Skip to content

Commit ffc1be8

Browse files
authored
Merge pull request #7967 from MicrosoftDocs/main
4/17/2025 PM Publish
2 parents 7f4b28f + e508f95 commit ffc1be8

5 files changed

Lines changed: 47 additions & 4 deletions

File tree

docs/architecture/gsa-deployment-guide-intro.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ Here are key Global Secure Access deployment scenarios:
1919
- Secure and monitor Microsoft Traffic for on-site and remote employees.
2020
- Secure and monitor internet traffic for on-site and remote employees.
2121

22-
This Deployment Guide helps you to plan and deploy Microsoft Global Secure Access. See [Global Secure Access licensing overview](../global-secure-access/overview-what-is-global-secure-access.md#licensing-overview) for licensing information. While most of the services are generally available (GA), some parts of the service are in public preview. ​
22+
This Deployment Guide helps you to plan and deploy Microsoft Global Secure Access. See [Global Secure Access licensing overview](../global-secure-access/overview-what-is-global-secure-access.md#licensing-overview) for licensing information. While most of the services are generally available (GA), some parts of the service are in public preview. ​See [425 Show: Plan and Implement your Global Secure Access deployment](https://youtu.be/px6dd9ZJ7R0) for a video walk through detailing deployment planning and implementation recommendations.
2323

2424
## Perform a Proof of Concept
2525

@@ -35,6 +35,8 @@ Depending on which capabilities you plan to deploy in a PoC for Microsoft Global
3535
- Deploy and test Microsoft Entra Private Access: One hour
3636
- Close PoC: 30 minutes
3737

38+
See [425 Show: Global Secure Access Proof of Concept Deep Dive](https://youtu.be/BKLvA0p_v1g) for a video walk-through detailing proof of concept procedures.
39+
3840
## Initiate your Global Secure Access project
3941

4042
Project initiation is the first step in any successful project. At the start of project initiation, you decided to implement Microsoft Global Secure Access. Project success depends on you to understand requirements, define success criteria, and ensure appropriate communications. Be sure to manage expectations, outcomes, and responsibilities.
@@ -274,12 +276,14 @@ Congratulations! You completed your Microsoft Global Secure Access deployment. T
274276

275277
## Next steps
276278

279+
- [425 Show: Plan and Implement your Global Secure Access deployment](https://youtu.be/px6dd9ZJ7R0).
277280
- Learn how to accelerate your transition to a Zero Trust security model with [Microsoft Entra Suite and Microsoft's unified security operations platform](https://www.microsoft.com/security/blog/2024/07/11/simplified-zero-trust-security-with-the-microsoft-entra-suite-and-unified-security-operations-platform-now-generally-available/)
278281
- [Microsoft Global Secure Access deployment guide for Microsoft Traffic](gsa-deployment-guide-microsoft-traffic.md)
279282
- [Microsoft Global Secure Access Deployment Guide for Microsoft Entra Internet Access](gsa-deployment-guide-internet-access.md)
280283
- [Microsoft Global Secure Access Deployment Guide for Microsoft Entra Private Access](gsa-deployment-guide-private-access.md)
281284
- [Simulate remote network connectivity using Azure Virtual Network Gateway - Global Secure Access](../global-secure-access/how-to-simulate-remote-network.md)
282285
- [Simulate remote network connectivity using Azure vWAN - Global Secure Access](../global-secure-access/how-to-create-remote-network-vwan.md)
283286
- [Introduction to Global Secure Access Proof of Concept Guidance](gsa-poc-guidance-intro.md)
287+
- [Video - 425 Show: Global Secure Access Proof of Concept Deep Dive](https://youtu.be/BKLvA0p_v1g)
284288
- [Global Secure Access Proof of Concept Guidance - Configure Microsoft Entra Private Access](gsa-poc-private-access.md)
285289
- [Global Secure Access Proof of Concept Guidance - Configure Microsoft Entra Internet Access](gsa-poc-internet-access.md)
Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
---
2+
title: EDR and antivirus coexistence with Global Secure Access client
3+
description: Learn about endpoint detection and response and antivirus solution coexistence with Global Secure Access client.
4+
author: jricketts
5+
manager: martinco
6+
ms.author: jricketts
7+
ms.service: global-secure-access
8+
ms.topic: concept-article
9+
ms.date: 03/28/2025
10+
11+
#CustomerIntent: As an administrator, I want to configure endpoint detection and response and antivirus solution coexistence with Global Secure Access client so that I can improve system performance.
12+
---
13+
# Configure endpoint detection and response and antivirus solution coexistence with Global Secure Access client
14+
15+
Running antivirus solutions such as Microsoft Defender for Endpoint side by side with the Global Secure Access client can affect system performance. If your system experiences [high CPU usage or performance issues](/defender-endpoint/troubleshoot-performance-issues), exclude Global Secure Access client processes from your antivirus solution.
16+
17+
## Configuration overview
18+
19+
In your antivirus solution, configure exclusions and bypasses for all Global Secure Access client processes:
20+
21+
- `C:\Program Files\Global Secure Access Client\GlobalSecureAccessClientManagerService.exe`
22+
- `C:\Program Files\Global Secure Access Client\GlobalSecureAccessEngineService.exe`
23+
- `C:\Program Files\Global Secure Access Client\GlobalSecureAccessETLController.exe`
24+
- `C:\Program Files\Global Secure Access Client\GlobalSecureAccessTunnelingService.exe`
25+
- `C:\Program Files\Global Secure Access Client\TrayApp\\GlobalSecureAccessClient.exe`
26+
- `C:\Program Files\Global Secure Access Client\PolicyService\\GlobalSecureAccessPolicyRetrieverService.exe`
27+
- `C:\Program Files\Global Secure Access Client\LogsCollector\\LogsCollector.exe`
28+
- `C:\Program Files\Global Secure Access Client\AuthenticationRunner\\GlobalSecureAccessAuthenticationRunner.exe`
29+
- `C:\Program Files\Global Secure Access Client\AdvancedDiagnostics\\GlobalSecureAccessClientAdvancedDiagnostics.exe`
30+
31+
To exclude these processes from Microsoft Defender for Endpoint, see [Configure custom exclusions for Microsoft Defender Antivirus](/defender-endpoint/configure-exclusions-microsoft-defender-antivirus).
32+
33+
## Next steps
34+
35+
- Install the Windows client: [The Global Secure Access Client for Windows - Global Secure Access \| Microsoft Learn](how-to-install-windows-client.md)
36+
- Install the macOS client: [The Global Secure Access Client for macOS - Global Secure Access \| Microsoft Learn](how-to-install-macos-client.md)
37+
- Install the Android client: [The Global Secure Access Client for Android - Global Secure Access \| Microsoft Learn](how-to-install-android-client.md)
38+
- Install the iOS client: [The Global Secure Access Client for iOS (Preview) - Global Secure Access \| Microsoft Learn](how-to-install-ios-client.md)

