Microsoft's Entra Kerberos: Bridging Legacy AD to Cloud Auth + MAM on Edge with PM Jordan Gross

In this episode we chat with Microsoft PM Jordan Gross about the exciting world of Entra Kerberos.Discover how this crucial feature bridges the gap between traditional on-premises Active Directory and the modern cloud, enabling seamless authentication for legacy applications in hybrid environments.Jordan delves into the mechanics of Entra Kerberos, its different operational modes (up-level and down-level trust), and its significance for organizations migrating to the cloud.We also explore MAM (Mobile Application Management) on Edge, another innovative solution Jordan worked on, which helps secure browser access on personal devices.LinkedIn - https://www.linkedin.com/in/jordangross61/PS. Can I ask a favor? If you enjoy this podcast please leave a review and rating on your podcast app! This helps more folks discover Entra.Chat - Thank you 🙏 - MerillWatch on YouTube or get the podcast from the links below 👇🔗 Related LinksEntra Kerboros* How Azure AD Kerberos Works • Steve Syfuhs* Cloud Kerberos trust deployment guide* Use Kerberos for single sign-on (SSO) to your resources with Microsoft Entra Private Access* Kerberos Constrained Delegation for single sign-on (SSO) to your apps with application proxy* Enable Microsoft Entra Kerberos authentication for hybrid identities on Azure Files* How Windows Authentication for Azure SQL Managed Instance is implemented with Microsoft Entra ID and Kerberos* Configure single sign-on for Azure Virtual Desktop using Microsoft Entra ID* Enable Kerberos SSO to on-premises Active Directory and Microsoft Entra ID Kerberos resources in Platform SSO (MacOS)MAM* Data protection for Windows MAM📗 Chapters00:00 Intro01:24 Introducing Entra Kerberos & MAM on Edge03:13 What is Entra Kerberos?04:14 Understanding Traditional Kerberos06:39 Why Entra Didn't Just Use Kerberos Initially07:36 The Lingering Importance of On-Prem AD09:08 Where Entra Kerberos Fits: Solving Hybrid Problems10:06 Use Cases: Regulations & File Sharing (SMB Protocol)11:55 How Entra Kerberos Works: Two Styles13:36 Modern Auth vs. Down-Level Trust Explained14:04 The Convenience of Cloud TGTs with Windows Hello15:26 Accessing Resources: TGT to TGS Exchange17:03 How Apps Trust Entra Kerberos Tickets18:00 Admin Setup for Trust Relationship19:22 Supporting Legacy Apps in a Modern World21:24 Benefits Over NTLM & Conditional Access23:04 Future of Entra Kerberos: Cloud-Only Users26:28 Expanding Support: Mac, Linux & Mobile Devices29:13 Current Big Use Cases: Azure Files & AVD30:06 Understanding Down-Level Scenarios31:42 Interaction with Global Secure Access33:57 Transition to MAM for Edge34:27 What Problem Does MAM for Edge Solve?36:12 How MAM for Edge Protects Personal Devices38:11 Security Scope: Benign User Mistakes vs. Hackers40:23 Combining MDM and MAM for Enhanced Security41:20 Deployment: Intune Policies & Entra Configuration43:18 Windows-Only Feature for Now44:10 Benefits: Security, User Empowerment & Visibility48:13 Intune Dependency & Flexibility with Other MDMs49:50 The Fun of Cross-Team Collaboration50:48 Concluding Thoughts & Thank YouPodcast Apps🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple📺 YouTube → https://entra.chat/youtube📺 Spotify → https://entra.chat/spotify🎧 Overcast → https://entra.chat/overcast🎧 Pocketcast → https://entra.chat/pocketcast🎧 Others → https://entra.chat/rssMerill's socials📺 YouTube → youtube.com/@merillx👔 LinkedIn → linkedin.com/in/merill🐤 Twitter → twitter.com/merill🕺 TikTok → tiktok.com/@merillf🦋 Bluesky → bsky.app/profile/merill.net🐘 Mastodon → infosec.exchange/@merill🧵 Threads → threads.net/@merillf🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

There are no comments yet.

Please log in to write the first comment.