The LoadMaster along with the Edge Security Pack (ESP) delivers a solution to customers who would have previously deployed TMG to publish their Microsoft applications.

The basic flow for ESP authentication is shown in the diagram above:

  • Traffic from the client goes to the LoadMaster.
  • The LoadMaster may present an authentication form asking the user to enter credentials.
  • The Authentication Provider server then allows or rejects the request.
  • If successful, the traffic is passed to the Real Servers.

To help protect a service from threat actors, the LoadMaster can perform authentication for HTTP/HTTPS services before the user can gain access to a web resource. To do this, you can leverage ESP to create a Single Sign On (SSO) that offers the following features:

  • End point authentication for pre-authentication
  • Persistent logging and reporting for user logging
  • Single Sign-On (SSO) across Virtual Services
  • LDAP Authentication from the LoadMaster to the Active Directory
  • Basic authentication communication from a client to the LoadMaster
  • Dual-factor authentication including Azure Multi-Factor Authentication (MFA) or RSA tokens

  • CAPTCHA verification

Note: A reboot is required after upgrading older versions of the LoadMaster to an ESP license.