Secure hybrid access: Protect legacy apps with Azure Active Directory

In this article, learn to protect your on-premises and cloud legacy authentication applications by connecting them to Azure Active Directory (Azure AD).

In addition to Application Proxy, you can strengthen your security posture with Azure AD Conditional Access and Identity Protection.

Single sign-on and multi-factor authentication

With Azure AD as an identity provider (IdP), you can use modern authentication and authorization methods like single sign-on (SSO) and Azure AD Multi-Factor Authentication (MFA) to secure legacy, on-premises applications.

Secure hybrid access with Application Proxy

Use Application Proxy to protect users, apps, and data in the cloud, and on premises. Use this tool for secure remote access to on-premises web applications. Users don’t need to use a virtual private network (VPN); they connect to applications from devices with SSO.

Learn more:

Application publishing and access management

Use Application Proxy remote access as a service to publish applications to users outside the corporate network. Help improve your cloud access management without requiring modification to your on-premises applications. Plan an Azure AD Application Proxy deployment.

Partner integrations for apps: on-premises and legacy authentication

Microsoft partners with various companies that deliver pre-built solutions for on-premises applications, and applications that use legacy authentication. The following diagram illustrates a user flow from sign-in to secure access to apps and data.

Diagram of secure hybrid access integrations and Application Proxy providing user access.

Secure hybrid access through Azure AD partner integrations

The following partners offer solutions to support Conditional Access policies per application. Use the tables in the following sections to learn about the partners and Azure AD integration documentation.

Partner Integration documentation
Akamai Technologies Tutorial: Azure AD SSO integration with Akamai
Citrix Systems, Inc. Tutorial: Azure AD SSO integration with Citrix ADC SAML Connector for Azure AD (Kerberos-based authentication)
Datawiza Tutorial: Configure Secure Hybrid Access with Azure AD and Datawiza
F5, Inc. Integrate F5 BIG-IP with Azure AD
Tutorial: Configure F5 BIG-IP SSL-VPN for Azure AD SSO
Progress Software Corporation, Progress Kemp Tutorial: Azure AD SSO integration with Kemp LoadMaster Azure AD integration
Perimeter 81 Ltd. Tutorial: Azure AD SSO integration with Perimeter 81
Silverfort Tutorial: Configure Secure Hybrid Access with Azure AD and Silverfort
Strata Identity, Inc. Integrate Azure AD SSO with Maverics Identity Orchestrator SAML Connector

Partners with pre-built solutions and integration documentation

Partner Integration documentation
Amazon Web Service, Inc. Tutorial: Azure AD SSO integration with AWS ClientVPN
Check Point Software Technologies Ltd. Tutorial: Azure AD single SSO integration with Check Point Remote Secure Access VPN
Cisco Systems, Inc. Tutorial: Azure AD SSO integration with Cisco AnyConnect
Cloudflare, Inc. Tutorial: Configure Cloudflare with Azure AD for secure hybrid access
Fortinet, Inc. Tutorial: Azure AD SSO integration with FortiGate SSL VPN
Palo Alto Networks Tutorial: Azure AD SSO integration with Palo Alto Networks Admin UI
Pulse Secure Tutorial: Azure AD SSO integration with Pulse Connect Secure (PCS)
Tutorial: Azure AD SSO integration with Pulse Secure Virtual Traffic Manager
Zscaler, Inc. Tutorial: Integrate Zscaler Private Access with Azure AD

Next steps

Select a partner in the tables mentioned to learn how to integrate their solution with Azure AD.