docs/global-secure-access/reference-current-known-limitations.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -225,7 +225,6 @@ Known limitations for remote networks include:
225225

226226
## Access controls limitations
227227
Known limitations for access controls include:
228-
- Continuous access evaluation (CAE) isn't currently supported for Universal Conditional Access for Microsoft traffic.
229228
- Applying Conditional Access policies to Private Access traffic isn't currently supported. To model this behavior, you can apply a Conditional Access policy at the application level for Quick Access and Global Secure Access apps. For more information, see [Apply Conditional Access to Private Access apps](how-to-target-resource-private-access-apps.md).
230229
- Microsoft traffic can be accessed through remote network connectivity without the Global Secure Access Client; however the Conditional Access policy isn't enforced. In other words, Conditional Access policies for the Global Secure Access Microsoft traffic are only enforced when a user has the Global Secure Access Client.
231230
- Compliant network check data plane enforcement (preview) with Continuous Access Evaluation is supported for SharePoint Online and Exchange Online.

docs/global-secure-access/toc.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,8 @@ items:
6161
href: how-to-install-android-client.md
6262
- name: Install the iOS client
6363
href: how-to-install-ios-client.md
64+
- name: EDR/antivirus coexistence with Global Secure Access client
65+
href: concept-edr-antivirus-coexistence.md
6466
- name: Remote networks
6567
expanded: false
6668
items:

docs/workload-id/workload-identity-federation-config-app-trust-managed-identity.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
title: Configure an application to trust a managed identity (preview)
2+
title: Configure an application to trust a managed identity
33
description: Learn how to configure an application to trust a managed identity in Microsoft Entra ID.
44
author: cilwerner
55
manager: CelesteDG
@@ -11,7 +11,7 @@ ms.reviewer: hosamsh
1111
#Customer intent: As an application developer, I want to configure my application to trust a managed identity so that I can access Microsoft Entra protected resources without needing to use or manage application secrets or certificates.
1212
---
1313

14-
# Configure an application to trust a managed identity (preview)
14+
# Configure an application to trust a managed identity
1515

1616
This article describes how to configure a Microsoft Entra application to trust a managed identity. You can then exchange the managed identity token for an access token that can access Microsoft Entra protected resources without needing to use or manage App secrets.
1717

0 commit comments

Comments
 (0)