Forum Discussion
ADFS Proxy balancing with LTM and Advanced WAF, without APM
Hi mate,
You right, iApp o365 is no longer supported. Microsoft changed its ADFS proxy requirements and certification. It means, to be in front of ADFS server farm and proxy ADFS Authentication workflow, the vendor (F5) must be ADFSPIP compliant. Lucky us, F5 is.
But this certification requires additional steps, as MTLS between BIGIP and ADFS farm servers. And F5 integrated this development in APM only.
Without APM, you can still load-balance ADFS farms with LTM + AWAF (traditional L3 or L7 load balancing), but your deployment will not be ADFSPIP compliant. ADFS farm will be load balanced like any other WebServer.
Hope this help.
- wlopezMar 10, 2023Cirrocumulus
Matthieu,
Thanks for the detailed response.
Does this apply to all Office 365 versions?
The client I'm analyzing will do a deployment of Office 365 version 2019 and is asking for WAF protections for the internet facing ADFS servers.
- Matt_DierickMar 13, 2023Employee
I think you are refering to the Office362 Applications Version 2019. Office 365 (the cloud service) does not have any version.
Yes, it applies to all ADFS and clients versions.
- Leslie_HubertusMar 10, 2023Ret. Employee
Hey wlopez - quick FYI - Matt_Dierick is in Europe and your reply came in after his work week ended, so he won't see your reply until next week.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com