Microsoft® Azure Active Directory® (Azure AD or AAD) has become a popular choice among IT admins looking to extend their AD credentials to select web applications and Azure infrastructure.
Those looking to introduce a web application SSO platform to their organization may find value in AAD for its ability to manage users and their access to certain web applications. However, for IT teams looking to utilize Azure AD for the purpose of logging and reporting events across their IT resources, AAD may not be the perfect fit.
Below, we’ll discuss Azure AD’s capabilities to help organizations meet compliance standards and troubleshoot their infrastructure, as well as options for admins looking for a comprehensive event logging solution.
Microsoft’s cloud-based identity management platform, Azure AD, is offered at four different pricing tiers. The “Free” tier comes with the purchase of an Office 365™ license or a subscription to the Azure platform. At its most basic, Azure AD offers audit logs for IT teams to evaluate their organization, including adding/removing users, applications, and roles within Azure AD.
If organizations choose to upgrade their Azure AD to either Premium P1 or Premium P2 tiers, they can access sign-in activity reports that provide information on the who, when, and where of users signing in to Azure AD. Beyond that, AAD provides security logs that flag suspicious users (i.e. a user tries to sign in with an expired account) and suspicious login attempts.
Overall, Azure AD’s event logging is ideal for organizations leveraging Windows® systems and applications hosted through Azure’s infrastructure, as AAD’s event reporting records those particular items. If organizations are looking to record event data for their networks (both wired and wireless), systems outside the Windows domain (such as macOS® and Linux®), or applications not hosted (Read more...)