Hi,
We currently run Office 365 and have a federated domain for single sign-on. Like others have posted here we are investigating the possibility of moving our federation server farm and proxies to Azure, but I have a further question that was not answered in previous posts.
The Microsoft Online Deployment Guide for Office 365 lays out the recommended configuration for the federation service here:http://technet.microsoft.com/en-us/library/ff652539.aspx
As per Microsoft's recommendations the federation proxies should be placed in a perimeter network (as they are exposed to the Internet) and firewalled off from the actual federation servers (and the rest of the internal network), with only port 443 left open for communication from the proxies to the federation server farm.
From my reading on the Azure IaaS services, I could not find any way to configure a perimeter network that would suitably isolate the federation service proxies. My question then is, is there a way to configure a suitable perimeter network in Azure to place the federation proxies? or do you not recommend Office 365 federation services be placed in Azure at this time?
Thanks in advance for your assistance,
Mike.