web gateway (SWG) for SaaS apps and internet traffic, safeguarding against malicious activities, non-compliant content and other threats from the open internet. It offers enhanced conditional access by extending network conditions, such as requiring access from a compliant network, to prevent the replay of stolen access session tokens.

Entra Private Access leverages zero trust network access (ZTNA) technology to control access to private applications, regardless of user location or application hosting. It provides additional layers of security controls, including multifactor authentication (MFA), device compliance checks, identity protection, identity governance and single sign-on for TCP/UDP-based applications.

By utilizing attribute-based conditional access policies, customers can easily configure policies tailored to specific application sensitivities. Entra Internet Access and Entra Private Access share a unified agent, providing consistent connectivity across devices and networks. Customers can enforce unified conditional access policies considering identity, device, application and network conditions without the need to modify applications.

With this move, Microsoft joins established players in the SSE market like Palo Alto, Zscaler and Netskope. While Microsoft may be a newcomer, its large customer base and strong identity vendor capabilities make it a big addition to the competitive landscape.