How to set-up Conditional Access policy?
In the Azure portal, select Conditional Access from the Security settings after opening your Active Directory Tenant. The following are the steps to follow:
- As a Global Administrator, Security Administrator, or Conditional Access Administrator, log in to the Microsoft Entra admin center.
- Navigate to Conditional Access, Identity, Protection, and finally Protection.
- To establish a policy, select New policy under the Conditional Access settings.
- Give a name to your policy.We advise organizations to develop a significant standard for the policy names.
- Select Users and groups under Assignments.
- Click Include and choose All users.
- Select Users and groups under Exclude.
- Choose All cloud apps under Include under Cloud apps or actions.
- Next, Location under Conditions.
- Configure should be set to Yes.
- Click Include and choose Any location.
- Select Selected location under Exclude(Choose the location you want to block the access from).
- Select the option. Choose Block Access under Access controls, then click Select.
- Confirm your configuration and turn on the Enable policy.To create a Conditional Access Policy, select create.
- And you created a conditional access policy for blocking access to a location!(Remember it’s oneof the common policies discussed above!).
Azure AD Conditional Access Policies Explained
Microsoft Azure is Microsoft’s primary cloud offering. The Microsoft cloud lives within Microsoft Azure, which is a combination of ultra-redundant data centers located all over the world that offer storage, power, cooling, and all the necessary infrastructure to host cloud servers. So, Microsoft Azure provides X as a service solution. So what does it mean? It means it offers software as a service, platform as a service, infrastructure as a service, and directory as a service. Essentially, everything is a service. A platform-as-a-service solution is essentially a platform that is there, managed by the provider, and you are using that platform to manage your solutions on top of it. Infrastructure as a Service allows you to build a network on top of an underlying solution. For example, building out virtual machines, virtual networks, and so on. Software as a Service is completely managed software by a provider that you just plug into.
Azure AD, or Microsoft Entra ID, is an identity provider that can authenticate security principals. So a security principal is really what we are using when we are authenticating to anything that is an identity provider, in this case, Microsoft Entra ID.
Contact Us