Edit

Share via

Secure hybrid access: Protect legacy apps with Microsoft Entra ID

  • Article

In this article, learn to protect your on-premises and cloud legacy authentication applications by connecting them to Microsoft Entra ID.

In addition to Application Proxy, you can strengthen your security posture with Microsoft Entra Conditional Access and Microsoft Entra ID Protection.

Single sign-on and multifactor authentication

With Microsoft Entra ID as an identity provider (IdP), you can use modern authentication and authorization methods like single sign-on (SSO) and Microsoft Entra multifactor authentication to secure legacy, on-premises applications.

Secure hybrid access with Application Proxy

Use Application Proxy to protect users, apps, and data in the cloud, and on premises. Use this tool for secure remote access to on-premises web applications. Users don’t need to use a virtual private network (VPN); they connect to applications from devices with SSO.

Learn more:

Application publishing and access management

Use Application Proxy remote access as a service to publish applications to users outside the corporate network. Help improve your cloud access management without requiring modification to your on-premises applications. Plan a Microsoft Entra application proxy deployment.

Partner integrations for apps: on-premises and legacy authentication

Microsoft partners with various companies that deliver pre-built solutions for on-premises applications, and applications that use legacy authentication. The following diagram illustrates a user flow from sign-in to secure access to apps and data.

Diagram of secure hybrid access integrations and Application Proxy providing user access.

Secure hybrid access through Microsoft Entra ID partner integrations

The following partners offer solutions to support Conditional Access policies per application. Use the tables in the following sections to learn about the partners and Microsoft Entra integration documentation.

Partner Integration documentation
Akamai Technologies Tutorial: Microsoft Entra SSO integration with Akamai
Citrix Systems, Inc. Tutorial: Microsoft Entra SSO integration with Citrix ADC SAML Connector for Microsoft Entra ID (Kerberos-based authentication)
Cloudflare, Inc. Tutorial: Configure Cloudflare with Microsoft Entra ID for secure hybrid access
Datawiza Tutorial: Configure Secure Hybrid Access with Microsoft Entra ID and Datawiza
F5, Inc. Integrate F5 BIG-IP with Microsoft Entra ID
Tutorial: Configure F5 BIG-IP SSL-VPN for Microsoft Entra SSO
Progress Software Corporation, Progress Kemp Tutorial: Microsoft Entra SSO integration with Kemp LoadMaster Microsoft Entra integration
Perimeter 81 Ltd. Tutorial: Microsoft Entra SSO integration with Perimeter 81
Silverfort Tutorial: Configure Secure Hybrid Access with Microsoft Entra ID and Silverfort
Strata Identity, Inc. Integrate Microsoft Entra SSO with Maverics Identity Orchestrator SAML Connector

Partners with pre-built solutions and integration documentation

Partner Integration documentation
Amazon Web Service, Inc. Tutorial: Microsoft Entra SSO integration with AWS ClientVPN
Check Point Software Technologies Ltd. Tutorial: Microsoft Entra single SSO integration with Check Point Remote Secure Access VPN
Cisco Systems, Inc. Tutorial: Microsoft Entra SSO integration with Cisco Secure Firewall - Secure Client
Fortinet, Inc. Tutorial: Microsoft Entra SSO integration with FortiGate SSL VPN
Palo Alto Networks Tutorial: Microsoft Entra SSO integration with Palo Alto Networks Admin UI
Pulse Secure Tutorial: Microsoft Entra SSO integration with Pulse Connect Secure (PCS)
Tutorial: Microsoft Entra SSO integration with Pulse Secure Virtual Traffic Manager
Zscaler, Inc. Tutorial: Integrate Zscaler Private Access with Microsoft Entra ID

Next steps

Select a partner in the tables mentioned to learn how to integrate their solution with Microsoft Entra ID.