Pricing & Add-ons
Pricing & Add-ons
 GAB Managed Hybrid Identity

Cloud Single Sign on as a Service

At the beginning of every Microsoft Cloud project is usually the development of a hybrid identity environment. This bridges between the classic on-premise systems (Active Directory) and the Microsoft Cloud (Azure Active Directory). Only this way is it possible for companies to ensure that their users log on to the Microsoft Cloud Services at the usual comfort level (single sign-on) at the required security standard (passwords remain in-house). Unfortunately, the construction and the operation of this hybrid identity environment comes with a great effort and complexity. Possibly some servers and hardwareloadbalencers have to be made available in your own data center, firewall ports must be opened, certificates must be requested and installed, and complex setup procedures must be followed. It is also important to ensure the ongoing operation of these systems with patch management, anti-malware systems and monitoring.


To make the way easier for companies to get into the cloud, GAB offers the construction and operation of hybrid identity environment as managed service with user-base pricing.



  • Elimination of a Managed Hybrid Identity environment in the customers data center with numerous servers and high operating costs

  • Operation and update of the environment does not apply for the customer because it is included in the service

  • Billing of the service is user-based on monthly basis directly from GAB. There are no additional costs for hardware and software of the hybrid systems.

  • Hosting of the Hybrid Identity environment is on the Microsoft Azure platform and offers best performance, reliability and the highest security standards.

  • Users authenticate themselves once when they log in to their workplace. Afterwards you will have access to all cloud applications (eg Office 365) and administration portals without further logins.

  • Optional, booking of further features such as Multifactor Authentication or Direct Access possible
  • Custom branding of the login portal page is possible

Information for technicians

  • Setting up Azure Tenant (subnet, service groups, etc.)

  • Setup Azure VPN site-to-site connection
  • Implementation of two ADFS 3.0 servers based on Windows 2012 R2
  • Load balancing the ADFS server using Azure NLB features
  • Installation and Configuration Azure Domain Controller (read only)
  • Issuance of a 3-year certificate latest standard SHA256

  • Installation of 2 WAP servers (ADFS Proxy)

  • Setup and testing of the HA functionality

  • Installation of all systems according to the latest safety standards

  • Configuration / connection to Office 365

  • Adaptation of the ADFS login page (company logo and illustration)


Support Options
Phone Support:
Email Support:
Knowledge base URL:
Support Details