SC 300 online Tutorial | Microsoft Identity & access management |

and guys I have initiated the recording as well so that we would be able to share the recording to all of you that if in case you want to do some revision you want to go through the recording again you can just do that okay so I think we have a few people who have started working maybe from six months and so right so what I'll try to do is I'll just try to start from a scratch so that anyone who is new to Cloud would be able to adjust easily anyone who's already working on Azure or anyone who has done some prior tradings in Azure probably it would be like a refresher for so we'll try to start from a scratch level now before we start the technical discussion let me share what we are going to cover in this particular course right as you know this course talks about SC300 which is Microsoft identity and access administrator a very warm welcome to all of you now I'll quickly jump onto the course content part what we are going to cover in this particular course right so basically in this particular course we will be talking about these things so we will be setting up Azure ID which is now Microsoft inra ID we'll be talking about identities external identities hybrid identities MFA user authentication conditional access identity protection planning for SSO implementing SSO application registration entitlement management access reviews Pim monitoring Azure R and so on so we'll discuss all these parts and we will discuss all these parts in detail now what role the people play the people who are working as an identity and access administrator so this is the role that they play so the design Implement and operates on organization identity and access management systems by using aure active directory they Pro provide secure authentication and authorization access to Enterprise applications adaptive access and governance are core elements to the role or troubleshooting monitoring reporting for the idty and access environments they identify and run projects to modernize ID Solutions this is a kind of a role the idty access administrative place right there are some prerequisites even if in case we are not meeting the prerequisites we will be covering this during the session if there is any person who is not meeting the prerequisite we can cover that during the session as well right so a person needs to have an understanding understand the security best practices and Industry security concept such as defense in depth lease privilege access role based Access Control shared responsibility and zero trust model they should have some experience deploying Azure workloads right this course doesn't cover General understanding of azure azurity and cloud computing Concepts basic it knowledge or experience working in it environment understanding the difference between authentication and authorization this is the kind of a prerequisite a participant should have anyone has any questions any anything before we Kickstart the technical discussion anyone has any expectations any questions any queries please feel free to ask else we are good to start with the technal discussion see Team I mentioned today is going to be day one so we'll try to keep bit light right let's talk about it see guys even before this Cloud came into the picture we have something called as on premises right in short we also call this as on-prem environment on-prem environment is nothing but the data center environment right on environment is nothing but the data center environment see traditionally what organizations were doing see we are not moving towards identity and exess administrator we are trying toover basics of cloud basics of assure then we will move on to that part so traditionally what organizations were doing they were creating their own data centers right now creating a data center it's not an easy job creating a data center involves huge amount of dollars planning deployment and so on right when we create data centers there are some benefits of data center there are some limitations we get with data center so first benefit is we are getting complete control complete control is in our hands but there are some limitations too for example let's say an organization has a data center and the capacity of data center is we can host 2,000 virtual machines 2,000 machines can be deployed right be it application server be it database server be web server we have the capacity to host 2,000 virtual machines let's say there were some projects which were ongoing and to handle the ongoing projects we have already deployed to handle the ongoing projects we have already deployed 1400 virtual machines there were some projects in the pipeline let's say the projects got approved right let's say the upcoming projects the projects got approved right and now in order to handle the upcoming projects we need to deploy 700 more virtual machines 700 more virtual machines needs to be deployed right okay now would we be able to deploy 700 more virtual machines the answer is no we would not be able to deploy 700 more virtual machines not possible Right can we expand data center yes we can certainly do data center expansion but we cannot expand data center overnight it's not like it can be done in a single minute or single go if we would like to expand data center data center expansion is possible but again see when whenever we are setting up data center what do we need first of all we need to get a place maybe the entire building maybe one of the floor of the building where we would be able to set up data center so either we have to purchase it or we have to take it on lease right then we have to set up the cooling power networking electricity then we have to procure the hardware licenses deployment installation then we have to hire people right just give me one moment guys apologies for the inconvenience right see then we have to hire people right so basically when we are hiring people again that involves for okay apologies for the inconvenience guys I someone stepped at my door right okay so basically we're talking about setting up a data center it's not an easy job right so it involves huge amount of money huge amount of planning right then maybe we have to hire people as well so we need to hire people who would be able to set up the data center right or we need to hire people who would be able to manage data center 24 into 7 right okay uh then what we have to do let's say that is how we would be able to set up the data center yeah your screen uh guys is my screen visible to all of you team please confirm if the screen is visible yes uh yeah I think n other people are able to see it right uh maybe you can just uh disconnect and reconnect hopefully you would be able to see it uh other people are able to see the screen okay so as we see here see data center