Enterprise Mobility + Security E3

Enterprise Mobility + Security E3

Normale prijs
Normale prijs
Delivery : Within 24 hours of order placement.

Are you buying for a business based in EU? Please enter your business VAT number to avail reverse charge. VAT will not be applied at checkout.

Note: VAT will be applicable for businesses based in the Netherlands.

Enterprise Mobility + Security E3 provides a convenient cost effective way for customers to purchase Microsoft’s end user and device cloud services: Azure AD Premium P1, Azure Information Protection Premium P1, Microsoft Advanced Threat Analytics and Microsoft Intune.

Partially Included
Not included
Enterprise Mobility + Security E3
Accounts and security
Security comes standard in all Microsoft products. Use these resources to get secure today and protect against future threats.
 Included apps
       Azure Active Directory 
Azure Active Directory is a comprehensive, highly available identity and access management cloud solution that combines core directory services, advanced identity governance, and application access management. Azure Active Directory also offers a rich, standards-based platform that enables developers to deliver access control to their applications, based on centralized policy and rules.
Premium P1
        Directory objects 
Default usage quota is 150,000 objects. An object is an entry in the directory service, represented by its unique distinguished name. An example of an object is a user entry used for authentication purposes. If you need to exceed this default quota, please contact support. The 500K object limit does not apply for Office 365, Microsoft Intune or any other Microsoft paid online service that relies on Azure Active Directory for directory services.
No object limit
    User/Group Management (add/update/delete)/ User-based provisioning, Device registration
        Single Sign-On (SSO) Pre-integrated SaaS and developer-integrated apps, application proxy apps, self-service app integration templates. Admins can configure SSO and change user access to different SaaS apps, but SSO access is only allowed for 10 apps per user at a time. All Office 365 apps are counted as one app.
        B2B Collaboration 
Azure AD allows for B2B collaboration by enabling the use of a select set of Azure AD features to guest users. A guest user is someone outside of your organization who is invited into your Azure AD tenant. Guest users are not employees, contractors, or onsite agents for you or your affiliates. While some features are free, for any paid Azure AD features, guest users must be licensed as follows: with each Azure AD edition license that you own for an employee or a non-guest user in your tenant, you will also be able to invite up to five guest users to the tenant. The features you can extend to these guest users will depend on the type of Azure AD edition you purchase. There is no charge for inviting a guest user and assigning him/her to an application in Azure AD, for up to ten apps per guest user. Other features of Azure AD 'Free' edition, such as, three basic reports, are also free for guest users. For paid Azure AD features that are extended to guest users, the inviting tenant will need the appropriate number of Basic or Premium P1 or Premium P2 licenses to cover guest users, in the one license: five users ratio as described above. For e.g. one Azure AD Basic license will allow for up to five guest users to be set up for Group Based Access Management and Provisioning. For the 6th guest user, you will need another Azure AD Basic license. Similarly, one Azure AD Premium P1 license will allow for up to five guest users to use Multi-factor authentication feature (plus any Azure AD Basic features). For the 6th guest user that uses MFA, you will need a second Azure AD Premium P1 license.
        Self-Service Password Change for cloud users
        Azure AD Connect 
Sync engine that extends on-premises directories to Azure Active Directory
        Security/Usage Reports 
Azure Active Directory (Azure AD) reports provide a comprehensive view of activity in your environment. The provided data enables you to: determine how your apps and services are utilized by your users, detect potential risks affecting the health of your environment, troubleshoot issues preventing your users from getting their work done.
With Premium P2 you can get lists of users flagged for risk and risky sign-ins, you can examine the most detailed information about the underlying risk events that have been detected for each report, and configure security policies that automatically respond to configured risk levels. Also includes sign-in reports.
        Group-based access management/provisioning
        Self-Service Password Reset for cloud users
        Company Branding (Logon Pages/Access Panel customization)
        Application Proxy
        Advanced group features 
Advanced group features include dynamic groups, group creation permission delegation, group naming policy, group expiration, usage guidelines, and default classification.
        Self-Service Password Reset/Change/Unlock with on-premises writeback
        Device objects two-way synchronization between on-premises directories and Azure AD (Device write-back)
        Multi-Factor Authentication (Cloud and On-premises (MFA Server))
        Microsoft Identity Manager user CAL 
