List Price: $6/user/month. Discounted Price: $5.70/user/month = $68.40/user/year.
Subscription Period: 1 Year
Our Platinum Customers receive additional discounts.
Azure Active Directory Premium, built on top of the free offering of Microsoft Azure AD, provides a robust set of capabilities to empower enterprises with more demanding needs on identity and access management.
- No object limit for Directory Objects
- User/Group Management
- SSO (No Limit)
- Self Service Password Change
- Security/Usage Reports (Advanced Reports)
- Group-based access management/provisioning
- Self-Service Password Reset for cloud users
- Company Branding (Logon Pages/Access Panel customization)
- Application Proxy
- Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups
- Self-Service Password Reset/Change/Unlock with on-premises writeback
- Multi-Factor Authentication (Cloud and On-premises (MFA Server))
- Microsoft Identity Manager user CAL
- Cloud App Discovery
- Connect Health
Get more done
Any developer or IT professional can be productive with Azure. The integrated tools, pre-built templates and managed services make it easier to build and manage enterprise, mobile, Web and Internet of Things (IoT) apps faster, using skills you already have and technologies you already know. Microsoft is also the only vendor positioned as a Leader across Gartner's Magic Quadrants for Cloud Infrastructure as a Service, Application Platform as a Service, and Cloud Storage Services for the second consecutive year.
Use an open and flexible cloud service platform
Extend your existing IT
Some cloud providers make you choose between your datacenter and the cloud. Not Azure, which easily integrates with your existing IT environment through the largest network of secure private connections, hybrid database, and storage solutions, and data residency and encryption features - so your assets stay right where you need them. And with Azure Stack, you can bring the Azure model of application development and deployment to your datacenter. Azure hybrid cloud solutions give you the best of both worlds: more IT options, less complexity, and cost. It's why it's one of the best cloud computing services available.
Scale as you need, pay as you go
Azure's pay-as-you-go services can quickly scale up or down to match demand, so you can only pay for what you use. Per-minute billing and a commitment to match competitor prices for popular infrastructure services like compute, storage, and bandwidth mean you're always getting an unbeatable price for performance.
Protect your data
We know some organizations are still wary of the cloud. That's why Microsoft has made an industry-leading commitment to the protection and privacy of your data. We were the first cloud provider recognized by the European Union's data protection authorities for our commitment to rigorous EU privacy laws. Microsoft was also the first major cloud provider to adopt the new international cloud privacy standard, ISO 27018. We also launched Azure Government, a stand-alone version of Azure designed to meet the rigorous compliance requirements of U.S. public agencies.
Run your apps anywhere
As the best cloud service from Microsoft, Azure runs on a worldwide network of Microsoft-managed datacenters across 26 regions - more countries and regions than Amazon Web Services and Google Cloud combined. This fast-growing global footprint gives you lots of options for running applications and ensuring great customer performance. Azure is also the first multinational cloud provider in mainland China.
Make smarter decisions
Azure's predictive analytics services, including Machine Learning, Cortana Analytics, and Stream Analytics, are redefining business intelligence. Make smarter decisions, improve customer service, and uncover new business possibilities from our structured, unstructured, and streaming Internet of Things data.
Rely on a trusted cloud service
Unsure how to choose a cloud service provider? From small-dev test projects to global product launches, Azure is engineered to handle any workload. More than 66 percent of Fortune 500 companies rely on Azure, which offers enterprise grade SLAs on services, 24/7 tech support, and round-the-clock service health monitoring. Customers include Skanska, Heineken, 3M, Dyson, Paul Smith, Mazda, GE Healthcare, Trek, McKesson, Milliman, Towers Watson, NBC Sports, TVB, and many, many more.
Azure Active Directory Premium includes:
Unlimited directory objects
There is no object limit for Azure Activity Directory Premium. An object is an entry in the directory service, represented by its unique distinguished name. An example of an object is a user entry used for authentication purposes.
User and group management (add/update/delete), user-based provisioning, and device registration
The Azure Management Portal, Office 365 Admin Center, Microsoft Intune account portal and the Azure Active Directory (Azure AD) cmdlets all read from and write to a single shared instance of Azure AD that is associated with your organization’s directory. In this way, portals (or cmdlets) act as a front-end interface that take in and/or modify your directory data. Azure AD Device Registration is the foundation for device-based conditional access scenarios, and can be used to authenticate your devices and applications in the cloud and on-premises.
Azure Active Directory Premium end users who have been assigned access to SaaS apps, can see any number of apps in their Access Panel and get SSO access to them. Admins can configure SSO and assign user access to as many SaaS apps as they want with Premium. Premium users can also utilize the self-service app integration templates.
Self-service password change for cloud users
Users can change their own passwords at any time by entering their old password and selecting a new password using the user password change portal via the Access Panel profile page, or by clicking the "change password" link from within Office 365 applications.
