Secure Identities and Access Workshop Delivery Guide 4 July 2022
Download 1.16 Mb.
|
- Navigate this page:
- Background reading
- Application Discovery Reporting and discussion
- Format The activity can be delivered online but can also be delivered as an onsite workshop. Customer resources
- Supporting materials
- Pre-requisites
| Validate License
The Azure AD Cloud App Discovery snapshot report functionality doesn’t require a M365 E5 license nor a full Microsoft Defender for Cloud App license. The Azure AD Premium P1 license required to perform this workshop is sufficient. Discovery capability differences for Defender for Cloud Apps and Azure AD | Microsoft Docs Create Snapshot Report To generate an app discovery report, web traffic log files from a firewall or proxy device must be uploaded to Cloud App Security as part of creating a snapshot report. Cloud App Security then parses and analyzes those files and will generate the app discovery report which you will use as part of the workshop. It’s a good idea to ask the customer about the brand and model of their proxy or firewall as part of the pre-engagement call so you can verify if the device is supported by Cloud App Security or if you need to spend additional time using the custom log format option. It’s also useful to have the customer send you a sample log so you can make sure the import will be successful. Use the following instructions to assist the customer with the import of firewall or proxy logs: https://docs.microsoft.com/en-us/cloud-app-security/create-snapshot-cloud-discovery-reports Background readingTo prepare for the delivery of the Secure Identities and Access Workshop engagement, refer to Appendix A - Readiness and Technical Content for links to relevant online learning content. Duration and effortPreparation 1 Hrs. Delivery 1 Hrs. Application Discovery Reporting and discussion
ObjectivesThe objective for this activity is to populate the 98 - Secure Identities and Access - Design Decision Points.xlsx spreadsheet. Focus on the Azure AD Application Management tab with applications found during the discovery process. Start creating a prioritization list based on availability in the Azure AD App Gallery, usage, and easiness to migrate. You will also have a discussion on applications based on the answers to the 02 - Secure Identities and Access - Customer Questionnaire.docx FormatThe activity can be delivered online but can also be delivered as an onsite workshop. Customer resourcesA representative from the customer’s Security Team and/or Application Team. Delivery resourcesSecurity Architect Supporting materials98 - Secure Identities and Access - Design Decision Points.xlsx PreparationPrior to delivering the activity, the delivery resource leading the workshop will need to familiarize themself with: The completed 02 - Secure Identities and Access - Customer Questionnaire.docx document. The 04 - Secure Identities and Access - Application Discovery.pptx presentation content. Pre-requisitesThe activities outlined in 10.5 Application Discovery Presentation and 10.6 Application Discovery Setup must be completed prior to starting this activity. DeliverablesThe deliverables of the module are defined as: Application discussion performed with the customer based on 02 - Secure Identities and Access - Customer Questionnaire.docx answers. Meeting notes. 98 - Secure Identities and Access - Design Decision Points.xlsx spreadsheet – Azure AD Application Management tab completed with discovered applications. Exceptions are columns on business criticality, usage, expected life span, and categorization priority, which will be achieved during 11.1 Azure AD Application Management. These deliverables will serve as input to the next steps. GuidanceDeliver the activity using the results from activities 10.5 Application Discovery Presentation and 10.6 Application Discovery Setup. The outcome is a list of applications discovered in the 98 - Secure Identities and Access - Design Decision Points.xlsx spreadsheet – Azure AD Application Management tab. If time permits, you can start the application categorization and prioritization as part of this activity. You will then come back and complete the application categorization and prioritization as part of the Azure AD Application management activity. Download 1.16 Mb. Share with your friends:
|