How Ethical Wall can be used to control external meeting communications in Microsoft Teams One of the issues that businesses are now facing is blocking sensitive corporate information from being released and complying with regulations in business policies while internal users join a meeting hosted externally with people from outside their organization. How can SphereShield […]
Skype for Business: How to protect against account lockout through ADFS
SkypeShield has released an innovative ADFS (Active Directory Federation Services) Protector for safe Skype for Business (SfB) deployment.
The ADFS solution, which uses a unified monitoring and prevention mechanism, blocks DDoS attacks causing Active Directory network account lockout.
The security component protects against account lockout attacks coming through ADFS authentication channels by monitoring the traffic to the ADFS server. It sanitizes and blocks (in the DMZ) failed login attempts to the Active Directory, while allowing valid users to continue working seamlessly.
“As a growing number of companies move online, the usage of ADFS is growing accordingly and companies are seeking to handle DDoS attacks, which cause account lockouts,” says Yoav Crombie, Product Manager at AGAT Software, which developed SkypeShield. “Our solution resolves the problem entirely. By using our ADFS Protector, companies can manage their identities on premise in their Active Directory, while taking advantage of online services such as Skype for Business and Exchange.”
The new ADFS Protector offers the following advantages:
- Prevents account lockout while using ADFS
- Provides generic protection covering all Office 365 services and custom application using ADFS
- Supports Azure AD connect
- Allows unified monitoring of ADFS and Active directory services
- Provides monitoring tools with extended info
SkypeShiled’s solution minimizes the load on the Active Directory and improves security by configuring a whitelist pattern of authentication requests, filtering the requests in the DMZ and enabling valid requests to enter the network.
ADFS protector addresses scenarios that other generic solution fail to handle, including the ADFS Extranet Lockout feature of Win 2012 R2.
The ADFS Protector supports hybrid and online deployments of any services using ADFS authentication such as Office 365, Skype for Business and Microsoft Exchange.