Protecting apps published through Microsoft's Azure Application Proxy using Duo's Azure AD integration?

We are looking to publish our Exchange Server 2019 OWA and ECP directory through Azure Application Proxy ( so that users are not hitting our internal server directly.

Duo integrate with Azure Active Directory (Microsoft Azure Active Directory | Duo Security) and I was wondering if I could leverage this integration to require custom 3rd party MFA using conditional access for the ECP/OWA directories published through the app proxy?

Now I know that I can simply install the duo plugins on my Exchange server and get OWA/ECP to prompt for MFA, but being able to do this at Azure’s App Proxy would be better security as we wouldn’t have to expose our internal server.

Anyone attempt to do this using Duo and Azure’s App Proxy?

1 Like