The secure hybrid access solution for this scenario is made up of:Īpplication: BIG-IP published service to be protected by and Azure AD SHA. Having a BIG-IP in front of the application enables us to overlay the service with Azure AD pre-authentication and header-based SSO, significantly improving the overall security posture of the application. Instead, a BIG-IP deployed between the public internet and the internal application will be used to gate inbound access to the application. Modernization would take considerable effort and time, introducing inevitable costs and risk of potential downtime. Ideally, application access should be managed directly by Azure AD but being legacy it lacks any form of modern authentication protocol. Scenario descriptionįor this scenario, we have an internal legacy application that's configured for basic form-based authentication (FBA). To learn about all the benefits, see Integrate F5 BIG-IP with Azure Active Directory and What is application access and single sign-on with Azure AD?.
In this article, you'll learn how to configure F5's BIG-IP Access Policy Manager (APM) and Azure Active Directory (Azure AD) for secure hybrid access to form-based applications.Įnabling BIG-IP published services for Azure Active Directory (Azure AD) SSO provides many benefits, including:
0 kommentar(er)
