As the transition to cloud computing and virtual machines continues, thousands of companies are opting to skip the free version of Azure Active Directory and subscribe to Azure AD Premium P1 and Premium 2 services.
Azure AD P1
Azure Active Directory features are all automatically included in the free and basic Azure AD subscriptions, such as identity management capabilities, device registration, B2B collaboration capabilities, and basic security reports. The Azure AD P1 option adds an additional level of security as well as enhanced cloud identity. This is especially important to organizations that need the enterprise-level security and management features that basic Azure AD simply doesn’t provide.
The upgraded capabilities are particularly helpful for businesses that have multiple remote users, on-premises users, and hybrid users who require broader access to applications on the cloud. Azure AD P1 builds upon the free and basic Azure AD subscription with more features, including device registration and identity management capabilities, unlimited Directory objects, self-service password resets (SSPR), advanced reports, group-level access management, and more. This premium service is available at a cost of $6 per user, per month, in addition to any Office 365 subscription fees.
AD P1: Value-Added Services and Large-Scale Flexibility
Azure Active Directory P1 provides a larger organization with the availability of dynamic groups, application proxies, and Cloud App Discovery. This larger-scale flexibility is also helpful for user experience, thanks to its no password authentication. Azure AD P1 allows multi-factor authentication with something that users have with them, instead of something they “know,” such as a password. AD supports the Microsoft Authenticator app (which authenticates sign-ins on a verified mobile device), Windows Hello for Businesses (which uses biometrics and PINs that are associated with a specific PC), and FIDO2 security keys (which authenticate by a USB thumb drive with high-security keys).
Dynamic Groups in Azure AD P1
The ability of AD P1 to include dynamic groups is an important benefit of this Azure AD upgrade. This time-saving feature allows for automatic additions and removals from security groups based on user or device properties. This is different from Office 365 group management, which only allows these changes in user groups. This allows the user to define guest dynamic groups, such as Guests, and manage them centrally. The group rules and the automatic memberships are updated automatically.
Other AD P1 Differences
In addition, the Cloud App Discovery tool allows for advanced access reports. These reports offer improved management by analyzing cloud traffic logs and ranking application usage by the number of users, traffic volume, and/or outbound web requests. The increase of off-premises workers has required many businesses to rethink their AD access. Remote users will appreciate the Azure Application Proxy, which is a software agent that provides specific on-premises apps without larger segment exposure. A standard Azure single sign-on (SSO) allows remote users to access the Application Proxy as well as access Office apps, Teams, SharePoint, and Remote Desktop.
Azure AD Information and Support at Trusted Tech Team
Is the free version of AD sufficient? Would your company benefit from an upgrade to Azure AD P1? Let Trusted Tech Team help you decide if this upgrade makes sense for your business. As a Microsoft Gold Partner, we have the knowledge and expertise needed to help you decide between Azure’s free or paid subscription upgrades. Contact us to learn more or create an appointment with a Licensing Engineer.
Subscribe to the Trusted Tech Team Blog
Get the latest posts delivered right to your inbox