Identity as the Entrée to the Microsoft Cloud

The Office 365 Ecosystem

Planner

Enterprise Voice

Project ProVisio Pro

PowerBIYammer

OneDrive

IntuneAzure AD

Rights Mgmt

SwayDelve

BookingsFinance

EMSGroups

CRMDynamics 365

Teams

Customer Manger

Azure Rights Management

• Encrypts email

• Document usage control

• Internal & ext-ernal recipients

Microsoft Intune

• Mobile device management

• App and Data management

• Selective wipe

Azure AD Premium

• Single sign-on

• Self service password reset

• Multi-factor authentication

INFORMATION PROTECTION

IDENTITY & ACCESS MANAGEMENT

MOBILE DEVICE & APP MANAGEMENT

Enterprise Mobility + Security

• Secure Site-to-Site Gateway• Virtual Private Networking• Deploy applications for development, testing, or

production

• Scalable backup for Windows Server, SharePoint, SQL and Exchange

• Cost-effective 3rd party backup support• On-Premises and Cloud image solutions

• One common portal• Broad mobile device support• Support for Remote App & Remote Desktop• Flexible licensing models

• Simplify user access• Protect sensitive data and applications• Extensible solution for 3rd party SaaS applications

Top Azure SMB IaaS Scenarios

Azure AD by the Numbers

86% of Fortune 500

companies on

Microsoft Cloud

(Azure, O365, CRM

Online and PowerBI)

1 TrillionAzure AD

authentications since

the release of the

service

Azure AD manages

identity data for

>5M organizations

50MOffice 365 users

active every month

More than

500M objects

hosted on Azure

Active Directory

>1 Billionauthentications

every day on Azure

AD

Every Office 365 and Microsoft Azure customer

uses Azure Active directory

Azure Active Directory

Microsoft AzureActive Directory

Identity Scenarios

Independent

Azure AD Connect

Active DirectoryFederated Services

Self-service Singlesign-on

•••••••••••

Username

Identity as the core of Enterprise Mobility

Simple connection

Cloud

SaaSAzure

Office 365Publiccloud

Other Directories

Windows ServerActive Directory

on-premises Microsoft Azure Active Directory

IDENTITY DRIVEN SECURITY

Conditions

Allow access or

Block access

Actions

Enforce MFA per

user/per app

User, App sensitivity

Device state

LocationUser

NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES

CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT

MFA

IDENTITY PROTECTION

Risk

CLOUD-POWERED PROTECTION

CLOUD-POWERED PROTECTION

Text messages

Phone calls

Mobile apps

"Azure AD Premium makes life simpler

for the business and for employees.

It gives them access to enterprise

applications from any device with a

single sign-on that is secure and reliable.

That is fundamental in increasing the

adoption of cloud technology.”

- Kapil Mehta, Productivity &

Directory Services Manager

1000s of apps,1 identity

Single sign-on

for SaaS apps

Single

sign-on

for mobile

apps

Support for

lift-and-shift

of traditional

apps to the

cloud

Secure remote

access to

on-premises

app

Connect your

on-premises

identities

to the cloud

1000s OF APPS, 1 IDENTITY

Web apps

(Azure Active Directory Application Proxy)

Integrated

custom appsSaaS apps

OTHER DIRECTORIES

2700+ pre-integrated popular

SaaS apps and self-service integration via

templates

Connect and sync on-premises directories

with Azure

Easily publish on-premises web apps via

Application Proxy + custom apps

Microsoft Azure

Pre-integrated SaaS apps in the application gallery

https://appX-contoso.msappproxy.net/

1000s OF APPS, 1 IDENTITY

Application

Proxy

Corporate Network

UserAzure or 3rd Party IaaS

DMZ

Microsoft AzureActive Directory

connector

connectorconnector

DemoAzure Active Directory EditionsMultifactor AuthenticationSaaS SSO

Making hybrid identity simple

Why use Azure Active Directory Connect?

