LDAP Proxy Firewall – Virtual Identity Server

Securing and Protecting Active Directory


Many organizations utilize an http web proxy server, such as Microsoft’s Internet Security and Acceleration (ISA) Server within their web server environment. ISA provides not only a more secure environment, but also additional performance capabilities.


Likewise, the Virtual Identity Server™ (VIS™), deployed as an LDAP proxy server offers this type of protection and security for LDAP directories such as Active Directory. Applications connect to the VIS proxy server exactly as they do any normal LDAP directory. In fact, VIS looks and behaves just like a standard Active Directory or ADAM server to the LDAP enabled client application.

Application Specific Views

In many cases, applications that are written to Active Directory are written poorly and inefficiently. For example, many applications connect at the root of the Active Directory forest when they may only need to search one or two containers in the tree. Additionally, many applications only need to view users and groups, but in reality are granted access to view more than just users and groups.

This is because Active Directory does not provide the ability to control what is searched, such as specific LDAP queries. VIS, however, easily publishes application specific views, granting only the data the application requires. The result is a more secure Active Directory and increased performance for both the application and Active Directory.