cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L3 Networker

I'm finding more customers in the same boat - on-prem AD will become a rarity except for maybe government and OT networks.

Our current approach is GP with AAD SSO (SAML), extracting the username from the claim. Alternative is certificates which IMO does not fit the zero-trust model. Both are clunky and require _another_ agent on the endpoint.

I am willing to lab the CIE approach as I do think it is a step in the right direction, although I don't know if we can make it as transparent as the GP approach unless the SSO experience is the same...

Who rated this post