• Provides users with a common identity for accessing both cloud and on-

premises resources

• Synchronizes identities and passwords from Windows Server Active Directory to

Azure Active Directory so that they only have to be managed in one location

• Replaces existing identity integration tools such as DirSync and Azure Active

Directory Sync

• Identity Federation is an optional part of Azure AD Connect and can be used to

configure a hybrid environment using an on-premises ADFS infrastructure

Making Hybrid Identity Simple

• Recommended path for single forests

• 4 clicks to get on boarded to Azure AD/

Office 365

• Smallest on-premises footprint

• Simple Sign-On with the same password

as AD

Azure AD Connect Express Settings

Single forest

Multi-forest

configurations• Fully-mesh, Account-

resource forest

• One (or multiple)

Exchange organizations

with hybrid Exchange

• Group membership for

security groups with

ForeignSecurityPrincipals

(FSPs)

Filter which attributes to

sync based on services

used in the cloud

• Password

synchronization for

multiple forests

• Password write-back

(for SSPR and

password change)

• User will have only one

enabled user account

• User will have only one

mailbox

• The best data quality

for a user is where

Exchange is located

Sync – Customize options

Topologies Filtering PasswordsDefault configuration

assumptions

Features

ADFS Azure AD Connect Sync

General

View alerts Performance Usage patternsConfiguration

settings

Enables you to

maintain a reliable

connection to

Office 365 and

much more

This is accomplished using an agent that is installed on the targeted servers

Servers

supported

Username

?

Forgot your password?

User

Cloud

On-premises applications

•••••••••••••

IT

User’s identity

Self-service

experiences

Microsoft Azure Active Directory Cloud app discovery

Source: Help Net Security 2014

as many Cloud apps are in use than IT estimates

• SaaS app category

• Number of users

• Utilization volume

Comprehensivereporting

Discover all SaaS apps in use within your organization

CLOUD-POWERED PROTECTION

Intune/MDM

auto-enrollment

Azure Active Directory Join makes it possible

to connect work-owned Windows 10 devices

to your company’s Azure Active Directory

Enterprise-compliant services

SSO from the desktop to cloud and

on-premises applications with no VPN

Support for hybrid environments

MDM auto-enrollmentWindows 10 Azure AD

joined devices

ENABLE BUSINESS WITHOUT BORDERS

Enterprise State Roaming

http://aka.ms/iur

https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect/

https://azure.microsoft.com/en-us/services/multi-factor-authentication/

https://azure.microsoft.com/en-us/documentation/articles/active-directory-sso-integrate-saas-apps/

https://azure.microsoft.com/en-us/documentation/articles/active-directory-add-company-branding/

https://azure.microsoft.com/en-us/documentation/articles/active-directory-passwords-getting-started/#enable-users-to-reset-or-change-their-ad-passwords

http://aka.ms/jumphidregpage

Office 365 CSP First 30 Days FREE for all net new end user customers; cannot be

Additional to current customers. Monthly billing only.

Azure CSPFirst 30 Days FREE for all net new tenants; must be ongoing

use/12 months of consumption. Credit will be the amount

consumed during first 30 days.

Enterprise Mobility +

Security CSPFirst 30 Days FREE for all net new seats

Dynamics 365 for

Financials First 30 Days FREE for all net new seats

Windows 10 Enterprise

Subscription (WES)First 30 Days FREE for all net new seats

Additional Details:

• Must be registered to earn. Deadline to register is June 16th.

• All net new seats (O365, Azure, D365 for Financials, EMS, WES)

must stay with Ingram Micro for at least 12 months; one-time

project based does not qualify.

• 30 Days Free will be issued as an Ingram Micro Cloud

Marketplace Credit Memo.

• Microsoft qualified SMB customers only; no major accounts.

• Promotion may change without notice.