has some limitations for example this is the limitation right this is a limitation we are getting second thing is now second limitation could be let's say we have an organization an organization name is ABC and this organization has created a data center let's say somewhere in India right in India there's a city called as Bangalore there is one city called as Bangalore there they have created their data center right let's say here we have got dc1 my organization has a client let's say the name of my client is Yahoo my client has some users who are based out in India and for its India based users my client want me to develop an application my client want me to deploy an application and they want to manage the application they want us to manage the application so what I will be doing maybe first of all I will be creating a machine in this machine I will be creating an application we will write the code for this application this application may have a database as well right so everything is good as of now reason my application is running in India in my Bangalore data center whenever these users will try to access the application the latency would be low the performance will be good latency is time taken by a packet to travel the round trip because users are based out in India application is also running in India latency will be low and performance will be good let's say my client is impressed with my services and my client says we have some users who are based out in us and for its US based users my client want me to develop one more application maybe let's say this time they want me to develop an Healthcare based application can I deploy the application over here can I create vm2 application 2 it may have a database 2 I can certainly do this but this is not a good design and why it is not a good design because every time these you US based users will try to access the application request will come from us to India and then we'll go from India to us so latency would be quite high and performance will be bad so this is not a good design so what can we do because the client is important and we are anticipating more business so my organization they can create one more data center right my organization they can create create one more data center so this time they can create a data center let's say somewhere in Us in New York they can create a data center right so here I would be able to deploy vm2 application 2 which may have a different code and it may have a different database so now every time the users will try to access the application latency will be low and performance will be good right latency would be low and performance will be good that is how we would be able to access the application okay but guys is it possible to create data center every now and then as we discussed creating a data center is not an easy job if we would like to let's say after 6 months we are getting some projects in Australia so if we would like to expand data center in Australia can we have to create one more data center or two more data centers let's say after one year we are getting some projects in Europe or in Middle East or in Canada or in Europe so is it possible that we can create data centers every now and then it's not possible to create data centers every now and then right so what we can do is since we cannot create data centers as an organization we cannot spend huge amount of dollars every time that is the reason some big organizations like Microsoft Amazon and Google they came up with a concept of public cloud so these are the public Cloud providers right so these organizations are nothing but the public Cloud providers for example Microsoft public cloud is azure Azure is Microsoft public Cloud Amazon public cloud is AWS Amazon web services and Google public cloud is gcp Google Cloud platforms so what these organizations have done these organizations have deployed data centers across the globe across the globe they have deployed data centers so they have deployed data centers in India China Japan Australia New Zealand UK us right Germany Europe Middle East Africa everywhere they have deploy data centers so tomorrow if we are getting some projects in us there is no need for us to create our own data center we can simply use Microsoft data center over there right right we can simply use Microsoft data center over there after 6 months if we are getting some projects in Europe we can simply use Microsoft data centers over there right let's say after one year we are getting some projects in uh Australia we can simply use Microsoft data centers in Australia we don't need to set up our own data centers we can simply use their data centers over there right okay all right so this is how it may work work right all right so now we basically have three types of cloud environment we have something called as public Cloud we have something called as private cloud and then we have something called as hybrid Cloud so these are three types of cloud environment that we have right so in public Cloud these are the public Cloud providers they are open to everyone a single individual can use it group of people can use it a big Enterprise can use it a small small organization can use it they are open to everyone so in public Cloud Microsoft Is providing us 100 plus Services they're offering us 100 plus services in this public Cloud right for example if we would like to create a database there is a service with the name SQL database we can simply use it service if we want to create virtual machine there is a service with the name virtual machine we can simply use it service if we would like to use if we would like to create Fireball we can simply use Azure Fireball so we we have got 100 plus Services it's offering us 100 plus Services now what is private Cloud an organization they can turn their data center environment into a private Cloud environment right right so basically what an organization can do see they can turn their data center environment into a private Cloud environment right means let's say they would like to offer similar services but they only want to offer those services to the employees of their organization they do not want to offer the services to everyone on this planet they only want to offer similar services but only to the employees of their organization so what they can do an organization can turn a data center environment into a private Cloud environment right third we have something called as hybrid Cloud so when an organization is using both the cloud environments together in order to meet the demand then we call it as hybrid Cloud means when we are using public Cloud along with private Cloud then we call it as a hybrid Cloud right for example when we are deploying an application we deploying the application in dat in public Cloud but database is running in