+1 833 274 2566

What do you need load balancing for?

"We've had an array of Loadbalancer.org appliances deployed for close to 10 years now and we will not consider another platform. These are simply the best load balancers. Occasionally we engage Lb.org support. With the live chat feature you get technical issues resolved immediately."

Joe Lucchesi

USA Technologies

Load Balancing Microsoft ADFS

Microsoft ADFS (Active Directory Federation Services) provides secure SSO (Single Sign-On) and identity federation within an ADFS deployed environment. In its simplest form it can be used to provide authentication against Active Directory for claims-aware applications such as Office 365, Outlook on the web or Sharepoint to name but a few Web SSO.

Using standards-based identity federation allows trust relationships between federated third parties such as partner organisations or applications hosted within cloud environments. Whenever authentication is required across organisational boundaries (between otherwise autonomous security domains) a federation trust can be created Federated Web SSO.

You can deploy Federation Servers within your LAN or leverage the ADFS Proxy role within your DMZ allowing secure deployment alongside your applications. A load balancer can be deployed in front of either Federation Server or Federation Server Proxies providing both scalability and high availability to ADFS deployments.

Example deployment utilizing 2 HA pairs. HA pair 1 is used to load balance the ADFS Proxy’s located in the DMZ, HA pair 2 is used to load balance the ADFS Servers on the internal LAN.

Protocols

Protocol Role Ports Load balancing methods
TCP/HTTPS WEB SSO 443 Layer 7 TCP Mode

FAQs

  • Does ADFS only support Microsoft applications?

    No, ADFS uses an industry standard approach so can provide authentication services for many claims-aware applications. You can write your own apps and make them claims-aware or choose from some of the popular existing applications that already support it: Salesforce, Dropbox, Slack, VMware Identity Provider, Snowflake, SAP, servicenow, Google Apps.

  • Can ADFS Federation Proxies replace Microsoft TMG for SSO at the edge?

    The ADFS Federation Proxy role is often used as a long term supported semi replacement to the SSO capabilities of TMG which is nearing end of life. With TMG scheduled to go EOL in 2020 ADFS proxies are the only Microsoft service to offer a replacement for the secure edge SSO properties of TMG.

  • What versions of ADFS are supported for load balancing?

    We can load balance all current versions of ADFS since 2.0 (2.0, 2.1, 3.0 and 4.0).

Surely you must have a question?