Share via

WAF in front of App proxy Apps

Shamsta 1 Reputation point
2022-08-04T07:27:03.617+00:00

Hello all,

In short we're publishing on-prem app using app proxy with MFA/SSO enabled. I'm not sure if we need to deploy additional WAF i.e Akamai Kona in front of the app proxy svc or does MS by default or under the hood enables WAF protection for the app proxy published apps?

would there be any benefits in adding our own WAF/DDoS ?

Many thanks

Azure DDos Protection
Azure DDos Protection
An Azure service that provides defense against distributed denial-of-service (DDoS) attacks.
81 questions
Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sandeep G-MSFT 20,906 Reputation points Microsoft Employee Moderator
    2022-08-08T09:41:24.617+00:00

    @Shamsta

    Yes, applications published through Application Proxy are protected against Distributed Denial of Service (DDoS) attacks. This protection is managed by Microsoft and is automatically enabled in all our datacenters. The Azure DDoS protection service provides always-on traffic monitoring and real-time mitigation of common network-level attacks.

    You can check this in below article,
    https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-security#azure-ddos-protection-service

    You can also go through below article that talks about security considerations for accessing apps remotely with Azure Active Directory Application Proxy
    https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-security#azure-ddos-protection-service

    Hope this answers your question.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.