Enhancing Microsoft Entra ID Conditional Access with Tanium Zero Trust – Tanium Tech Talks #119

Zero Trust is a critical consideration for both security and operations teams. Tanium’s integration with Microsoft Entra ID leverages Tanium’s speed and data capabilities to elevate the Conditional Access experience. This integration ensures that users denied access due to an unhealthy endpoint state can be quickly identified and remediated, allowing them to return to productivity faster.

By integrating Tanium Zero Trust with Microsoft Entra ID, organizations can achieve a more secure and efficient Conditional Access setup to ensure users remain productive while maintaining robust security controls.

Watch the video below for a full walkthrough of the Tanium Zero Trust integration with Microsoft Entra ID and to learn how to enhance your Conditional Access policies for better security and user experience.

Key takeaways

• Understanding Entra ID Conditional Access: Entra ID Conditional Access acts as a firewall around applications, determining access based on user identity, location, and device posture. While Microsoft provides some native capabilities, Tanium enhances this with greater flexibility, granularity, and speed.
• Protecting applications vs. network access control: Rob explains the difference between application protection and network access control. Application protection involves granular controls around individual applications based on device posture, whereas network access control typically manages access to physical network ports or Wi-Fi networks.
• Building the Tanium Zero Trust integration: The integration is straightforward, leveraging Tanium’s core strength of quickly retrieving data from numerous devices with minimal endpoint impact. For example, the integration can check if Microsoft Defender antivirus is up-to-date and write attributes to Entra ID based on the results.

Zero Trust is a popular consideration in both the worlds of security and ops teams these days. And Tanium has a large selection of Microsoft integrations where our speed and data really elevate these experiences.

• Real-world use cases: Rob shares a use case from his previous role where Conditional Access policies prevented users from accessing cloud data from personal devices. Tanium’s capabilities allowed for proactive issue detection and resolution, significantly reducing downtime and service desk calls.
• Customer feedback: Customers appreciate the enhanced control and granularity provided by Tanium, allowing for multiple compliance checks and varying degrees of application access based on device health. This approach moves beyond a simple binary compliant/noncompliant model.
• Setting up the integration: Rob walks through the setup process, including configuring app registrations in Azure, defining rules in Tanium, and creating Conditional Access policies in Entra ID. He emphasizes the importance of testing policies in report-only mode to avoid unintended disruptions.

What we have with Tanium really takes that to the next level. All the flexibility and the granularity that you expect, and you have with Tanium, and the speed. And that’s what really sets us apart from the out-of-the-box offerings.

Additional resources

• Interactive Microsoft + Tanium Zero Trust demo
• Tanium Zero Trust documentation
• What is Conditional Access?
• What is Zero Trust?