diff --git a/Scenarios/entra-suite-poc-overview.md b/Scenarios/entra-suite-poc-overview.md
index a4168a0..e3483c1 100644
--- a/Scenarios/entra-suite-poc-overview.md
+++ b/Scenarios/entra-suite-poc-overview.md
@@ -1,54 +1,90 @@
-**Entra Suite POC Overview
**
+# Entra Suite POC Overview
+## Microsoft Entra Suite Capabilities
-**Microsoft Entra Suite Capabilities
**
+
-
+## PoC | Timeline
-**PoC | Timeline
**
+
-
-
-**Logistics
**
+## Logistics
- Each stage will only require participation of a subset of stakeholders from customers.
- There are some pre-requisites for each scenario.
- We recommend completing phases 2-4 as close together as feasible.
-
-**PoC | Pre-work
**
+## PoC | Pre-work
Identify resources to onboard. Recommendations:
+
- Ensure all prerequisites are met for each scenario, and that the appropriate roles and stakeholders are available for this Proof of Concept (POC).
+## PoC | Phase 1: Intro
+
+
+
+| Role | Responsability |
+| ----- | -------- |
+| Microsoft Entra ID Global Admin | -> Activate trials and initial setup |
+| Security Team | -> Validate Entra suite secure access approach |
+| Network Team | -> Validate Entra suite secure access aproach |
+| All mentioned roles above | -> Review Prerequisites and scenarios |
+
+**Table 1:** Roles for Intro phase
+
+## PoC | Phase 2: Enhanced workforce and guest lifecycle
-**PoC | Phase 1: Intro
**
+
-
-
+| Role | Responsability / Function |
+| ----- | -------- |
+| Global Administrator or authentication policy administrator & application administrator | -> Configure Microsoft Entra Verified ID |
+| Global Administrator Or Security Administrator | -> Add trusted External Organization (For B2B Scenario - Optional) |
+| Global Administrator Or Identity Governance Administrator | -> Create Entitlement Management Catalog and Access Packages |
+| Test End User | -> Test and Validate user onboarding process |
+**Table 1:** Roles for Intro phase
-**PoC | Phase 2: Enhanced workforce and guest lifecycle
**
+## PoC | Phase 3: Modernize remote access
-
-
+
+| Role / Pre-requisite | Responsability / Function |
+| ----- | -------- |
+| Global Administrator | -> Configure Global Secure Access|
+| Groups or Users Administrator | -> Create test groups and users |
+| Windows client device - W10,W11 - Entra Joined or Hybrid Joined | -> Client test for private access |
+| Windows Server 2012 R2 or later | -> Secure access connector server |
+| Test End User | -> Test and validate Entra private access |
+**Table 1:** Roles for Intro phase
-**PoC | Phase 3: Modernize remote access
**
+## PoC | Phase 4: Govern Internet Access based on business needs
-
-
+
+| Role / Pre-requisite | Responsability / Function |
+| ----- | -------- |
+| Global Administrator | -> Configure Global Secure Access|
+| Groups or Users Administrator | -> Create test groups and users |
+| Windows client device - W10,W11 - Entra Joined or Hybrid Joined | -> Client test for private access |
+| Test End User | -> Test and validate Entra internet access |
+**Table 1:** Roles for Intro phase
-**PoC | Phase 4: Govern Internet Access based on business needs
**
+## PoC | Phase 5: Close-out
-
-
+
+## Wrap-up session (1 hour)
+**Who?**
-**PoC | Phase 5: Close-out
**
+ * All teams
+ * Leadership team
-
+**Goal**
+* Present top findings to leadership
+* Discuss strategy to further implement
+* Collect Feedback
\ No newline at end of file
diff --git a/TrainingHubs/TrainingHubs.md b/TrainingHubs/TrainingHubs.md
index 46422b5..7a4d27e 100644
--- a/TrainingHubs/TrainingHubs.md
+++ b/TrainingHubs/TrainingHubs.md
