The following tables were created to help customers understand the relationship between our various Service Plan lines and branding and the scope of services covered or provided by each.
Note that starting in 2022, we added new plan families and coverage categories for Cybersecurity in order to make these workloads clearer and ensure customers with different needs receive their required level of preparedness and response. Cybersecurity plans are separate from Cloud Admin and other coverage and plans.
| Service Plan | Covered Technical Workloads | Summary of Covered Products / Features |
| Administration + Support for Core Office 365 Cloud Services | ||
| Admin 365 | Cloud Admin Level 1 |
Office 365 Admin, Exchange, OneDrive, Teams (with Phone basics), SharePoint basics, Stream, Yammer |
| Admin 365 Plus | Cloud Admin Level 2 | Extends Level 1 with Teams Phone advanced capabilities, SharePoint intermediate, Endpoint Manager basics, Cloud Backup admin, IT Admin and End-user Training sessions, and access to Virtual CIO/CTO* and Low-code Developer*** services |
| Full Stack Microsoft Cloud Admin + IT Mentor + Support | ||
| Co-managed Cloud | Cloud Admin Level 3 | Extends Level 2 with Azure AD (with Entra basics), intermediate Endpoint Manager, SharePoint Site Collection admin, Anti-spam management (EOP), and Azure Portal admin. (Does not cover End-user Training, Virtual CIO/CTO, or Low-code Developer workloads.) |
| Co-managed Cloud Plus | Cloud Admin Level 4 | Extends Level 3 with SharePoint Admin and advanced Endpoint Manager scenarios, IT Admin and End-user Training sessions, and access to Virtual CIO/CTO* and Low-code Developer*** services. |
| Event Horizon Cybersecurity Readiness & Response Program | ||
| Cybersecurity Readiness & Response Essentials | Cyber Level 0 | Provides baseline security preparedness, monitoring, and response, including security admin workloads in Microsoft 365, MS Security Admin, Exchange, and Defender ATP with additional benefits (for select customers' IT staff) such as vulnerability / dark web scans, security awareness and IT security training, and enterprise password management. (Does not cover GCC Moderate or GCC High.) |
| Cybersecurity Readiness & Response Standard | Cyber Level 1 | Extended Level 0 coverage and benefits to the entire organization, and adds Identity Management (Azure AD Premium / Entra), Compliance basics (Policies, Labels, Retention, Legal Hold, E-Discovery), Defender for Cloud Apps, and selected third-party security tools. (Required for GCC Moderate or GCC High.) |
| Cybersecurity Readiness & Response Advanced | Cyber Level 2 | Extends Level 1 with access to Virtual CISO* services, support for compliance requirements (SOC 2, NIST, CMMC, HITECH, etc.), consultant-led end-user security training, and advanced workloads including Compliance Manager, Azure ATP, and Azure Sentinel. (Required for GCC High.) |
| Managed IT Services | ||
| Managed Enterprise | Network Infrastructure per Location | |
| Managed Endpoint | Desktops / Mobiles | |
| Managed Server | Server/VM, Firewall, Router, or Managed Switch | |
| Available "Single App" Service Plans | ||
| SharePoint Admin On Demand | ||
| Power Platform / Dynamics 365 On Demand | ||
| Azure On Demand |
Service Plan coverage policy is governed by the Technical Workload for a given request. These are primarily determined by which Admin Center Microsoft has made a given capability available. In some cases, we partition this further to categorized basic features vs. those which are complex or advanced.
All customers may unlock and leverage services otherwise not covered at a specific level through Priority Service requests on a case-by-case basis.
Entitlements and Coverage by Technical Workload for Admin 365 and Co-managed Cloud Plans
The following table defines the coverage by Technical Workload and other Entitlements provided under the Service Plan Coverage Level (formerly Microsoft Cloud Level) for Cloud Admin plans (e.g. Admin 365, Event Horizon Co-managed Cloud) as described elsewhere in our Service Plans FAQ and/or our SLA.
