For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

GalalNabil's avatar
GalalNabil
Icon for Nimbostratus rankNimbostratus
Feb 21, 2021

Securing ADFS & ADFS Proxy Using F5

Hello, I'm really confused, i want to secure all the traffic before reaching the ADFS Server & ADFS proxy on AZURE, I dont want to replace the ADFS Proxy, what module i need for this function? and w...
Azure
BIG-IP
cloud
boneyard's avatar
boneyard
Icon for MVP rankMVP
Feb 27, 2021

secure all traffic is a bit vague, do you want to inspect the traffic or do you want it end up on a device before the actual ADFS servers?

 

if the second then LTM module is enough. if you want to inspect the traffic check for attacks and allow only certain URLs you need AWAF (formerly ASM).

 

which documentation to follow becomes a bit tricky for AWAF, as creating a policy from a guide isn't really possible without good understanding what you are doing. i would advise contacting your F5 partner on that.

 

for just LTM this is a good start: https://www.f5.com/services/resources/deployment-guides/microsoft-active-directory-federation-services-big-ip-v11-ltm-apm