@@ -1,3 +1,7 @@
+---
+sidebar_position: 8
+title: Product Training Hubs
+---
# Products Training Hubs
Explore the products included in the Entra Suite with our Training Hubs and POC-in-a-Box resources
diff --git a/images/EntraSuiteOverall.png b/images/EntraSuiteOverall.png
new file mode 100644
index 0000000..122d39d
Binary files /dev/null and b/images/EntraSuiteOverall.png differ
diff --git a/images/EntraSuiteProducts.png b/images/EntraSuiteProducts.png
new file mode 100644
index 0000000..7201915
Binary files /dev/null and b/images/EntraSuiteProducts.png differ
diff --git a/images/Intro.png b/images/Intro.png
new file mode 100644
index 0000000..1e7d287
Binary files /dev/null and b/images/Intro.png differ
diff --git a/images/closeout.png b/images/closeout.png
new file mode 100644
index 0000000..e7b4e8b
Binary files /dev/null and b/images/closeout.png differ
diff --git a/images/scenario1.png b/images/scenario1.png
new file mode 100644
index 0000000..5ac39ca
Binary files /dev/null and b/images/scenario1.png differ
diff --git a/images/scenario2.png b/images/scenario2.png
new file mode 100644
index 0000000..0501892
Binary files /dev/null and b/images/scenario2.png differ
diff --git a/images/scenario3.png b/images/scenario3.png
new file mode 100644
index 0000000..fde7bfa
Binary files /dev/null and b/images/scenario3.png differ
diff --git a/images/scope.png b/images/scope.png
new file mode 100644
index 0000000..861ba19
Binary files /dev/null and b/images/scope.png differ
diff --git a/images/timeline.png b/images/timeline.png
new file mode 100644
index 0000000..b738d37
Binary files /dev/null and b/images/timeline.png differ
diff --git a/website/docs/Partners/Partners.md b/website/docs/Partners/Partners.md
index 4449aff..0bd187b 100644
--- a/website/docs/Partners/Partners.md
+++ b/website/docs/Partners/Partners.md
@@ -1,5 +1,5 @@
---
-sidebar_position: 4
+sidebar_position: 7
title: Service Partners resources
---
diff --git a/website/docs/PublicDocs/docs.md b/website/docs/PublicDocs/docs.md
index c01ec89..d4d37fa 100644
--- a/website/docs/PublicDocs/docs.md
+++ b/website/docs/PublicDocs/docs.md
@@ -1,5 +1,5 @@
---
-sidebar_position: 5
+sidebar_position: 9
title: Licensing and Documentation
---
diff --git a/website/docs/Scenarios/Readme.md b/website/docs/Scenarios/Readme.md
index 22bf2e3..457d54c 100644
--- a/website/docs/Scenarios/Readme.md
+++ b/website/docs/Scenarios/Readme.md
@@ -6,7 +6,7 @@ title: Entra Suite POC in a Box
Explore our real-life scenarios that articulate the value of Microsoft Entra Suite and how its capabilities work together.
-- [Entra Suite POC Overview](../Assets/01-Entra_Suite_POC_Overview.pptx)
+- [Entra Suite POC Overview](./entra-suite-poc-overview.md)
### Microsoft Entra Suite Scenarios
diff --git a/website/docs/Scenarios/Scenario1.md b/website/docs/Scenarios/Scenario1.md
index 02aaa9c..6e82a87 100644
--- a/website/docs/Scenarios/Scenario1.md
+++ b/website/docs/Scenarios/Scenario1.md
@@ -1,8 +1,14 @@
-# Microsoft Entra Suite Scenario 1
+---
+sidebar_position: 4
+title: Enhanced workforce and guest lifecycle
+---
+# Enhanced workforce and guest lifecycle
+
+> Secure and governed access to all applications and resources
-## Enhanced workforce and guest lifecycle (Secure and governed access to all applications and resources)
## Introduction
-In this guide, we describe how to configure Microsoft Entra Suite products for a scenario in which the fictional organization, Contoso, wants to hire new remote employees and provide them with secure and seamless access to necessary apps and resources.