| Admin Center / Service | Admin Portal URL | Admin 1 | Admin 2 | Admin 3 | Admin 4 |
| Fair Use Limits * | 2 Hours | 2 Hours | 4 Hours | 5 Hours | |
| Priority Service Rate | Prime D | Prime C or B | Prime B or A | Prime A | |
| Admin / IT Training * | N/A | No | Yes* | Yes* | Yes* |
| End User Training * | N/A | No | Yes* | No | Yes* |
| Virtual CIO / CTO Services * | N/A | No | Yes* | No | Yes* |
| Support for GCC Moderate | N/A | Yes | Yes | Yes | Yes |
| Support for GCC High | https://portal.office365.us https://portal.azure.us |
No | Yes | No | Yes |
| Core Office 365 Cloud Workloads | |||||
| Microsoft / Office 365 Admin *** | https://admin.microsoft.com | Yes | Yes | Yes | Yes |
| Exchange Admin *** | https://outlook.office365.com/ecp/ | Yes | Yes | Yes | Yes |
| Exchange Admin - Mail Trace *** | Yes | Yes | Yes | Yes | |
| External DNS / Tenant Domain Admin | Yes | Yes | Yes | Yes | |
| E-mail Retention Policies | Yes | Yes | Yes | Yes | |
| OneDrive Admin | https://admin.onedrive.com | Yes | Yes | Yes | Yes |
| Teams Admin | https://admin.teams.microsoft.com | Yes | Yes | Yes | Yes |
| SharePoint Admin 1 (SAC / Content Steward) | https://<tenant>.sharepoint.com | Yes | Yes | Yes | Yes |
| Teams Phone / Voice Calling Admin (Basic)* | https://admin.teams.microsoft.com | Yes* | Yes* | Yes* | Yes* |
| Streams Admin | https://web.microsoftstream.com/admin/ | Yes | Yes | Yes | Yes |
| Yammer Admin | https://yammer.com/office365/admin | Yes | Yes | Yes | Yes |
| Teams Phone / Voice Calling Admin (Advanced)* | https://admin.teams.microsoft.com | No | Yes* | Yes* | Yes* |
| SharePoint Admin 2 (Site Owner / List Owner)** / *** | https://<tenant>.sharepoint.com | No | Yes** | Yes** | Yes** |
| Full Stack Microsoft Cloud Workloads | |||||
| Cloud Backup Management* | Varies by backup solution vendor. Ask for details. | No | Yes* | Yes* | Yes* |
| Endpoint Manager Admin 1 (Device Reg./AAD Join) * / *** | https://endpoint.microsoft.com | No | Yes* | Yes* | Yes* |
| Azure AD Admin * / *** | https://go.microsoft.com/fwlink/?linkid=2058058 | No | No | Yes* | Yes* |
| Endpoint Manager Admin 2 (Intune+AutoPilot)* / *** |
https://endpoint.microsoft.com | No | No | Yes* | Yes* |
| SharePoint 3 (Site Collection Admin) *** | https://<tenant>-admin.sharepoint.com | No | No | Yes | Yes |
| Exchange Online Protection Admin (Anti-spam) | No | No | Yes | Yes | |
| Azure Portal Admin* | https://portal.azure.com | No | No | Yes* | Yes* |
| SharePoint 4 (SP Farm Admin) | N/A | No | No | No | Yes |
| Endpoint Manager Admin 3* (Hybrid Join, Apple Business Manager) | https://endpoint.microsoft.com | No | No | No | Yes* |
| Low-code Developer Workloads ** | |||||
| Dynamics 365 | https://port.crm6.dynamics.com/g/manage/index.aspx | No | Yes | No | Yes |
| Power Apps | https://admin.powerapps.com | No | Yes | No | Yes |
| Power Automate (Flow) | https://admin.flow.microsoft.com | No | Yes | No | Yes |
| Power BI | https://app.powerbi.com/admin-portal/ | No | Yes | No | Yes |
| SharePoint 5 (SP Designer / Dev) | N/A | No | Yes | No | Yes |
Entitlements and Coverage by Technical Workload for Cybersecurity Readiness & Response Plans
The following table defines the coverage by Technical Workload and other Entitlements provided under the Service Plan Coverage Level (formerly Microsoft Cloud Level) for Cybersecurity Readiness & Response plans as described elsewhere in our Service Plans FAQ and/or our SLA.
