Our SSO solution leverages one ADFS server located on your local network, and one located in the Windows Azure cloud services. To make this configuration work with your existing Active Directory, we use Windows Azure AD with Active Directory Sync to authenticate users who connect to the ADFS server located in the cloud.
Optionally, we can also deploy a backup domain controller to Azure for additional fault tolerance and the ability to leverage additional cloud based virtual servers that are joined to your AD domain. In this case, we also configure a virtual network gateway to connect Windows Azure to your local network.
A virtual network gateway is a dedicated connection between your cloud servers and your local network, making every Azure Virtual Machine equally accessible to resources at your local office. If you plan on doing a lot with Windows Azure, then make sure that we set this up for you.