Global Secure Access - Microsoft's Security Service Edge Solution - combines an identity-centric Secure Web Gateway with identity-centric Zero Trust Network Access, marking a significant component of modern Zero Trust architecture when utilized properly.

Last year at the Experts Live DK, I’ve discussed the advantages of replacing outdated VPNs with Zero Trust Network Access solutions, such as Entra Private Access. After a year of numerous proof of concepts, pilots, and several deployments, I’m now eager to share more field experiences and the innovations that have emerged since. In addition Microsoft has started to integrate powerful features based on TLS inspection into the Internet Access part of Global Secure Access.

In this demo packed session we will dive into the different features, explore how you can practically leverage them, and what problems can occur. Additionally, we'll discuss which of the many small and major new functions are particularly relevant, which issues they address, and how GSA may evolve in the medium and long term.

Among other advancements, I will discuss and demonstrate these recently introduced features that address key architectural and operational gaps in previous implementations:

- Intelligent Local Access, which enables policy-based access decisions grounded in device and network locality
- Universal Continuous Access Evaluation, delivering near real-time enforcement of access policies across hybrid and multi-cloud environments
- Private Access for Domain Controllers, enhancing identity infrastructure security through isolated and policy-driven connectivity
- TLS Inspection and its extended capabilities, providing deep visibility and control over encrypted traffic for improved threat detection and compliance