Forefront UAG provides secure remote access by publishing corporate applications and resources for access by managed and unmanaged client endpoints, or by deployment of Forefront UAG DirectAccess. This download provides a security policy .xml template that can be used in conjunction with the Windows 2008 R2 Server Security Configuration Wizard (SCW) to harden Forefront UAG servers.
This download provides a security policy .xml template that can be used in conjunction with the Windows 2008 R2 Server Security Configuration Wizard (SCW) to harden Forefront UAG servers in accordance with recommended settings.
The Windows 2008 R2 Server SCW helps you to create, edit, apply, or roll back a security policy based on the selected roles of the server. The security policies that are created with the SCW are .xml files that, when applied, modify services, network security, specific registry values, audit policy, and if applicable, Internet Information Services (IIS). This download provides a security policy .xml template for a Forefront UAG role. When you run the SCW and apply this template, Forefront UAG settings are hardened in accordance with settings specified in the .xml file.
Note that after applying this template, you cannot rollback the template using the SCW. Instead, export the Forefront UAG configuration on each server before you run the SCW, and then revert back to this configuration if rollback is required.
Supported Operating Systems: Windows Server 2008 R2
Windows Server 2008 R2 64-bit Standard Edition
Windows Server 2008 R2 64-bit Enterprise Edition
Windows Server 2008 R2 64-bit DataCenter Edition
A computer with a 64-bit processor
1. Download the zip file UAG2010_SCW.ZIP included on this page, and extract UAG2010_SCW.XML
2. On each Forefront UAG server that you want to harden, click Start, point to Administrative Tools, and click Security Configuration Wizard.
3. On the Configuration Action page of the wizard, click Apply an existing security policy, and click Browse to locate the extracted XML file.
4. On the Select Server page, type the name of the server to which the policy will be applied.