+
+In this guide, we describe how to configure Microsoft Entra Suite products for a scenario in which the fictional organization, Contoso, wants to hire new remote employees and provide them with secure and seamless access to necessary apps and resources.
They want to invite and collaborate with external users (such as partners, vendors, or customers) and provide them with access to relevant apps and resources.
Contoso uses Microsoft Entra Verified ID to issue and verify digital proofs of identity and status for new remote employees (based on human resources data) and external users (based on email invitations). Digital wallets store identity proof and status to allow access to apps and resources. As an additional security measure, Contoso may verify identity with FaceCheck facial recognition based on the picture that the credential stores.
@@ -18,6 +24,7 @@ Employees and external users can request access packages through a self-service
Contoso uses Microsoft Entra Identity Protection and Conditional Access (CA) to monitor and protect accounts from risky sign-ins and user behavior. They enforce appropriate access controls based on location, device, and risk level
## Configure prerequisites
+
To successfully deploy and test the solution, configure the prerequisites that we describe in this section.
Configure Microsoft Entra Verified ID
For this scenario, complete these prerequisite steps to configure Microsoft Entra Verified ID with Quick setup (Preview):
diff --git a/website/docs/Scenarios/Scenario2.md b/website/docs/Scenarios/Scenario2.md
index c21840f..5d4bbe5 100644
--- a/website/docs/Scenarios/Scenario2.md
+++ b/website/docs/Scenarios/Scenario2.md
@@ -1,6 +1,11 @@
-# Microsoft Entra Suite Scenario 2
+---
+sidebar_position: 5
+title: Modernize remote access
+---
-## Modernize remote access (Secure and governed access to all applications and resources)
+# Modernize remote access
+
+> Secure and governed access to all applications and resources
## Introduction
@@ -13,6 +18,7 @@ Remote users can connect to private apps across hybrid and multi-cloud environme
Microsoft Entra ID Protection cloud-based identity and access management (IAM) solution helps protect user identities and credentials from compromise.
You can replicate these high-level steps for the Contoso solution as described in this guide.
+
1.Sign up for Microsoft Entra Suite. Enable and configure Microsoft Entra Internet and Private Access to desired network and security settings.
2.Deploy [Microsoft Global Secure Access client](https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-install-windows-client) on user devices and [Microsoft Entra Private Access connector](https://learn.microsoft.com/en-us/entra/architecture/sse-deployment-guide-private-access)s on private networks. Include multi-cloud IaaS based virtual networks to access apps and resources on Contoso networks.
diff --git a/website/docs/Scenarios/Scenario3.md b/website/docs/Scenarios/Scenario3.md
index a1476c7..1485841 100644
--- a/website/docs/Scenarios/Scenario3.md
+++ b/website/docs/Scenarios/Scenario3.md
@@ -1,6 +1,11 @@
-# Microsoft Entra Suite Scenario 3
+---
+sidebar_position: 6
+title: Govern internet access based on business needs
+---
-## Govern internet access based on business needs (Secure and governed access to all applications and resources)
+# Govern internet access based on business needs
+
+> Secure and governed access to all applications and resources
## Introduction
@@ -11,16 +16,22 @@ In an example scenario for which we describe how to configure its solution in th
In another example scenario and corresponding solution, a SOC analyst needs to access a group of high-risk internet destinations for a specific time to investigate an incident. The SOC analyst can make that request in My Access. Upon approval, they become a member of a group that grants them access to high-risk internet destinations.
You can replicate these high-level steps for the Contoso solution as described in this guide.
-1. Sign up for Microsoft Entra Suite. Enable and configure Microsoft Entra Internet Access for desired network and security settings.
-2. Deploy [Microsoft Global Secure Access clients](https://learn.microsoft.com/en-us/entra/global-secure-access/concept-clients) on users� devices. Enable Microsoft Entra Internet Access.
-3. Create a security profile and web content filtering policies with a restrictive baseline policy that blocks specific web categories and web destinations for all users.
