Environment :
Implementation of a federation services architecture and synchronization service to provide simplified and secured identity federation with Microsoft Azure Active Directory, Web single sign-on (SSO) capabilities to support SaaS Application authentication, Office 365 and Dynamics AX.
Design and deployment of Active Directory Federation Services (AD FS) and Web Application Proxy in 3-tier architecture network and Azure AD Connect servers.
Business goals
- Being able to interface with Cloud environments (Public or Private) of all types (IaaS, PaaS, SaaS).
- Provide Web Single Sign-On authentication functionalities to internal environments.
- Scoped Microsoft applications and products that use authentication standards such as WS-Federation, SAML 2.0, and Oauth2.
- Highly available and accessible from outside and inside and respect the security constraints of the target DMZ 3-Tier architecture
Technology stack
Windows Server 2012 R2, Active Directory, Active Directory Federation Services (AD FS), Web Application Proxy, Exchange Server 2010, Azure Active Directory Synchronization tools (Azure AD Connect), F5 BIG-IP Load Balancer, Azure PaaS Infrastructure, PowerShell.
Sector
Client is an insurance company offering health insurance services in Switzerland. It covers the medical expenses covered by compulsory health insurance (LAMal).