| Admin Center / Service | Admin Portal URL | Cyber 0 | Cyber 1 | Cyber 2 |
| Fair Use Limits* | 60 Min | 90 Min | 2 Hours | |
| Priority Service Rate | N/A | Prime A | Prime AAA | |
| Consultant-led Admin / IT Training * | N/A | No | Limited | Limited |
| Consultant-led End-User Training * | N/A | No | No | Limited |
| Virtual CISO Services * | N/A | No | No | Yes* |
| Support for GCC Moderate | N/A | No | Yes | Yes |
| Support for GCC High | https://portal.office365.us https://portal.azure.us |
No | No | Yes |
| Value-added Security Services and Benefits | ||||
| Periodic Security Evaluation | Yes | Yes | Yes | |
| Active Security Monitoring 1 (MS365 Lighthouse: Defender ATP, Threat Intelligence, Identity Protection, Etc.) | Yes | Yes | Yes | |
| System Vulnerability and Dark Web Scans by Vigilante | https://portal.pii-protect.com/ | Limited | Yes | Yes |
| Enterprise Password Management | https://liquidhg.mypasswordapp.com/ | Limited | Yes | Yes |
| Security Awareness Training Tools | https://portal.pii-protect.com/ | Limited | Yes | Yes |
| End-user DNS / Web Filtering | Varies by solution vendor | No | No | Ask |
| Extended Security Coverage for Admin 365 and Co-managed Cloud Workloads *** | ||||
| Microsoft / Office 365 Admin | https://admin.microsoft.com | Yes | Yes | Yes |
| Exchange Admin | https://outlook.office365.com/ecp/ | Yes | Yes | Yes |
| Exchange Admin - Mail Trace | Yes | Yes | Yes | |
| Exchange Online Protection Admin (Anti-spam) | No | Yes | Yes | |
| Endpoint Manager Admin 1 (Device Reg./AAD Join) * | https://endpoint.microsoft.com | No | Yes* | Yes* |
| Azure AD Admin * | https://go.microsoft.com/fwlink/?linkid=2058058 | No | Limited | Yes* |
| Endpoint Manager Admin 2 (Intune+AutoPilot)* |
https://endpoint.microsoft.com | No | Yes* | Yes* |
| SharePoint Admin 2 (Site Owner / List Owner)** | https://<tenant>.sharepoint.com | No | No | Yes** |
| SharePoint 3 (Site Collection Admin) | https://<tenant>-admin.sharepoint.com | No | No | Yes |
| SharePoint 4 (SP Farm Admin) | N/A | No | No | Yes |
| Cybersecurity and Compliance Workloads | ||||
| Security Admin | https://protection.office.com | Limited | Yes | Yes |
| Defender ATP Security Center Admin | https://securitycenter.windows.com | Limited | Yes | Yes |
| Identity Management (e.g. Entra / Azure AD Premium - Identity Protection, Conditional Access, PIM) |
https://go.microsoft.com/fwlink/?linkid=2040456 | No | Yes | Yes |
| Compliance Admin (Policies, Labels, Retention, Legal Hold and E-Discovery) | No | Yes | Yes | |
| Selected Third-party Security Tools* | No | Yes* | Yes* | |
| Defender for Cloud Apps Admin* | https://portal.cloudappsecurity.com | No | Yes* | Yes* |
| Regulatory Compliance Support: SOC 2, NIST, CMMC, HITECH, etc. | No | No | Yes* | |
| Compliance Manager Admin* | https://compliance.microsoft.com/ | No | No | Yes* |
| Azure ATP Admin* | https://<tenant>.atp.azure.com | No | No | Yes* |
| Azure Sentinel Admin* | https://portal.azure.com/#blade/Microsoft_Azure_Security_Insights/WorkspaceSelectorBlade | No | No | Yes^ |
| Active Security Monitoring 2 (e.g. Sentinel, 24/7 SOC) | No | No | Ask |
* Due to the complex nature of these offerings, certain features and/or Task Orders may be subject to Priority Service for purposes of determining coverage and Entitlements. Please see our SLA and Fair Use Policy for details.
** Development oriented activities and extended Task Orders are subject to Entitlement caps based on hours and frequency of requests, with Priority Service applicable for any overages.
*** Coverage / Entitlements for specific features, profiles, or policies is limited to either "system configuration" or "security" scope based on Co-managed Cloud vs. Cyber-readiness plans, respectively.
For a complete list of Microsoft Admin Centers, see: https://msportals.io/