Enterprise 3 Build 5 (E3B5) - SDP and SASE - Microsoft Entra Conditional Access (formerly Azure AD Conditional Access) and Microsoft Security Service Edge as PEs Product Guides#
Note
This page is supplementary material for the NIST SP 1800-35 publication.
This section of the practice guide contains detailed instructions for installing, configuring, and integrating all the products used to implement E3B5. For additional details on E3B5’s logical and physical architectures, please refer to Architecture and Builds.
Microsoft Entra Conditional Access (formerly known as Microsoft Azure AD Conditional Access)#
To create and use Entra Conditional Access, use the information found at Configure Conditional Access.
Microsoft Security Service Edge (SSE)#
To deploy and configure Microsoft Security Service Edge, use the information found at Configure SSE.
Microsoft Entra Private Access Connector#
To deploy and configure Private Access Connector, use the information found at Deploy Private Access.
Microsoft Entra ID (formerly Azure AD)#
For activation, configuration, and integration instructions, refer to Microsoft Entra ID.
Microsoft Entra ID Governance (formerly Azure AD ID Governance)#
For activation, configuration, and integration instructions, refer to Microsoft Entra ID Identity Governance.
Microsoft Intune#
For activation, configuration, and integration instructions, refer to Microsoft Endpoint Manager.
Microsoft Defender for Endpoint#
For installation and configuration instructions, refer to Microsoft Defender
Microsoft Global Secure Access Client#
For installation and configuration of Global Secure Access Client on devices, use the information found at Global Secure Access client.
Microsoft Purview#
For activation, configuration, and integration instructions, refer to Microsoft Purview Information Protection.
Microsoft Entra ID Identity Protection (formerly Azure AD Identity Protection)#
For activation, configuration, and integration instructions, refer to Microsoft Entra ID Identity Protection.
Microsoft Defender for Identity#
For installation, configuration, and integration instructions, refer to Microsoft Defender for Identity.
Microsoft Defender for Cloud#
To enable and configure Defender for Cloud, refer to Microsoft Defender for Cloud.
Microsoft Sentinel#
For activation, configuration, and integration instructions, refer to Microsoft Sentinel.
Tenable.io#
For installation, configuration, and integration instructions, refer to Tenable.io.
Tenable.ad#
For installation, configuration, and integration instructions, refer to Tenable.ad.
Mandiant Security Validation (MSV)#
For installation, configuration, and integration instructions, refer to Mandiant Security Validation (MSV).
Microsoft Azure (IaaS)#
For installation, configuration, and integration instructions, refer to Microsoft Azure (IaaS).
Microsoft 365 (SaaS)#
To enable and activate Microsoft 365, refer to Microsoft 365.
DigiCert CertCentral#
For installation, configuration, and integration instructions, refer to DigiCert CertCentral.