private cloud or could be visce Versa application is running in private Cloud database is ring in public Cloud so we are using both the cloud environments together then we can call it as hybrid Cloud any questions any queries anything guys so far guys if you have any questions any stage please feel free to ask your questions you can unmute yourself and please feel free to ask your questions so any questions any queries guys before we move forward anyone has any questions any queries okay so here I have a question for all of you guys if in case we are looking for maximum security which Cloud do you feel can help us with maximum security which Cloud can provide as the most secure environment and input guys which Cloud can provide us a most secure environment I think all all of the clouds are providing the same kind of services regarding to security wise but none of them yeah one of them is 100% guaranteed that's what I can no out of public private and hybrid which one do you feel where can we achieve the maximum security maximum is private sorry private cloud is always secure private absolutely the right answer is private right what about if we are looking for maximum compliance which Cloud do you feel can help us with maximum compliance in that case proba okay see how do we achieve compliance we achieve compliance by applying policies right so if we go with hybrid Cloud we would be able to achieve the maximum compliance whatever policies we want to apply in public resources we can do that whatever policies we would like to apply in the private Cloud via the group policies we can apply that as well so basically with the help of hybrid Cloud maximum compliance can be achieved and my last question is which Cloud do you feel can provide us the most flexible scenario which Cloud can provide us the most flexibility public okay see again the answer is hybrid let me give you an example here there can be a lot of examples one example is let's say we would like to host two application for one application we want to use koros as the authentic protocol and for second application I would like to use open ID connect as the Authentication Protocol yeah right so is it possible if I go with the public Cloud no in public Cloud we can only achieve open ID connect as the Authentication Protocol if I only go with private I can only get kbos or ntlm as the Authentication Protocol but if I go with hybrid maybe I can host one application in private Cloud there I can host carb cross based application for the Authentication Protocol and one application in priv public Cloud there I can get open ID connect as the Authentication Protocol so with hybrid we are getting the maximum flexibility it can provide us the most flexible scenario any questions any queries anything guys so far before we move forward anyone has any questions any queries use policy what is it is it password pass policy or something different because I know it could be any it could be any policies policies could be anything it could be a password policy it could be a policy let's say let's say one could be password policy whenever anyone is resetting a password we want the person to have minimum eight characters one uppercase one lower case one alpha numeric so it could be a password policy it could be policy based upon the region let's say we are working on a project and there we have to follow a federal law that whatever resources we are deploying the sources should be deployed only in UK so that the data of their customer should not move outside UK then also we can achieve it with the help of policy then we will be deploying any resource be virtual machine be application be database we will put a condition that when we are selecting the regions of UK then only we can deploy it so if anyone will try to deploy it in India or in us the deployment will fail so it could be any policy could be related to password could be related to Virtual Machine application database firewall etc etc etc could be any policy right are we good yeah okay now I'll explain one more topic as we mentioned today is day one so we'll just try to keep it bit light right now guys we discuss in public Cloud it is offering us 100 plus Services right these 100 plus services are divided into three categories we have something called as IAS which we call as infrastructure as service we have something called as paas which we called as platform as service and we have something called as SAS which we called as software as service right so these are three types of services that we have whatever 100 plus services that we are using it will be falling under one of these three categories right so let's see how it works let me give you a very lay and terms example is let's say I would like to book a party I would like to book a get together I would like to book a party maybe for my friends family colleagues and so on right since I would like to book a party so maybe I can go to the maybe I can go to a hotel and I can speak with the hotel manager now when I'm speaking with the hotel manager Hotel manager says they can provide us three options right the first option is Hotel manager says they are only going to provide us space in their hotel they're only going to provide us dedicated space in their hotel apart from space rest everything has to be managed by us right means where my guest is going to sit table chair sofas we need to arrange it where my guest is going to eat food utensils Crockery we need to arrange it where my guest can dance DJ DJ floor music I need to arrange everything so Hotel manager is only going to provide space in their dedicated hotel if I compare this with technology Microsoft says I can provide you space inside my data center but rest everything has to be managed by you right so they are only going to provide space in their data center rest everything will be managed by us means uh the example is virtual machine when we create a virtual machine we are creating this virtual machine in Microsoft Data Center right we are creating this virtual machine in Microsoft data center but rest everything has to be managed by us machines High availability has to be managed by us machines backup scalability patching Windows update all that part will be taken care by us right so what Microsoft is doing Microsoft is only providing space inside their data center rest everything will be managed by us within this machine we will be deploying an application so we need to deploy the application first we need to write the application code so we are responsible for writing the application code so in this case we are responsible for writing the application code deploying the application managing the application deploying the machine managing the machine if machine is not available would we be able to access the application no so machine High availability