Best Practices Analyzer for Web Application Proxy

In Windows management, best practices are guidelines that are considered the ideal way, under normal circumstances, to configure a server as defined by experts. For example, it is considered a best practice for most server technologies to keep open only those ports required for the technologies to communicate with other networked computers, and block unused ports. While best practice violations, even critical ones, are not necessarily problematic, they indicate server configurations that can result in poor performance, poor reliability, unexpected conflicts, increased security risks, or other potential problems.

Topics in this section can help you bring Web Application Proxy running on Windows Server 2012 R2 into compliance with best practices. Content in this section is most valuable to administrators who have completed a Best Practices Analyzer scan of Web Application Proxy, and who want information about how to interpret and resolve scan results that identify areas of Web Application Proxy that are noncompliant with best practices.

For more information about Best Practices Analyzer and scans, see Run Best Practices Analyzer Scans and Manage Scan Results.

More information about Web Application Proxy

Web Application Proxy enables you to publish selected HTTP- and HTTPS-based applications from your corporate network to client devices outside of the corporate network. It can use Active Directory Federation Services (AD FS) to ensure that users are authenticated before they gain access to published applications. Web Application Proxy also provides proxy functionality for AD FS servers.

Topics in this section

• Web Application Proxy must be configured before it is used

• Web Application Proxy: The external and backend server URLs are different and URL translation is disabled

• Web Application Proxy: The service is not configured to run automatically

• Web Application Proxy: The AD FS Proxy service is not configured to run automatically

• Web Application Proxy: This server is not included in the ConnectedServersName list

• Web Application Proxy: The ConfigurationChangesPollingIntervalSec value is high

• Web Application Proxy: Application is using an external certificate that is not yet valid

• Web Application Proxy: Application is using an external certificate that is about to expire

• Web Application Proxy: Application is using an external certificate that has no private key

• Web Application Proxy: Application is using an external certificate that has expired

• Web Application Proxy: Application is configured to use an external certificate that is not present on this server

• Web Application Proxy: Some applications are configured to perform backend authentication using Integrated Windows authentication but the server is not joined to a domain

• Web Application Proxy: A cluster of Web Application Proxy servers is deployed and DirectAccess is also installed