[MUSIC PLAYING] Welcome.
This is Quest Unscripted.
A vlog series on trending topics--
And Quest solutions related to Active Directory--
Office 365--
--oh, and don't forget Azure AD.
You're here because you have questions.
We're here because we have answers--
I think.
We will address questions we've received from customers--
Experiencing the same challenges as you.
All with the goal of helping you confidently move--
Manage--
And secure--
Your Microsoft environment.
We call the show Quest Unscripted because--
Except for this intro--
Nothing we say scripted or rehearsed.
And we're pretty sure you'll notice that right away.
Hey, folks. This is Ghazwan and Bryan with Quest. Hey, Bryan.
Hello.
So I guess today what I wanted to talk about is the Quest's On Demand SaaS offering. And do you want to first introduce Quest On Demand, and then I'll talk about what my questions are going to be?
Yeah, our Quest On Demand portfolio is really our SaaS offerings around the capabilities we have for hybrid management of your on-premise Microsoft ecosystem, as well as the Office 365 ecosystem as well.
Yeah, and currently we have five modules so we have the On Demand Recovery-- we'll talk about this in just a second-- On Demand Migration, On Demand Audit, On Demand License Management, and then On Demand Group Management. So there's five modules. There's a sixth one that's coming up, that's going to be pretty cool, which is going to be On Demand Governance for provisioning of Microsoft Azure and Office 365 workloads, and governing those workloads.
So now, Bryan, that we have five modules in On Demand, why is our story better with all these modules? Why would all these modules, or how do these modules help improve the adoption, and the management, and the migration of customer's Office 365 Azure adoption?
I think it's really that keyword hybrid, and the fact that we're bringing the old with the new everybody is going to [INAUDIBLE] Yet, the legacy environment on-premises Active Directory still exists, is going to keep existing for a period of time. So all the different new features, functionality [INAUDIBLE] is adding is mainly focused towards the new environment, whereas you still need a visibility into both the old and the new.
So let's talk hybrid, and let's talk On Demand Audit. On Demand Audit, from a hybrid mode standpoint, it basically-- and I did a webcast the other day where I basically went in, and actually typed your name. I typed Bryan Patton in On Demand Audit, and I was able to see all the changes that you've done on our on-prem environment. I was able to see all the changes and all the sign-ins, failed or successful, that you've done in Azure.
So from that one screen, I was able to see all your changes on-prem, cloud, and we have multiple tenants, so I was able to see on-prem and multiple tenant information about you, which is kind of cool. From an On Demand Recovery standpoint, can you talk to us about how does the hybrid function or integration kind of works, and like with a specific example?
A good example that comes to mind is conditional access policies. This works from home everybody's [INAUDIBLE] security's been top of mind, so a lot of people use what they already had out there, which was typically a group configuring access for conditional access policy that originated from on-premises. However, [INAUDIBLE] affects that group and you're on-premise that change will then move over into Azure Active Directory, and all those different things you use to configure with that hybrid group would no longer be there.
For example, if I delete the cells group on-premise, it'll delete it in Azure AD. And you would think I'll just restored on-premise everything will be back and good to go. What happens when Azure AD connects, it will then create a new Azure AD group, and those different configurations you did such as conditional access policy settings and things like that, they don't get restored. So this is a gap a lot of people, I truly don't think, are fully aware of.
Well, they don't know because when you do-- when you run AD sync you get back the exact same group name--
It looks the same.
But what you don't know is it's a new object ID. All the associations it had are gone. So you're conditional access policies that this group was assigned to is no longer there. So if I'm a member of that group, I used to go in with say my MFA access policy and be prompted for two-factor authentication, I'm no longer prompted. Although you thought that by re-syncing the group, put it back in place where-- we actually everything is back in place.
But the other thing I wanted to add is with a hybrid component of it, so even if the group is deleted from on-prem, we're tying it back to our on-prem solutions, making sure the group is back in place with the right members, and then we're syncing back using AD connect. And then we are associating-- re-associating everything on the cloud. So that's where the hybrid kind of component plugs-in. And most organizations, if not 100% of our organizations, are so obviously in hybrid mode.
Yeah, I think we give a lot more flexibility with the fact that we can do on-premises, as well as the configuration settings in Azure Active Directory.
Yeah. So let's talk a little bit about the license management. How does license management help organizations? What values do I get with On Demand License Management?
One is just which licenses are out there and actively being used. Why am I going to pay for something that's no longer being used? For example, my kids, they were watching like an anime subscription for quite a while, and every month I would get that little charge like are you even watching this? And eventually, they were not watching
09:22