Many IT organizations are looking into Microsoft Azure Active Directory® pricing and trying to wade through their complex pricing model. Before sorting through the details of the Azure AD pricing structure, it is important to understand when to use this cloud identity and access management solution.
When Is Azure a Good Fit?
Azure Active Directory was created to be the user management platform for Azure and Office 365. There is widespread belief that Azure AD is the next generation of the legacy, on-prem Active Directory. It isn’t.
Microsoft has built Azure AD completely separate from AD. The on-prem Active Directory federates its identities to the cloud Azure AD for use with Office 365 and Azure cloud servers. On-prem devices aren’t authenticated by Azure. Cloud servers at AWS or Google Compute Engine aren’t either.
If you are a Windows organizations leveraging Azure, familiarize yourself with both AD and Azure AD solutions. If you have a mixed-platform environment, you probably won’t want to go with either Active Directory variant. Instead, it would be best to shift to an independent IDaaS platform called Directory-as-a-Service®.
Complexities of Azure Active Directory Pricing
If you do think that Azure AD is the right solution for your organization, you will want to dig through the pricing. Much like the on-prem AD, the pricing model is complicated.
You need to start by understanding your current situation. If you have a Microsoft Enterprise Agreement, Open Volume agreement, or are part of the Cloud Solutions Program, you will have a right to certain functionality (Basic and Premium depending upon your specific agreement). If your IT organization isn’t a part of any of those programs, yet you’ve purchased Azure or Office 365, you can purchase Basic or Premium Azure AD services. Microsoft offers four different flavors of Azure Active Directory: Free, Basic, Premium P1, and Premium P2. Each different flavor has different functionality that is included.
While there is a list of features on the Azure AD site, it’s best to have some information at the ready. For example, you will need to know things like the number of objects you want to store, SSO apps you want to connect to, what type of reporting you are interested in, and more. It gets even more complicated because you will need to know if you are responsible for user cals as well.
Features like MFA and privileged identity management are an upsell. Don’t forget that each region and data center within the Azure cloud could be a different price. And if you’re looking for Active Directory Domain Services or Azure Active Directory B2C, they’re under completely different pricing models.
DaaS is the Clear-Cut Solution
Not only is the pricing model complicated but also how Azure AD fits into your identity management architecture. Directory-as-a-Service®, a new generation of cloud identity management platform, has emerged to solve the challenge of securely managing and connecting user identities to systems, applications, and networks regardless of platform or location.
This cloud-hosted directory service works with Windows, macOS, and Linux devices. It is seamlessly integrated with AWS, G Suite, Microsoft Office 365/Azure, and other platforms. Further, it supports a wide variety of protocols, including LDAP, SAML, RADIUS, SSH, and others. Whether the system or application is located at Azure, on-prem, or elsewhere, Directory-as-a-Service tightly controls access to those IT resources.
JumpCloud® Offers Straightforward Pricing
Perhaps best of all regarding the discussion around Azure Active Directory pricing, the model for Directory-as-a-Service is simple and all-inclusive. There are no tiers or different components and features included or excluded. It is one simple price per month. There are no extra fees, no hidden fees, and no per hour charges.
Drop us a note to learn more about Azure Active Directory pricing and how that relates to Directory-as-a-Service. We’d be happy to walk you through the differences and show you how our IDaaS platform can be a cost-effective alternative to Azure Active Directory. You may also give it a try yourself.