Server migration On premises


Client is an insurance company offering health insurance services in
Switzerland. It covers the medical expenses covered by compulsory health
insurance (LAMal).


Implementation of a federation services architecture and synchronization service to provide simplified and secured identity federation with Microsoft Azure Active Directory, Web single sign-on (SSO) capabilities to support SaaS Application authentication, Office 365 and Dynamics AX.

Design and deployment of Active Directory Federation Services (AD FS) and Web Application Proxy in 3-tier architecture network and Azure AD Connect servers.

Business goal

  • Being able to interface with Cloud environments (Public or Private) of all types (IaaS, PaaS, SaaS).
  • Provide Web Single Sign-On authentication functionalities to internal environments.
  • Scoped Microsoft applications and products that use authentication standards such as WS-Federation, SAML 2.0, and Oauth2.
  • Highly available and accessible from outside and inside and respect the security constraints of the target DMZ 3-Tier architecture.

Technology stack

Windows Server 2012 R2, Active Directory, Active Directory Federation
Services (AD FS), Web Application Proxy, Exchange Server 2010, Azure
Active Directory Synchronization tools (Azure AD Connect), F5 BIG-IP Load
Balancer, Azure PaaS Infrastructure, PowerShell.