Microsoft Identity Manager Server software rights are granted with Windows Server licenses (any edition). Since Microsoft Identity Manager runs on Windows Server OS, as long as the server is running a valid, licensed copy of Windows Server, then Microsoft Identity Manager can be installed and used on that server. No other separate license is required for Microsoft Identity Manager Server.
        Cloud App Discovery 
Cloud App Discovery provides a comprehensive view into your cloud app usage, enabling you to address Shadow IT. To access the cloud app discovery features go to https://portal.cloudappsecurity.com/ and log in with your Azure AD P1 credentials. Azure AD P2 customers will not need to enter credentials and will be automatically redirected.
        Connect Health 
First monitoring agent requires at least one license. Each additional agent requires 25 additional incremental licenses. Agents monitoring AD FS, AD Connect, and AD DS are considered separate agents.
        Automatic password rollover for group accounts
        Conditional Access based on group and location
        Conditional Access based on device state (Allow access from managed devices)
        3rd party identity governance partners integration
        Terms of Use
        SharePoint Limited Access
        OneDrive for Business Limited Access
        3rd party MFA partner integration (preview)
        Microsoft Cloud App Security integration
        Join a device to Azure AD, Desktop SSO, Windows Hello for Azure AD, Administrator BitLocker recovery Winddows 10 only
        MDM auto-enrollment, Self-Service BitLocker recovery, Additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming Winddows 10 only
       Microsoft Intune 
Enable secure mobile productivity
        Mobile Device Management 
Enroll corporate and personal devices to provision settings, enforce compliance, and protect your corporate data.
        Mobile application management 
Enable secure mobile productivity
        Integrated PC management 
Enable secure mobile productivity
        Integrated on-premises management 
Extend your on-premises management to the cloud from a single console with Microsoft System Center Configuration Manager and Microsoft System Center Endpoint Protection integration for enhanced PC, Mac, Unix/Linux server, and mobile device administration.
       Cloud app Security 
Cloud app security discovery provides a comprehensive view into your cloud app usage, enabling you to address Shadow IT. To access the cloud app discovery features go to https://portal.cloudappsecurity.com/ and log in with your Azure AD P1 credentials. Azure AD P2 customers will not need to enter credentials and will be automatically redirected.
        Discovered cloud apps Cloud apps with similar functionality to Office 365
        Deployment for discovery analysis Manual log upload
        Data loss prevention (DLP) support Available in Office E3 and above
        App permissions and ability to revoke access
        Anomaly detection and behavioral analytics Office 365 apps
        Manual and automatic alert remediation
        SIEM connector Office 365 alerts only
        Integration to Microsoft Intelligent Security Graph
        Activity policies
       Azure Information Protection 
Control and help secure email, documents, and sensitive data that you share outside your company. From easy classification to embedded labels and permissions, enhance data protection at all times with Azure Information Protection-no matter where it's stored or who it's shared with.
Plan 1
        Document classification 
Manual, default, and mandatory document classification and consumption of classified documents
        Bring your own key (BYOK) 
For customer-managed provisioning life cycle. Azure subscription required to use configured key for Bring Your Own Key (BYOK).
        Protection for content in Microsoft services 
Including content in Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft OneDrive for Business.
        On-premises Windows Server file shares content protection 
Azure Information Protection connector with on-premises Windows Server file shares by using the File Classification Infrastructure (FCI) connector
        On-premises Exchange and SharePoint content protection 
Protection for on-premises Exchange and SharePoint content via Azure Information Protection connector
        Custom templates 
Custom templates, including departmental templates
        Azure Information Protection developer kit 
Azure Information Protection software developer kit for all platforms- Windows, Windows Mobile, iOS, Mac OSX, and Android
        Document tracking and revocation
        Protection for non-Microsoft Office file formats 
Including PTXT, PJPG, and PFILE (generic protection)
        Protected content consumption for policy-aware apps 
Azure Information Protection content creation by using work or school accounts
        Protected content creation 
Azure Information Protection content creation by using work or school accounts
        Office 365 Message Encryption
        Administrative control 
Includes activating/deactivating the service, onboarding controls for a phased deployment, usage logging, super user capability for eDiscovery and data recovery, bulk protect/unprotect of files.
     Azure Multi-Factor Authentication 
Safeguard access to data and applications while meeting user demand for a simple sign-on process
     Azure Rights Management 
Protect corporate data by allowing more secure access to company resources and enabling safe sharing of sensitive information inside and outside your organization.