locked
Azure Active Directory Auditing and IP location based restrictions RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello,

    With the 'Syncronised Identity' model whereby we just use DirSync onsite to replicate to Azure AD - would we have access to any of the following features?

    a)Location based restrictions based on IP addresses?

    b)Access to Audit Logs

    c)Device restrictions

    ?

    I know these are available with Federation but what features are available without Federation?

    Friday, November 28, 2014 12:40 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
      1) MFA is available for both Federated and Managed Tenants.
      2) Device Restriction are available for only federated Users.
      3) The following Reports are available:
      Anamaly Reports : Sign ins from unknown sources, Sign ins after multiple failures,Sign ins from multiple geographies.
      Error Reports : Account provisioning errors
      User-specific Reports : sign in activity for a user
      Activity logs : Audit report
     
    Regards,
    Nithin.Rathnakar
    Thursday, December 11, 2014 10:08 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
     Thanks for Posting.
     Apologize for getting the question wrong with my previous reply.
     
     You can consider using Multi-Factor Authentication which provides you the IP whitelisting feature.
     http://blogs.technet.com/b/ad/archive/2014/04/25/enhancing-azure-mfa-with-contextual-ip-address-whitelisting.aspx
     
     You can use access and usage reports to gain visibility into the integrity and security of your organization’s Azure Active Directory (AD) tenant. With this information, a tenant admin can better determine where possible security risks may lie so that they can adequately plan to mitigate those risks. Some advanced anomaly and resource usage reports are only available when you enable Azure Active Directory Premium and Basic.
     http://msdn.microsoft.com/en-us/library/azure/dn283934.aspx
     
     Could you elaborate on exactly what you mean by "Device Restrictions"
     
    Regards,
    Nithin.Rathnakar
    Wednesday, December 3, 2014 6:06 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    G'day,

    Thank you for your contributions to this thread, if you can reply to each of these queries that would be great.

    1)Multi-Factor authentication is available to Federated Microsoft Tennants only - is this correct (yes or no)?

    2)by device restrictions it means being able to allow company but not Android devices or Iphones as an example without Federating?

    3)What audit logs are available without Federation (eg at the moment we only use DirSync because of Exchange Online Protection). 

    The reason we ask is that we are looking at the option not to Federate our systems and we need to know what limitations this has if we use the 'Syncronised Identity Model'.

    Thank you.

    Wednesday, December 3, 2014 7:02 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
      1) MFA is available for both Federated and Managed Tenants.
      2) Device Restriction are available for only federated Users.
      3) The following Reports are available:
      Anamaly Reports : Sign ins from unknown sources, Sign ins after multiple failures,Sign ins from multiple geographies.
      Error Reports : Account provisioning errors
      User-specific Reports : sign in activity for a user
      Activity logs : Audit report
     
    Regards,
    Nithin.Rathnakar
    Thursday, December 11, 2014 10:08 AM