For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

spinx's avatar
spinx
Icon for Nimbostratus rankNimbostratus
Oct 07, 2011

Authenticate users

Hi iRules Masters,     we got a Sharepoint VIP on our LTM where the users access it outside of our network. there is also a link inside sharepoint html page that is pointed to our ISA server for...
application delivery
dev
devops
iRules
Michael_Yates's avatar
Michael_Yates
Icon for Nimbostratus rankNimbostratus
Oct 12, 2011
Hi Spinx,

 

 

I honestly do not think you need to off-load any authentication onto the Load Balancers. ISA authenticates to AD and then passes those credentials to the application server, which passes them to the application.

 

 

The application should maintain the ability to authenticate to AD itself, so bypassing ISA and going directly to your application should not affect your authentication model.

 

 

ISA only acts like a firewall, so if you are going to bypass it then that is a different set of security concerns (which could be met and even exceeded by the use of the ASM if you have it).

 

 

Hope this helps.