Richard Hicks wrote the book on DirectAccess. Then he wrote the one on Always On VPN. Now he’s here to tell you it’s time to move on from both (and other legacy VPNs). Over the last two years, Richard has helped numerous enterprise customers navigate the shift from legacy VPN to Microsoft Entra Private Access, and he’s collected some hard-learnt lessons along the way that most migration guides won’t tell you.
In this episode, Richard - enterprise security consultant and early Entra Private Access insider - breaks down why traditional VPN is fundamentally broken for today’s threat landscape, how Entra Private Access works under the hood, and the exact crawl-walk-run playbook he uses to migrate enterprise customers without disruption. Plus: his hot take on the Microsoft E7 announcement and why it just changed the pricing conversation forever.
In this episode you’ll learn:
Why your VPN tunnel is a security liability — and how a single compromised device can expose your entire corporate network
How Entra Private Access works differently to traditional VPN, and why that architectural shift matters for security
The “Quick Access” migration strategy that lets you get off legacy VPN fast, without locking everything down on day one
How to deploy the Global Secure Access client alongside your existing VPN — so you can migrate field-based workers without a single disconnection
What most teams get wrong about the Entra Private Network Connector — and the scaling pitfalls that catch enterprises off guard
Why Conditional Access knowledge, not connectivity, is the real key to a successful zero trust migration
The current limitations of Entra Private Access and how to plan around them
We also discuss the new ‘E7’ which includes Entra Private Access
Subscribe with your favorite podcast player or watch on YouTube 👇
About Richard Hicks
Richard Hicks is the founder and principal consultant at Richard M. Hicks Consulting, Inc. A Microsoft Most Valuable Professional (MVP) with more than 30 years of experience implementing secure remote access and public key infrastructure (PKI) solutions, he is a widely recognized enterprise mobility and security infrastructure expert sought after by organizations worldwide. His mission is to help companies provide visibility, control, and assurance for their field-based users and devices, ensuring the highest level of security and productivity for today’s highly mobile workforce.
LinkedIn - https://www.linkedin.com/in/richardhicks/
🔗 Related Links
Richard’s Blog - https://directaccess.richardhicks.com/
Richard M. Hicks Consulting, Inc - https://www.richardhicks.com/
https://directaccess.richardhicks.com/always-on-vpn-vs-entra-private-access/
📗 Chapters
00:00 Intro
01:10 The History of Direct Access and Always On VPN
05:59 Transitioning to Zero Trust and Entra Private Access
11:34 Seamless Side-by-Side VPN Migration
17:37 Using Quick Access to Kickstart Zero Trust
23:43 Changing Mindsets: Identity over IP Addresses
27:55 The New Zero Trust Network Assessment Tool
29:17 Avoiding Pitfalls with the Entra Private Network Connector
33:11 Feature Wishlist: IPv6 and Process Binding
38:46 Hot Takes on the New Entra E7 Suite
Podcast Apps
🎙️ Entra.Chat - https://entra.chat
🎧 Apple Podcast → https://entra.chat/apple
📺 YouTube → https://entra.chat/youtube
📺 Spotify → https://entra.chat/spotify
🎧 Overcast → https://entra.chat/overcast
🎧 Pocketcast → https://entra.chat/pocketcast
🎧 Others → https://entra.chat/rss
Merill’s socials
📺 YouTube → youtube.com/@merillx
👔 LinkedIn → linkedin.com/in/merill
🐤 Twitter → twitter.com/merill
🕺 TikTok → tiktok.com/@merillf
🦋 Bluesky → bsky.app/profile/merill.net
🐘 Mastodon → infosec.exchange/@merill
🧵 Threads → threads.net/@merillf
🤖 GitHub → github.com/merill