Connect (Sync engine that extends on-premises directories to Azure Active Directory)
Azure Active Directory Connect, is a simple, fast and lightweight tool to connect on-premises directories and Azure Active Directory in a few clicks. Azure AD Connect will guide you to synchronize only the data you really need from single or multi-forest environments and will enable single sign-on via password sync or federation with AD FS to Office 365 and thousands of other SaaS applications.
Security and usage reports
Monitor and protect access to your cloud applications by viewing detailed logs showing more advanced anomalies and inconsistent access pattern reports. Advanced reports are machine learning-based and can help you gain new insights to improve access security and respond to potential threats. Azure Active Directory Premium allows for three different anomalous activity reports.
Group-based access management/provisioning
Use groups to provision users and assign user access in bulk to thousands of SaaS applications. These groups can either be created solely in the cloud or you can leverage existing groups that have been synced in from your on-premises Active Directory.
Self-service password reset for cloud users
Azure has always allowed directory administrators to reset passwords. With Azure Active Directory Basic, you can now reduce helpdesk calls when your users forget a password by giving all users in your directory the capability to reset their password, using the same sign in experience they have for Office 365.
Company branding (sign-in pages and access panel customization)
To make the end user experience even better, you can add your company logo and color schemes to your organization’s sign-in and user app-launching pages. Once you’ve added your logo, you also have the option to add localized versions of the logo for different languages and locales.
Give your employees secure access to on-premises applications like SharePoint and Exchange/OWA from the cloud using Azure Active Directory.
Service level agreements
We guarantee at least 99.9% availability of the Azure Active Directory Basic service. The services are considered available in the following scenarios: Users are able to login to the service, sign-in to the Access Panel, access applications on the Access Panel and reset passwords. IT administrators are able to create, read, write and delete entries in the directory or provision or de-provision users to applications in the directory.
Self-service group and app management, self-service application additions, and dynamic groups
Azure Active Directory Premium simplifies day-to-day administration of groups by enabling users to create groups, request access to other groups, delegate group ownership so others can approve requests and maintain their group’s memberships.
Self-service password management with on-premises write-back
Self-service password reset, change, and unlock can be written back to on-premises directories for added security and reliability for Azure Active Directory Premium.
Multi-factor authentication (cloud and on-premises(MFA server))
Multi-Factor Authentication can help you to secure access to on-premises applications (VPN, RADIUS, etc.), Azure, Microsoft Online Services like Office 365 and Dynamics CRM Online, and thousands of Non-MS Cloud services pre-integrated with Azure Active Directory. Simply enable Multi-Factor Authentication for Azure Active Directory identities, and users will be prompted to set up additional verification the next time they sign in.
MIM Cal + MIM Server
Use a Microsoft Identity Manager (MIM) Server (and CALs) in your on-premises network to support any combination of Hybrid Identity solutions. This is a great option if you have a variation of on-premises directories and databases that you want to sync directly to Azure Active Directory. MIM CALs are granted based on the allocation of an Azure Active Directory premium user license.
Cloud App Discovery
With Cloud App Discovery, an Azure AD Premium module, IT departments can now have visibility into all the cloud apps, business and consumer ones, that are used in their organization and reveal shadow IT. Additionally, they can get details on usage patterns and identify the users that are accessing the discovered applications. IT teams can then take steps to integrate the newly discovered applications they want with Azure Active Directory for better management directly within the Cloud App Discovery console.
Connect Health, is an Azure AD Premium feature that will help monitor and gain insights into your identity components, such as ADFS infrastructure, that are used to extend on-premises directories to Azure Active Directory and Office 365.
Automatic password rollover
For group accounts, passwords can be set to automatically change at a preset interval. This capability helps to further protect your sensitive information with new automatically generated and complex passwords.
Identity Protection helps you protect your organization from compromised accounts, identity attacks, and configuration issues. It provides a consolidated view into suspicious sign-in activities and potential vulnerabilities based on signals like brute force attacks and sign-ins from unfamiliar locations and devices and via notifications, analysis, and remediation recommendations protect against these activities in real-time. Based on these activities, a user risk severity is calculated and Risk-Based policies can be configured and automatically protect your identities from future threats. These policies in addition to other conditional access controls can block access or offer adaptive remediation actions that include password resets and Multi-Factor Authentication.
Work with familiar, integrated Microsoft tools
Organizations using Microsoft tools like SharePoint, Outlook, and Office 365 will be able to seamlessly integrate with Microsoft Azure. Azure is also able to use the same virtual machines as on-premise, whether that be Linux or Windows.
Choose between IaaS and PaaS
With Microsoft Azure being an industry leader in both IaaS and PaaS, companies that require unique features and customizations reflecting their industry position will be able to get the most out of Azure's cloud services.
Take advantage of BI and analytics support
Azure is integrated with SQL and NoSQL data services, and tools that can deeply analyze data, uncovering hidden insights in your organization's workflow. Microsoft Azure's Hadoop-based cloud service, HDInsight, can also build Hadoop clusters to analyze Big Data.