Secure access to on-premises apps

Protect your on-premises apps without having to update or change them.

What is secure hybrid access?

With secure hybrid access, you can connect your on-premises apps and apps that use legacy authentication to Azure Active Directory (Azure AD). Streamline and modernize access to all apps, including those that support legacy authentication, such as Kerberos, NTLM, Remote Desktop Protocol (RDP), LDAP, SSH, and header-based and form-based authentication.

Unify access to your apps in the cloud or on-premises

Enhance security

Protect your legacy apps with advanced security capabilities, including Conditional Access, identity protection, and multi-factor authentication.

Centralize access management

Simplify app management by centralizing access controls across your cloud and legacy apps with a single identity solution.

Reduce costs

Reduce your on-premises identity infrastructure, retire web access management solutions and use modern access methods for your legacy apps.

Streamline access

Provide seamless access with single sign-on to cloud and on-premises apps and help your workforce be more productive.

Manage on-premises apps with Azure AD

Azure AD helps simplify the way you manage access by providing a single identity system for your cloud and on-premises apps.

With Azure AD, you can use Application Proxy to connect to your on-premises apps, including header-based apps. You can also connect to on-premises apps using a solution from one of our secure hybrid access partners, such as F5, Akamai, Cisco, Citrix, Fortinet, Kemp, Strata, Palo Alto Networks, and Zscaler.

Azure AD Application Proxy

Use our native solution, Application Proxy, to provide secure remote access to your on-premises web apps without the need for a VPN.

App delivery controller and networking partners

Use your existing networking and app delivery controllers to protect on-premises and legacy apps that are critical to your business processes.

Virtual private network and software-defined perimeter partners

Use your existing virtual private networks and software-defined perimeter solutions to provide secure access to your enterprise network and on-premises and legacy apps.

Azure AD Domain Services

Lift and shift your on-premises apps to Azure with no identity worries. Take advantage of Azure AD Domain Services features like domain join, LDAP, NTLM, and Kerberos authentication.

Take a deep dive into Azure AD secure hybrid access

Secure hybrid access in action

Durham County.

Durham County

Durham County enhances security across a hybrid environment with Azure AD and F5 BIG-IP APM.



Wipro adds highly secure remote access to its on-premises corporate apps through Azure AD Application Proxy.

Johnson Controls.

Johnson Controls

Johnson Controls makes access to on-premises apps easier from home with Azure AD and Zscaler.

Additional resources

Best practices

Get recommendations and best practices for app management in Azure AD.

How-to guides

Learn how to add an on-premises app to Azure AD.

App security

Manage access to your on-premises apps.