010: Enable on-prem remote access for web apps without VPN

Overview

Entra ID enables access to individual web applications inside the corporate network using Entra Application Proxy and secure hybrid access, without having to connect to the VPN.

Enabling granular access to internal web applications aligns to zero trust by:

• Reducing the surface area: users don't have wide access to the entire corporate network.
• Policy Enforcement and Administration: administrators can define application specific policies to enforce strong authentication, device posture, etc.

Reference

• Secure hybrid access, protect legacy apps with Microsoft Entra ID - Microsoft Entra ID | Microsoft Learn