machine scalability machine patching backup dates everything will be taken care by us right then Hotel manager says I have a plan B for you as per plan B Hotel manager says they are going to provide us dedicated space apart from providing dedicated space they're also going to provide us the underlying infrastructure means apart from providing me dedicated space for the party they are also going to provide me the underlying infrastructure means where my guest can sit table chair sofas they will be providing where my guest can eat food utensils Crockery they will be providing where my guest can dance DJ floor they will be providing right so we just need to manage the other partments which food items we want to be cooked we want to be served we need to manage that part on which music my guest would be able to dance we need to manage that part so rest everything will be provided by the hotel manager if we compare this with technology Microsoft says we can provide you some services for example there is a service called as Azure app services using this Azure app Services we can directly deploy the web applications see in the first case we first need to create a machine and then we were able to deploy the application in second case we can directly go ahead and we can directly deploy the web application this web application will be running on a machine but that machine will be created by Microsoft and that machine will be managed by Microsoft we don't need to worry about the underlying infrastructure we don't need to worry about the underlying machine on which this application is running it's high avability scalability patching updates backup all that part is now taken care by Microsoft so you can keep your entire focus on the application development you can nurture the application enhance the application innovate the application right we don't need to worry about the underlying infrastructure and then last but not the least we have something called as software as service so Hotel manager says I can provide you one more option Hotel manager says I am going to manage everything end to end end to end everything will be managed by the hotel manager right we just need to come along with a guest we just need to enjoy the party we just need to settle the bill and we are good everything will be taken care by the hotel manager if we compare this with technology Microsoft says they can provide us some readymade applications for example Office 365 SharePoint right Salesforce work day it could be third party applications too right it not mandatory need to be Microsoft application see guys in the first case we were writing the application code we were deploying the application and before that we were deploying the machine can we make changes into this application code yes we can do it second case we just need to deploy the application can we make some changes into the application code yes we can do changes into the application code third case we are getting the rade application have we created or have we written the code for Office 365 no can we make some changes into this Office 365 application code no is Office 365 application is it running on our infrastructure running on our machines no so neither we are responsible for writing the code nor we are responsible for developing or deploying the application nor we are responsible for managing the machine on which the application is running we are simply buying a license and we are simply using it right so whenever we will be using any service in Azure it will be falling under one of these three categories either it will be IAS or it will be Pas or it will be SAS okay any questions any queries guys regarding this anyone has any questions any queries so far let me give you one more example of this see guys let's say I would like to travel from my home to airport right I would like to travel from my home to airport so what are my options my one option is I can go via my own car or I can go via my own motorbike right right car or by Bike second option is I can go via cab I can book Uber or Ola or any other cab I can book and third option is I can use some public transport I can go via train via bus via Metro Etc right see in the first case it is working like an infrastructure as service so when we are traveling by our own car who is responsible for the ride from my home to airport I am responsible for the ride right I am responsible for the ride apart from the right I am also responsible for the underlying infrastructure on which I'm traveling who's responsible for car insurance who's responsible for car pollution if in case my car gets punchered who will be responsible to fix it so I am responsible for that particular ride I am also responsible for the underlying infrastructure right I'm responsible for right I'm also responsible for the underlying infrastructure in second case when we are traveling bya Ola or Uber we are not responsible for the underlying infrastructure we are only responsible for the the ride the ride that we will have from home to airport while traveling if in case car gets punchered is it my responsibility to fix it no am I responsible for car insurance or car pollution no but let's say I would like to change the route let's say I have to pick up my friend in between and I'm saying I need to add one more point and I will be making some changes into the route can I do that yes probably I have to pay something extra but I can do all those things es so this time we are not responsible for the underlying infrastructure we are not responsible for the car on which we are traveling we are only responsible for that particular right right third we can travel bya train bus metro in this case neither we are responsible for the underlying infrastructure nor we are responsible for the ride let's say if I'm going by a Metro if I ask the Metro driver to change the route I have to pick up my friend in between is he going to do that no right what I can do in case of train bus and Metro I can simply buy a ticket I can simply buy a token and I can only go from one station to another station that is what best I can do right so that is something that we have over here so what are the benefits that we are getting with Cloud so with Cloud we are getting multiple benefits right so one benefit is we can get scalability we can get elasticity we can get security means there are certain Services by which we can achieve security right we can get predictive cost considerations right so what is pred cost considerations before we deploy something if I want to find out how much it is going to cost me so so there are calculators which are available Neil do you have a question yeah uh actually I have one quick question you said home to airport car bike and Uber hola this all comes under IAS pass and all other stuff this comes under pass