Questions? Contact: Microsoft-Cloud@Ingrammicro.com, 1-800-705-7057 Option 5

April 3rd - June 30th 2017

T&Cs: ©2017 Ingram Micro Inc. All rights reserved. Products available while supplies last. Prices subject to change without notice. Promotions are subject to Ingram Micro

Prize Winner Qualifications and Terms as published on http://corp.ingrammicro.com/Terms-of-Use.aspx. All applicable taxes are the responsibility of the winner.

Get the first

30 DAYS FREEon ALL Microsoft CSP via the Ingram Micro Cloud Marketplace.

Register to qualify >

Azure Training & Enablement

• In person events

• 300-level lab/scenario based technical

training for partners that currently transact

Azure through the Ingram Micro Cloud

Marketplace or intend to transact through

the Cloud Marketplace.

• Upcoming events:

• June 5-7- Buffalo, NY

• June 7-9- Buffalo, NY

*new schedule pending, 8 more workshops to

come next half!

Azure Practice Development

Workshops

Azure Workload Virtual

Workshop Webinars

• Virtual webinar, on demand

• Take a deeper dive on Azure workloads in

our technical 200-300 level virtual

workshops.

Get an overview

Understand the capabilities

View the solution in a demo

Price it out in a live fashion

Date Webinar Focus

6/7/2017Azure Workload Virtual Workshop: Hybrid Identity

6/9/2017Keep it in the Cloud, A Security Story

6/14/2017Azure Workload Virtual Workshop: EMS Uncovered

6/21/2017Azure Workload Virtual Workshop: Windows 10 as a Subscription

6/23/2017Converting to Azure, A Migration Story

Visit the Microsoft microsite for registration links and more:

http://www.ingrammicrocloud.com/microsoft/

Bite Size Azure Series

Featuring Jason Lambert,

Cloud Technical Consultant

for Microsoft Azure at

Ingram Micro

Jumpstart your Azure proficiency with Ingram Micro Cloud.

Bite Size Azure is a series of quick sales and technical videos

addressing overviews, frequently asked questions, and best

practices to make Azure easier to digest.

These short videos focus on a range of topics including:

What is Microsoft Azure?

Microsoft Azure Open vs CSP

I purchased Microsoft Azure through Ingram Micro, now what?

Microsoft Azure Calculator General Overview

Microsoft Azure CSP Process Doc

..and many more!

https://www.youtube.com/user/IngramMicroServices/playlists

LEARN MORE AT

BITE SIZE AZURE

Are you ready to accelerate your Azure practice?

Get a jump start with the Azure Acceleration Kits.

The Azure Acceleration Kits include:

Free 30-Days Advanced Support from Microsoft

Free migration and assessment services

Ingram Micro “Easy Azure” configuration guides

Lucrative promotions and discount offers

Sales and technical in person and virtual workshops

IaaS expert led 1:1 consulting and trainings

Azure Acceleration Kits

Easy Azure Starter KitAre you ready to get started with IaaS

but aren’t quite sure how? Or do you

need a simple service like backup?

Azure Enablement KitLearn not just the “how” but the “why”

and the “when” to incorporate an IaaS

solution like Azure into your business.

Azure Expert KitEngage a team of Azure technical experts and

post-sales solutions architects. Advanced

Support for Partners, migration/assessment

promotions, VIP training, and consult services

are all included.

Get started at the Azure Expert Zone:

http://www.ingrammicrocloud.com/microsoft/

Just LaunchedWe are pleased to announce our newly

revamped microsite solely dedicated to

all things Microsoft!

Our new Microsoft Microsite includes:

• Upcoming webinars and past webinar

recordings/presentation decks

• Event information such as Cloud Summit,

Azure Practice Development Acceleration

Workshop, and Microsoft Inspire

• Partner promotions

• Information on programs such as Azure

Starter Kit and the Cloud Referral Program

• ...and a chance to win a Surface Studio!!!

Visit now and enter

our raffle for a chance

to win a Surface Studio!

http://www.ingrammicrocloud.com/microsoft/