You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/fundamentals/active-directory-ops-guide-ops.md
+17-13Lines changed: 17 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -47,7 +47,7 @@ As you review your list, you may find you need to either assign an owner for tas
47
47
-[Assigning administrator roles in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-assign-admin-roles-azure-portal)
48
48
-[Governance in Azure](https://docs.microsoft.com/azure/security/governance-in-azure)
49
49
50
-
## Hybrid Management
50
+
## Hybrid management
51
51
52
52
### Recent versions of on-premises components
53
53
@@ -62,7 +62,7 @@ These components include:
62
62
63
63
Unless one has been established, you should define a process to upgrade these components and rely on the automatic upgrade feature whenever possible. If you find components that are six or more months behind, you should upgrade as soon as possible.
64
64
65
-
#### Hybrid recommended reading
65
+
#### Hybrid management recommended reading
66
66
67
67
-[Azure AD Connect: Automatic upgrade](https://docs.microsoft.com/azure/active-directory/hybrid/how-to-connect-install-automatic-upgrade)
68
68
-[Understand Azure AD Application Proxy connectors | Automatic updates](https://docs.microsoft.com/azure/active-directory/manage-apps/application-proxy-connectors#automatic-updates)
@@ -104,11 +104,11 @@ Adopting best practices can help the optimal operation of on-premises agents. Co
104
104
-[Understand Azure AD Application Proxy connectors](https://docs.microsoft.com/azure/active-directory/manage-apps/application-proxy-connectors)
105
105
-[Azure AD Pass-through Authentication - quickstart](https://docs.microsoft.com/azure/active-directory/hybrid/how-to-connect-pta-quick-start#step-5-ensure-high-availability)
106
106
107
-
## Management at Scale
107
+
## Management at scale
108
108
109
-
### Identity Secure Score
109
+
### Identity secure score
110
110
111
-
The [Identity Secure Score](https://docs.microsoft.com/azure/active-directory/fundamentals/identity-secure-score) provides a quantifiable measure of the security posture of your organization. It is key to constantly review and address findings reported and strive to have the highest score possible. The score helps you to:
111
+
The [identity secure score](https://docs.microsoft.com/azure/active-directory/fundamentals/identity-secure-score) provides a quantifiable measure of the security posture of your organization. It is key to constantly review and address findings reported and strive to have the highest score possible. The score helps you to:
112
112
113
113
- Objectively measure your identity security posture
114
114
- Plan identity security improvements
@@ -145,7 +145,7 @@ Refer to the following table to learn the type of notifications that are sent an
145
145
146
146
-[Change your organization's address, technical contact, and more - Office 365](https://docs.microsoft.com/office365/admin/manage/change-address-contact-and-more)
147
147
148
-
## Operational Surface Area
148
+
## Operational surface area
149
149
150
150
### AD FS lockdown
151
151
@@ -171,10 +171,14 @@ Lock down access to on-premises identity components such as Azure AD Connect, AD
171
171
172
172
There are seven aspects to a secure Identity infrastructure. This list will help you find the actions you should take to optimize the operations for Azure Active Directory (Azure AD).
173
173
174
-
1. Assign owners to key tasks.
175
-
2. Automate the upgrade process for on-premises hybrid components.
176
-
3. Deploy Azure AD Connect Health for monitoring and reporting of Azure AD Connect and AD FS.
177
-
4. Monitor the health of on-premises hybrid components by archiving and analyzing the component agent logs using System Center Operations Manager or a SIEM solution.
178
-
5. Implement security improvements by measuring your security posture with Identity Secure Score.
179
-
6. Lock down AD FS.
180
-
7. Lock down access to machines with on-premises identity components.
174
+
- Assign owners to key tasks.
175
+
- Automate the upgrade process for on-premises hybrid components.
176
+
- Deploy Azure AD Connect Health for monitoring and reporting of Azure AD Connect and AD FS.
177
+
- Monitor the health of on-premises hybrid components by archiving and analyzing the component agent logs using System Center Operations Manager or a SIEM solution.
178
+
- Implement security improvements by measuring your security posture with Identity Secure Score.
179
+
- Lock down AD FS.
180
+
- Lock down access to machines with on-premises identity components.
181
+
182
+
## Next steps
183
+
184
+
Refer to the [Azure AD deployment plans](active-directory-deployment-plans.md) for implementation details on any capabilities you haven't deployed.
0 commit comments