Red Tenant intro

Study of Red Tenant

From pure interest I started to study the thing called Red Tenant. What it is and why it is called Red Tenant.

Red Tenant is not a Microsoft related product name. There are companies which provide Managed Red Tenant -service but my interest is to clarify for myself what is needed to build the red one without selling it outside. Maybe later….

In practice, a “Red Tenant” usually means an isolated admin control plane. The common components are: a dedicated Entra tenant for admin identities, separate admin accounts from normal user accounts, hardened admin devices/PAWs, strict Conditional Access, just-in-time role activation through Microsoft Entra Privileged Identity Management, monitoring/auditing for privileged actions, and controlled ways to manage production tenants or on-premise Active Directory without letting compromise in the normal estate spread into the admin estate.

Thought red tenant is not a Microsoft product I’ll will write it as it would be used with Microsoft products.

This might go south but at least I have tried. Here’s some architecture mockup. I’ll explain later what is included in each layer.

  1. Core
  2. Identity layer
  3. Device layer
  4. Access policy layer
  5. Elevation and governance layer
  6. Monitoring and response layer
  7. Hybrid and Multi-tenant connections

Here was a very short intro to the Red tenant. I’ll be back soon. 

Picture of Jussi Metso
Jussi Metso

Author is a lifelong IT enthusiast, Microsoft Security MVP and interested in Cloud Security, XDR, SIEM and AI. Motto: Learning is the key for your future.

Discover more from Jussi Metso

Subscribe to get the latest posts sent to your email.

SECURITY

Related Posts