-4. Create a security profile and web content filtering policies that allows access to social networking sites.
-5. Create a security profile that enables the Hacking web category.
-6. Use [Microsoft Entra ID Governance](https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview) to allow users requesting access to access packages such as:
+
+1. Sign up for Microsoft Entra Suite. Enable and configure Microsoft Entra Internet Access for desired network and security settings.
+
+2. Deploy [Microsoft Global Secure Access clients](https://learn.microsoft.com/en-us/entra/global-secure-access/concept-clients) on users� devices. Enable Microsoft Entra Internet Access.
+
+3. Create a security profile and web content filtering policies with a restrictive baseline policy that blocks specific web categories and web destinations for all users.
+
+4. Create a security profile and web content filtering policies that allows access to social networking sites.
+
+5. Create a security profile that enables the Hacking web category.
+
+6. Use [Microsoft Entra ID Governance](https://learn.microsoft.com/en-us/entra/id-governance/identity-governance-overview) to allow users requesting access to access packages such as:
* Marketing department users can request access to social networking sites with a quarterly access review.
* SOC team members can request access to high-risk internet destinations with a time limit of eight hours.
-7. Create and link two [Conditional Access policies](https://learn.microsoft.com/en-us/entra/identity/conditional-access/plan-conditional-access) using the Global Secure Access security profile session control. Scope the policy to groups of users for enforcement.
-8. Confirm that traffic is appropriately granted with traffic logs in Global Secure Access. Ensure that Marketing department users can access the access package in the My Access portal.
+7. Create and link two [Conditional Access policies](https://learn.microsoft.com/en-us/entra/identity/conditional-access/plan-conditional-access) using the Global Secure Access security profile session control. Scope the policy to groups of users for enforcement.
+8. Confirm that traffic is appropriately granted with traffic logs in Global Secure Access. Ensure that Marketing department users can access the access package in the My Access portal.
These are the benefits of using these solutions together:
* **Least privilege access to internet destinations**. Reduce internet resource access to only what the user requires for their job role through the joiner/mover/leaver cycle. This approach reduces end user and device compromise risk.
* **Simplified and unified management**. Manage network and security functions from a single cloud-based console, reducing complexity and cost of maintaining multiple solutions and appliances.
diff --git a/website/docs/Scenarios/entra-suite-poc-overview.md b/website/docs/Scenarios/entra-suite-poc-overview.md
new file mode 100644
index 0000000..61e2138
--- /dev/null
+++ b/website/docs/Scenarios/entra-suite-poc-overview.md
@@ -0,0 +1,95 @@
+---
+sidebar_position: 3
+title: POC Overview
+---
+# Entra Suite POC Overview
+
+## Microsoft Entra Suite Capabilities
+
+
+
+## PoC | Timeline
+
+
+
+## Logistics
+
+- Each stage will only require participation of a subset of stakeholders from customers.
+- There are some pre-requisites for each scenario.
+- We recommend completing phases 2-4 as close together as feasible.
+
+## PoC | Pre-work
+
+Identify resources to onboard. Recommendations:
+
+- Ensure all prerequisites are met for each scenario, and that the appropriate roles and stakeholders are available for this Proof of Concept (POC).
