Azure AD Application Proxy
Our MyWorkDrive File Remote Access Server web portal can be easily integrated with Azure AD Application Proxy service to automatically provide a secure web address without exposing the MyWorkDrive server to the internet or provisioning security appliances. In addition to protecting the MyWorkDrive Server from direct public access attacks, customers may optionally enable Azure AD Application Proxy Pre-Authentication and leverage conditional access. With Conditional Access, you can define restrictions on how users are allowed to access MyWorkDrive – for example – require their device is under management. You can also create policies that restrict sign-ins based on location, strength of authentication, and user risk profile.
MyWorkDrive can be easily integrated into Azure AD Application Proxy – simply point your Azure AD Application Proxy connectors to the MyWorkDrive server internal URL. The internal URL can be the same as the external URL (you’ll need to install a matching SSL certificate in this case) for example: https://share.yourcompany.com. This URL should resolve to the internal IP address of your MyWorkDrive server on the LAN and the Azure AD Application Proxy CNAME from the Internet. Microsoft provides additional details in their planning article here and in their publishing steps on how to Add an on-premises application for remote access through Application Proxy in Azure Active Directory here.
MyWorkDrive Client Pre-Authentication
The MyWorkDrive Web Browser and Windows Mapped Drive client version 6.0 support Azure AD Application Proxy Pre-Authentication. With Pre-Authentication, clients cannot connect to the MyWorkDrive server URL until authenticated by Azure AD. Once clients are authenticated by Azure AD and pass any Conditional Access policies they can then proceed with logging in (typically using Azure AD SAML). Mobile and Mac Mapped Drive support for Pre-Authentication will be available in Q1 2021.