Sneak Peak:
This blog post describes an alternative MFA-solution for SAP GUI based on the Kerberos protocol. It uses Microsoft Entra Private Access (PA) instead of SLS and IAS to integrate with Entra ID and Entra CA. Entra PA, and its accomanying service Entra Internet Access, are unified under Global Secure Access (GSA) in the Microsoft Entra admin center. Both enforce an identity-centric Zero Trust Network Access (ZTNA) strategy. With ZTNA, access is granted per user to specific services or applications, whereas traditional technologies for secure network access, such as Virtual Private Networks (VPNs), grant access to an entire network.
Navigate to the full post here.