Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article provides an overview of Microsoft Entra ID Plan 1, a comprehensive identity and access management solution designed for educational institutions. It covers the key features, requirements, roles, and responsibilities associated with Microsoft Entra ID P1, and includes detailed comparisons with other Microsoft Entra ID plans.
Requirements
- Microsoft A3 license
- Microsoft Entra ID Plan 1
Roles and responsibilities
- IT Admin
- Identity Admin
Microsoft Entra ID P1
Microsoft Entra ID P1 is a powerful identity and access management solution that offers significant benefits for educational institutions. It provides advanced security features such as conditional access, which helps protect sensitive data by ensuring that only authorized users can access specific resources based on predefined conditions. This is useful in education, where safeguarding student information and academic records is paramount. Additionally, Microsoft Entra ID P1 supports dynamic group management, allowing administrators to automate group memberships based on specific criteria, which simplifies user management and enhances operational efficiency. With features like multifactor authentication and role-based access control, educational institutions can ensure secure and streamlined access to their digital resources, fostering a safe and productive learning environment.
Key features of Microsoft Entra ID P1 in education:
- Conditional Access: Ensures that only authorized users can access specific resources based on predefined conditions.
- Multi-factor authentication (MFA): Adds an extra layer of security by requiring multiple forms of verification.
- Dynamic group management: Automates group memberships based on specific criteria, simplifying user management.
- Role-based access control (RBAC): Allows administrators to assign permissions based on user roles, enhancing security and efficiency.
- Self-service password reset: Enables users to reset their passwords without IT assistance, reducing administrative workload.
- Application proxy: Provides secure remote access to on-premises web applications.
- Identity protection: Detects and responds to identity-based threats, safeguarding sensitive information.
- Single sign-on (SSO): Allows users to access multiple applications with one set of credentials, improving user experience
Microsoft Entra ID A3 features and products
| Feature | Description | Learn more Links |
|---|---|---|
| Fraud Alert | Allow users to report fraud attempts via unknown MFA prompts | Configure Microsoft Entra multifactor authentication settings |
| MFA Reports | Review MFA events and sign-ins | Sign-in event details for Microsoft Entra multifactor authentication |
| MFA Caller ID and Phone Greetings | Configure phone call mfa with Caller ID and customer greetings | Configure Microsoft Entra multifactor authentication |
| Trusted IPs | Configure CA with trusted locations and IP addresses | Conditional Access: Network assignment |
| ADFS Extranet lockout | Protect against brute force password-guessing attacks, while letting valid AD FS users continue to use their accounts | Secure your organization's identities with Microsoft Entra ID |
| MFA for on prem apps | Enable MFA for hybrid on-premises environments | Microsoft Entra multifactor authentication versions and consumption plans - Microsoft Entra |
| Self Service Password Reset | Empower users to reset and recover their own passwords | Reset your work or school password using security info |
| Banned Passwords for on prem AD | Extend the banned password list to your on-premises directory | Microsoft Entra Password Protection |
| CA - MFA for some users | Enable Multi-factor auth for some users in your organization | Deployment considerations for Microsoft Entra multifactor authentication |
| CA - Block Legacy Authentication | Block legacy auth like POP, SMTP, IMAP, and MAPI w/o support for MFA | Block legacy authentication with Conditional Access |
Microsoft Entra ID license comparison
| Feature | Microsoft Entra ID Free | Microsoft Entra ID P1 | Microsoft Entra ID P2 |
|---|---|---|---|
| Conditional Access | No | -Yes- | Yes |
| Multi-Factor Authentication (MFA) | Yes (basic) | -Yes- | Yes |
| Dynamic Group Management | No | -Yes- | Yes |
| Role-Based Access Control (RBAC) | Yes (basic) | -Yes- | Yes |
| Self-Service Password Reset | Yes (cloud users only) | -Yes- | Yes |
| Application Proxy | No | -Yes- | Yes |
| Identity Protection | No | -No- | Yes (includes risk-based Conditional Access) |
| Privileged Identity Management (PIM) | No | -No- | Yes (helps manage and monitor privileged accounts) |
| Access Reviews | No | -No- | Yes |
| Entitlement Management | No | -No- | Yes |
| Identity Governance | No | -No- | Yes |
| Single Sign-On (SSO) | Yes (limited) | -Yes- | Yes |