Quickstart: Create a remote network, apply Conditional Access, and review the logs
Microsoft Entra Internet Access isolates the traffic for Microsoft applications and resources, such as Exchange Online and SharePoint Online. Users can access these resources by connecting to the Global Secure Access client or through a remote network, such as in a branch office location.
This quickstart shows you the steps needed to create a remote network and start acquiring Microsoft traffic. To learn more about Global Secure Access, see What is Global Secure Access?
Prerequisites
Administrators who interact with Global Secure Access features must have the Global Secure Access Administrator role. Some features might also require other roles.
To follow the Zero Trust principle of least privilege, consider using Privileged Identity Management (PIM) to activate just-in-time privileged role assignments.
The product requires licensing. For details, see the licensing section of What is Global Secure Access?. If needed, you can purchase licenses or get trial licenses. To use the Microsoft traffic forwarding profile, a Microsoft 365 E3 license is recommended.
Create a remote network, apply Conditional Access, and review the logs
- Create a remote network.
- Target the Microsoft traffic profile with Conditional Access policy.
- Review the Global Secure Access logs.
After you complete these optional steps, users can connect to Microsoft services without the Global Secure Access client if they're connecting through the remote network you created and if they meet the conditions you added to the Conditional Access policy.