How can we help you today?
Azure AD Application Proxy
Our MyWorkDrive File Remote Access Server web portal can be easily integrated with Azure AD Application Proxy service to automatically provide a secure web address without exposing the MyWorkDrive server to the internet or provisioning security appliances. In addition to protecting the MyWorkDrive Server from direct public access attacks, customers may optionally enable Azure AD Application Proxy Pre-Authentication and leverage conditional access. With Conditional Access, you can define restrictions on how users are allowed to access MyWorkDrive – for example – require their device is under management. You can also create policies that restrict sign-ins based on location, strength of authentication, and user risk profile.
The Microsoft FAQ provides additional context on features and deployment scenarios for Application Proxy. Note that the recommended auth system for Azure AD Application Proxy is AzureAD. Other auth sources like ADFS (article 1, article 2)may not work or provide full functionality.
MyWorkDrive Integration
MyWorkDrive can be easily integrated into Azure AD Application Proxy – simply point your Azure AD Application Proxy connectors to the MyWorkDrive server internal URL. The internal URL can be the same as the external URL (you’ll need to install a matching SSL certificate in this case) for example: https://share.yourcompany.com. This URL should resolve to the internal IP address of your MyWorkDrive server on the LAN and the Azure AD Application Proxy CNAME from the Internet. Microsoft provides additional details in their planning article here and in their publishing steps on how to Add an on-premises application for remote access through Application Proxy in Azure Active Directory here.
MyWorkDrive Client Pre-Authentication
The MyWorkDrive Web Browser and install clients from version 6.0 support Azure AD Application Proxy Pre-Authentication. With Pre-Authentication, clients cannot connect to the MyWorkDrive server URL until authenticated by Azure AD. Once clients are authenticated by Azure AD and pass any Conditional Access policies they can then proceed with logging in (typically using Azure AD SAML).