okay what about this comes under s this you can consider as I so basically these are some benefits so we can achieve scalability elasticity predictive cost considerations means there are some tools so before we deploy something if we want to find out how much it is going to cost us so we can find out with the help of the tools let's say I would like to deploy five virtual machines to database so before we deploy it if we would like to find out the cost we can find out the cost as well right then basically we are getting Global reach Global reach means if we want to deploy it in Australia India Japan China Europe us UK so we are getting Global reach then we have got customer latency capabilities we can control the latency as well how can we control the latency we should always deploy the resources as close as possible to the user users so if users are based out in India we should deploy the application or database in India users are based out in us we should deploy the application or database as close as possible to the users Etc so these are certain benefits that we are getting with cl right now guys I'm giving you a question to think about it we will be discussing this in the next session so here I have mentioned two points I have mentioned scalability I have also mentioned elasticity so maybe you can take some time right and think about this what is the difference between elasticity and scalability right what is the difference between scalability and elasticity what are the difference between these two and whenever we will be deploying application how are we going to decide whether we should go with scalability or whether we should go with elasticity so this is the kind of a question maybe you can take it as a homework you can think about this think over it over a period of time in the next session we will be discussing this right so what is the difference between scalability and elasticity so guys if you have any questions any queries what we have discussed so far please feel free to ask as I mentioned today is day one we will just try to keep it a bit light we have just started with basics of cloud and then we will be moving more towards the identity side so if you have any questions any queries please feel free to ask or else we are good for today uh I have oneck question like this one do we require any license uh for which one you are referring license would be required licensees like you know license for the training are you referring yeah not training like yeah whatever you know if I want to practice this you will be needing two things you will be needing Azure ad or Microsoft entra adid P2 license and you will be needing a subscription so I'll guide you probably in the next session what all things do you need two will be required a subscription would be required and the premium P2 license would be required I'll also guide you how can you get those things right like the license will be costly again to our alphabit is like do we have I don't know there are two methods either you can buy it there is also a provision to get as a free trial both options are possible so when we go with a free trial you have to put your credit card Microsoft will validate your card I think rupe one or rupe 2 will be dedicted and you will get that back as well yeah how about the other license which you said premium both are available as a free tra even premium is available as a free tra oh okay one month for one month absolutely okay for one month it is available as a free which would be in a fre to do any practice oh no no no because I'm student if I want to practice for a longer term how much they charge me that is the reason I'm asking maybe I do research in the premium license but 30 days it is available for fre three month or four month if I want to use for premium license yeah how much they charge me that is I just want to know I'll I'll give you the work arounds how can you use it for three or four months don't worry can you repeat I'm saying I will provide your work around that how can you use it for three to four months don't worry about it oh okay okay anyway I if I Google it also I can get it know the price of the or is it something like you have any special permissions you can you can just type here Microsoft entra idp2 LIC so here you can get the price so this course if I learn yeah I just want to know for the job purpose I can go and work for any kind of parttime for like a user support role or something am I right absolutely there are so many openings available for the identity and access administrator so you can work as a cloud engineer you can work as a Cloud administrator sorry as a identity administrator there are so many openings available for you if you learn the course well and then will you also cover the any kind of project or something as part of this course we will be doing lot of labs and at the end of the course I can give you a small caps on Project as well with that we can easily you know sustain in the market whatever the finding you me I'm sorry what I'm saying B based on this course yeah practiced very well and all the project whatever you saying lastly we I can sustain in the market absolutely absolutely there are lot of requirement for the idty and access business status absolutely you can sustain in the market yeah think it like this Microsoft has designed this course on its own why Microsoft design any course because there are demand for that particular technology in the market for example Microsoft has designed Azure security course there are requirement for security Engineers they have designed Azure architect course there are requirement for Azure Architects they have designed developer courses there are requirement for developers right so Microsoft only designs a course right when there is a huge requirement for that particular technology in the market hope you're getting my point yeah yeah understand understand and this will be certification also we can utilize after attending this particular training you can appear for the certification as well yeah there are two certification yeah yeah there are two certification one is the attendance certification which we can provide you second is you can clear the Microsoft 300 exam if you clear this exam yeah if you clear this exam you will become identity and access administ status certified by Microsoft okay your course is covering your course is covering this aspect am I right we are we are yeah we are doing the training as for this course curriculum only so that you can clear this exam yeah that is right yeah yeah that is right yeah sorry sorry yeah that is right because I that is all right any questions any queries guys before we call it today no thanks for clarification all right would like Tok thank you all have a good rest of the day take care stay

2024-07-17 18:14

Other news