Integrated Windows Authentication (IWA) without ADFS
IWA (confusingly sometimes known as WIA) is the SSO experience where you sign-in to your device then seamlessly access your applications without the need to authenticate again. Or specifically, it’s the technology that allows that seamless single sign-on experience to happen.
One of the most commonly used methods of achieving IWA is with ADFS.
ADFS is a decent (and free) solution from Microsoft for handling authentication and IWA. But while it’s free, it comes with a significant overhead. ADFS generally requires between 3-7 servers, including redundancy, to ensure high availability. If your whole site goes down, such as during a major power-cut, flood or fire, access to your applications is down. That is a major burden for an IT team to carry, especially if authentication is not your main expertise. Consequently, while ADFS undeniably has its place in some scenarios, increasingly organizations are looking to break away. So what’s the best alternative to ADFS?
Several cloud-based SSO providers have hybrid solutions which use a locally hosted web-server to act as a broker between their cloud platform and the customer Active Directory. This is a lot less infrastructure and local dependency than ADFS to achieve IWA, but it’s still extra infrastructure to manage, maintain and keep highly available.
The good news is that IWA is possible without any additional infrastructure at all. IAM Cloud’s Simple Sign-On solution is a scalable, reliable and affordable fully-cloud alternative to ADFS. Simple Sign-On fully supports IWA without requiring any additional local infrastructure. It doesn’t even need an agent on the users Windows devices. It works directly over HTTPS.
We like to keep things simple. This is why we created Simple Sign-On (SSO) – a highly resilient cloud-based single sign-on solution that has all the features you need (and none of the features you don’t). By keeping Simple Sign-On lean, we keep its price low. So low that it’s probably cheaper than the “free” ADFS when it comes to the total cost of ownership.
Simple Sign-On provides secure seamless SAML and LDAP authentication to any system, and it’s incredibly quick and easy to get set-up. With Simple Sign-On, you can also apply MFA and other security features to your federated applications.
In additional to authentication and security, Simple Sign-On also handles user provisioning and automated licensing to a number of applications including Microsoft 365 and self-service password reset and AD-writeback.
IAM Cloud are Microsoft Gold Partners and former Worldwide Partner of the Year 2015. Simple Sign-On is ISO27001 certified and GDPR compliant. Our SSO platform is hosted in Microsoft Azure with stacks in the EU, UK, and USA (with more coming). You can choose the stack location to help maintain data residency requirements from GDPR and other regional data protection regulations.