All posts tagged Zero Trust

What’s New in Entra Global Secure Access Client v2.28.96

On April 27, 2026, Microsoft announced an update for the Entra Global Secure Access (GSA) client version 2.28.96. This new release includes improvements to the user experience for BYOD scenarios, to surface more information about endpoint status on the main screen, and to Intelligent Local Access (ILA).

Sign Out

Microsoft has changed how the Sign Out button is displayed depending on the device’s join type. With GSA client 2.28.96, the Sign Out button now appears by default only on Microsoft Entra-registered devices. This option is hidden on Microsoft Entra-joined devices but can optionally be displayed by setting a registry key.

Intelligent Local Access

This update also includes changes to the Intelligent Local Access (ILA) feature. Administrators can now assign a private application to multiple private networks. In addition, the GSA client now includes a new Private Access Definitions section on the Forwarding Profile tab of the Advanced Diagnostics tool. This new section includes the Private DNS definitions and a new Private network definitions section, which detail the current ILA configuration, including defined private networks, configured DNS server addresses, the FQDN to resolve for the private network, and the expected IP address for the ILA FQDN.

Additional Changes

GSA client v2.28.96 also includes additional changes to address known issues and bugs.

  • Internet connection test changed from msn.com to www.msftconnecttest.com
  • Additional log data collection, including Kerberos logs and the output of gpresult.exe
  • Log collection includes the list of trusted root Certification Authorities (CAs) on the endpoint

Download GSA v2.28.96

Administrators can download the latest release of the Global Secure Access (GSA) client here.

Additional Information

Global Secure Access Client for Windows v2.28.96

Entra Private Access Intelligent Local Access (ILA)

Entra Private Access and BYOD

Leave a comment
by Richard M. Hicks on April 28, 2026  •  Permalink
Posted in Cloud Service, Enterprise, enterprise mobility, Entra, Entra Global Secure Access, Entra ID, Entra Internet Access, Entra Private Access, Global Secure Access, GSA, ILA, Intelligent Local Access, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra ID, Microsoft Entra Internet Access, Microsoft Entra Private Access, Mobility, public cloud, Remote Access, SASE, Secure Access Service Edge, Secure Service Edge, Security, Security Service Edge, SSE, Windows 10, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on April 28, 2026

https://directaccess.richardhicks.com/2026/04/28/whats-new-in-entra-global-secure-access-client-v2-28-96/

Entra Private Access and VPN Migration Strategies on Entra.News

I recently had the opportunity to connect with Merill Fernando from Microsoft as a guest on his popular Entra.News podcast to discuss Microsoft Entra Private Access, which is part of the Entra Global Secure Access Security Service Edge (SSE) service. We spent the hour talking about the similarities and differences between classic VPN technologies and zero-trust network access (ZTNA). In addition, we discussed some technical aspects of Entra Private Access, and I shared migration and coexistence strategies to help ease the transition to zero trust. Also, we discussed the importance of integrating Entra Conditional Access and the shift from network to application access. You’ll find the interview at Entra.News and also on YouTube. Enjoy!

Additional Information

How to Migrate from Legacy VPN to Entra Private Access – Entra.News

Microsoft Entra Private Access

Always On VPN vs. Entra Private Access

Microsoft Entra Private Access Network Connector Overview and Deployment Strategies

Microsoft Entra Private Access Intelligent Local Access

Leave a comment
by Richard M. Hicks on March 17, 2026  •  Permalink
Posted in Always On VPN, AOVPN, Entra, Entra Conditional Access, Entra Global Secure Access, Entra ID, Entra Private Access, Entra Private Network Connector, Global Secure Access, GSA, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra Private Access, migration, Private Network Connector, SASE, Secure Service Edge, Security, Security Service Edge, SSE, video, VPN, Windows 10, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on March 17, 2026

https://directaccess.richardhicks.com/2026/03/17/entra-private-access-and-vpn-migration-strategies-on-entra-news/

Entra Private Access and Bring Your Own Device (BYOD)

Microsoft Entra Private Access is a Zero Trust Network Access (ZTNA) solution that provides secure access to private enterprise resources. With the release of Global Secure Access (GSA) client version 2.26.108, Microsoft has addressed a crucial functionality gap by adding support for Bring Your Own Device (BYOD), enabling secure access from non-managed endpoints.

BYOD Support in Global Secure Access

Microsoft introduced BYOD support for Entra Private Access with the release of the GSA client version 2.26.108. This update allows the GSA client to be installed on Microsoft Entra-registered devices that are not domain-joined or managed by the organization, enabling secure access to private resources from personal or unmanaged endpoints.

Use Cases

BYOD support in GSA and Entra Private Access enables several common scenarios where network access from managed devices is impractical or unavailable, including:

  • Vendor or contractor access
  • IT incident response from unmanaged endpoints
  • Temporary or seasonal staffing
  • Collaboration with external partners

Replacing Legacy VPN for Ad Hoc Access

Historically, legacy VPN solutions were the primary option for providing ad hoc access to private resources from unmanaged devices. With the introduction of BYOD support in the GSA client, organizations can now extend Entra Private Access to these scenarios without deploying or maintaining a separate VPN infrastructure.

Additional Changes

In addition to adding BYOD support, GSA client v2.26.108 includes the following new enhancements.

  • Improved Intelligent Local Access (ILA) detection
  • Join Type displayed in the client interface
  • GSA traceroute enhancements, including a 50M MB speed test between the client and edge service.

Summary

BYOD support removes a key barrier to adopting Microsoft Entra Private Access. Organizations can now securely provide access to private resources using Zero Trust policies, even when users connect from unmanaged or personal devices, and without relying on legacy VPN solutions.

Additional Information

Microsoft Entra Private Access Bring Your Own Device (BYOD)

Microsoft Global Secure Access Client for Windows v2.26.108

Microsoft Entra Private Access Intelligent Local Access

Always On VPN vs. Entra Private Access

Leave a comment
by Richard M. Hicks on February 10, 2026  •  Permalink
Posted in authentication, Azure Active Directory, Azure AD, Azure AD Join, Azure Conditional Access, cloud, Cloud Service, Conditional Access, Enterprise, enterprise mobility, Entra Conditional Access, Entra Global Secure Access, Entra Private Access, Global Secure Access, GSA, ILA, Intelligent Local Access, Microsoft, Microsoft Entra, Microsoft Entra Global Secure Access, Microsoft Entra ID, Microsoft Entra Private Access, Mobility, Private Network Connector, public cloud, Remote Access, Secure Service Edge, Security, Security Service Edge, VPN, Windows 10, Windows 11, Zero Trust, Zero Trust Network Access, ZTNA
Tagged , , , , , , , , , , , , , , , , , , , ,

Posted by Richard M. Hicks on February 10, 2026

https://directaccess.richardhicks.com/2026/02/10/entra-private-access-and-bring-your-own-device-byod/

« Older Posts