we are deploying some app services into Azure behind an Azure web application firewall, we already have some applications running on servers behind them, these are secured end to end using SSL. But what I can’t get my head around is what security or protection we are to implement on the app services and how, I’m thinking it must be Azure AD OAuth or something similar, am I on the right track? Or is there a way I’ve missed, or can we use certificates?
Asked
Active
Viewed 183 times
0
-
Your question is really confusing, what are you trying to achieve? Are you looking for user authentication for your apps, or protection of the connection between your WAF and app service? If the later, what Azure Service are you using to host the WAF? – Sam Cogan May 02 '20 at 09:12
-
@SamCogan hi, we are using an azure app gateway, and my question is how you route traffic from the front end listener on http to back end site on https, sorry I was a bit rushed when I put the question together. I would be interested in how the ad authentication works, but the question is around securing access through the waf – Norrin Rad May 02 '20 at 09:53
1 Answers
0
If all you are looking to do is enable end to end encryption of traffic between App Gateway and your app then you can do this. This doc details how to enable e2e encryption with App Gateway.
If you want to authenticate the connection between App Gateway and your backend then that is more tricky. Currently App Gateway does not support mutual TLS authentication, or any sort of token based auth.
Sam Cogan
- 38,158
- 6
- 77
- 113