Cégep de Trois-Rivières
University Access to Canadian Access Federation Services
InCommon / eduGAINDescription Goes Here
The Cirrus Bridge federation adapter for Microsoft AzureAD enabled a quick connection to services provided through the Canadian Access Federation.
The faculty at Cégep de Trois-Rivières wanted to use the plagiarism identification software Compiliatio that is provided through the Canadian Access Federation (CAF) and eduGAIN. However, AzureAD does not natively support multi-lateral federation required. To enable use of Compiliatio and be ready for other CAF/eduGAIN service integrations in the future, Cégep de Trois-Rivières needed the Cirrus Bridge, a federation adapter, to support multi-lateral federation.
Since this was Cirrus’ first CAF implementation, Cirrus needed to configure multi-national inter-federation access controls with CAF, GÉANT and InCommon.
Setup AzureAD to connect to Canadian Access Federation (CAF) to enable the use of Compiliatio
Partner with IAM professionals so the small IT team at Cégep de Trois-Rivières could focus on other priorities
Provide an intuitive and transparent login experience for faculty through the AzureAD login screen. No training required for users - they see the screen they know and trust
Enable MFA configuration in AzureAD to enforce future mandatory requirements for 2-factor authentication to services/applications
Incrementally add CAF SPs prioritized by the campus
Utilize cloud hosting to minimize ongoing administration
How Cirrus Helped
First, Cirrus worked with the Canadian Access Federation (CAF) and the Canadian Microsoft teams to establish a registration for Cégep de Trois-Rivières with CAF. Now that Cirrus has established the first customer registration with the CAF, future integrations for other Canadian higher education institutions will be streamlined.
Cirrus and Cégep de Trois-Rivières then identified the attributes to assert for authentication with Compiliatio and navigated the France Connect (France Access Federation) and InCommon attribute usage to support multi-federation integrations.
The Cirrus Bridge was easily configured in Azure AD and the faculty can access Compiliatio by entering their Cégep de Trois-Rivières account and password in the AzureAD login screen they are accustomed to seeing. No end user training was required.
After the Bridge was implemented, Cégep de Trois-Rivières administrators were able to quickly configure MFA and new conditional access in AzureAD. This was used to enforce a requirement that all users must be in Canada for access to login. The requirement was easily implemented since all SPs are behind the Cirrus Bridge and managed through AzureAD. The Cégep de Trois-Rivières team is now in a good position to address future security requirements and utilize dynamic monitoring for all services/applications - including those provided through CAF/eduGAIN.
"We didn’t have the time to implement Shibboleth and were happy not to. Good possibilities without the hassle. We can react to new security requirements - easy, fast and compliant."
Intuitive User Experience - Faculty use the same login screen and their own credentials!
Reduced IT Staff Labor - Staff do not have to learn, implement and maintain Shibboleth. With the labor savings, they can focus on top priorities!
Faster Solutions for Federation - The Bridge extended AzureAD now Cégep de Trois-Rivières can leverage more CAF services.
Security - Security requirements can be configured once and uniformly enforced.
"We had heard positive feedback on Cirrus and were happy to have you on our side. We started with a good first impression and increased our confidence through the project. Future projects are now easier and faster. "
Cirrus Products Used
Extends or translates CAS/SAML for use with Microsoft AzureAD, Okta, Slate or other commercial services to support InCommon/EduGAIN/CAF mesh style federation.