For the complete list of the network requirements, see the Azure Active Directory pass-through authentication quickstart.Port 80 is used only for downloading certificate revocation lists (CRLs) to ensure that none of the certificates this feature uses have been revoked.Port 443 is used for all authenticated outbound communication. ![]() You don't need to open inbound ports on your firewall. Only standard ports (port 80 and port 443) are used for outbound communication from the authentication agents to Azure AD.As a best practice, treat all servers that are running authentication agents as Tier 0 systems (see reference). There's no requirement to install these authentication agents in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet). On-premises authentication agents that listen for and respond to password validation requests make only outbound connections from within your network.On-premises passwords are never stored in the cloud in any form. ![]() It's built on a secure multi-tenanted architecture that provides isolation of sign-in requests between tenants.Pass-through authentication has these key security capabilities: Pass-through authentication key security capabilities Detailed technical information about how to keep the authentication agents operationally secure.The security of the channels between on-premises authentication agents and Azure AD.Detailed technical information about password encryption during user sign-in. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |