What is Application Proxy in Azure Active Directory?

What is Application Proxy in Azure Active Directory?


Hello, Everyone! I’m Harshini Jayaram,
a program manager on the Azure Active Directory team. And today I’m here to talk about
providing remote access with the Azure Active Directory
Application Proxy. Its a remote access solution
for your on-premises resources. A little more concretely, is providing remote access as a service while extending the benefits of
Azure Active Directory to your on-premises resources bringing benefits such as
multi-factor authentication, and conditional access. Here also avoids limitations
of traditional solutions such as VPNs and TMGs
for variety of reasons. For example, it doesn’t open the entire
network, you selectively publishing the resources you want your users
to have access to, Its less expensive then
traditional resources, and it works across more devices your desktops, your mobile devices etc. There are three main benefits
that we highlight, when we’re talking
about Application Proxy. Simplicity, Productivity
and Protection. When we’re looking at simplicity,
there are few things to know. There is nothing going in DMZ, we’re able to use applications
without changes, and because Application Proxy
is very light-weight, we’re able to reduce
an on-premises footprint. When you look at productivity, Application Proxy is allowing access
to all applications from any device, anywhere, at any time and by providing management
for Application Proxy alongside all of your other
Azure Active Directory applications, Its one central management point. When you look at protection, its bringing
the Cloud scale security verifications of Azure Active Directory to
all of your on-premises resources and there are No inbound connections
required to your network. This is adding the protection
that you need more as a security while providing the remote access. When you’re using Application Proxy, you typically have
a scenario that looks like this. You have a user who is outside
at your network who needs to get access to applications that are
inside the network. The first thing that we’ve you do is to install
light weight agents called connectors. These connectors need to have
line-of-sight directly to the back-end application. They may also be connected to
on-premises Active Directory, depending on the Single Sign-on
mechanism that you need. This solutions works for about
traditional networks and for Cloud networks such as VLAN. When you publish an application,
you will provide an external URL such as the one shown here. Your users can then go directly
to this external URL where they’ll be re-directed to a service. We ask them to authenticate against
Azure Active Directory again this is where your multi-factor
authentication, conditional access any of these all other things will
come into play and only once the user is authenticated, it will then finish the connection
to the connectors and to the on-premises resources Application Proxy supports
a variety of applications. For example, the one’s you see here. So for browser based applications,
whether they’re using integrated windows authentication, if
they’re using forms based authentication if they’re using headers based
authentication, all of these will not only support but also
provides Single Sign-on. If there is Rich client that is
ADAL integrated, thats also fully supported with Application Proxy. And any other applications can always be
published through remote desktop. So now that you know a little bit about
Application Proxy, in the next video will go over
how you can deploy it.

Danny Hutson

Leave a Reply

Your email address will not be published. Required fields are marked *