+
+## PoC | Phase 1: Intro
+
+
+
+| Role | Responsability |
+| ----- | -------- |
+| Microsoft Entra ID Global Admin | -> Activate trials and initial setup |
+| Security Team | -> Validate Entra suite secure access approach |
+| Network Team | -> Validate Entra suite secure access aproach |
+| All mentioned roles above | -> Review Prerequisites and scenarios |
+
+**Table 1:** Roles for Intro phase
+
+## PoC | Phase 2: Enhanced workforce and guest lifecycle
+
+
+
+| Role | Responsability / Function |
+| ----- | -------- |
+| Global Administrator or authentication policy administrator & application administrator | -> Configure Microsoft Entra Verified ID |
+| Global Administrator Or Security Administrator | -> Add trusted External Organization (For B2B Scenario - Optional) |
+| Global Administrator Or Identity Governance Administrator | -> Create Entitlement Management Catalog and Access Packages |
+| Test End User | -> Test and Validate user onboarding process |
+
+**Table 1:** Roles for Intro phase
+
+## PoC | Phase 3: Modernize remote access
+
+
+
+| Role / Pre-requisite | Responsability / Function |
+| ----- | -------- |
+| Global Administrator | -> Configure Global Secure Access|
+| Groups or Users Administrator | -> Create test groups and users |
+| Windows client device - W10,W11 - Entra Joined or Hybrid Joined | -> Client test for private access |
+| Windows Server 2012 R2 or later | -> Secure access connector server |
+| Test End User | -> Test and validate Entra private access |
+
+**Table 1:** Roles for Intro phase
+
+## PoC | Phase 4: Govern Internet Access based on business needs
+
+
+
+| Role / Pre-requisite | Responsability / Function |
+| ----- | -------- |
+| Global Administrator | -> Configure Global Secure Access|
+| Groups or Users Administrator | -> Create test groups and users |
+| Windows client device - W10,W11 - Entra Joined or Hybrid Joined | -> Client test for private access |
+| Test End User | -> Test and validate Entra internet access |
+
+**Table 1:** Roles for Intro phase
+
+## PoC | Phase 5: Close-out
+
+
+
+## Wrap-up session (1 hour)
+
+**Who?**
+
+ * All teams
+ * Leadership team
+
+**Goal**
+* Present top findings to leadership
+* Discuss strategy to further implement
+* Collect Feedback
+
diff --git a/website/docs/TrainingHubs/TrainingHubs.md b/website/docs/TrainingHubs/TrainingHubs.md
index 0d15499..f0e3d93 100644
--- a/website/docs/TrainingHubs/TrainingHubs.md
+++ b/website/docs/TrainingHubs/TrainingHubs.md
@@ -1,5 +1,5 @@
---
-sidebar_position: 3
+sidebar_position: 7
title: Product Training Hubs
---
# 🏫 Product Training Hubs
diff --git a/website/docs/images/EntraSuiteOverall.png b/website/docs/images/EntraSuiteOverall.png
new file mode 100644
index 0000000..122d39d
Binary files /dev/null and b/website/docs/images/EntraSuiteOverall.png differ
diff --git a/website/docs/images/EntraSuiteProducts.png b/website/docs/images/EntraSuiteProducts.png
new file mode 100644
index 0000000..7201915
Binary files /dev/null and b/website/docs/images/EntraSuiteProducts.png differ
diff --git a/website/docs/images/Intro.png b/website/docs/images/Intro.png
new file mode 100644
index 0000000..1e7d287
Binary files /dev/null and b/website/docs/images/Intro.png differ
diff --git a/website/docs/images/closeout.png b/website/docs/images/closeout.png
new file mode 100644
index 0000000..e7b4e8b
Binary files /dev/null and b/website/docs/images/closeout.png differ
diff --git a/website/docs/images/scenario1.png b/website/docs/images/scenario1.png
new file mode 100644
index 0000000..5ac39ca
Binary files /dev/null and b/website/docs/images/scenario1.png differ
diff --git a/website/docs/images/scenario2.png b/website/docs/images/scenario2.png
new file mode 100644
index 0000000..0501892
Binary files /dev/null and b/website/docs/images/scenario2.png differ
diff --git a/website/docs/images/scenario3.png b/website/docs/images/scenario3.png
new file mode 100644
index 0000000..fde7bfa
Binary files /dev/null and b/website/docs/images/scenario3.png differ
diff --git a/website/docs/images/scope.png b/website/docs/images/scope.png
new file mode 100644
index 0000000..861ba19
Binary files /dev/null and b/website/docs/images/scope.png differ
diff --git a/website/docs/images/timeline.png b/website/docs/images/timeline.png
new file mode 100644
index 0000000..b738d37
Binary files /dev/null and b/website/docs/images/timeline.png differ