Introducing Forefront Unified Access Gateway

  • Article

Hi!

In the last blog post Oleg wrote about the UAG Beta becoming available in a couple of weeks. I've been working with the team for the past nine years and I'm now excited to give you an overview of what we actually did in the new Forefront Unified Access Gateway (UAG). If we were to describe where it is we want to take UAG, the following sentence would sum it up:

Provide employees, partners and customers with seamless, secure access to any application or resource, from any device on any network

The great thing about UAG is that it is a comprehensive solution for corporate resource access. UAG adds seamless network connectivity with DirectAccess and greatly improves the publishing experience for Exchange, SharePoint, TSG and Dynamics CRM, coupled with new authentication combinations and enhanced scalability options. Whew! That was a long sentence :-)
Let me break what we've done into three main themes: Unified remote access, Business productivity and Enterprise readiness. In the following paragraphs I will list the main features. This is just to whet your appetite. The actual drilldown will happen in the following posts, so come back later to read the details!

Unified Remote Access

  • New and optimized ways to easily configure secure publishing of SharePoint, Exchange (including integrated Outlook Anywhere) and Dynamics CRM
  • DirectAccess - seamless, always-on, secure connectivity to on-premise and remote users alike. Just turn on your machine, log into windows and you are connected to the corporate network!
  • Comprehensive combination of connectivity options: traditional IP VPN, SSL VPN, SSTP, Remote Desktop Services including TSG integration and RemoteApp publishing, and mobile access. Whatever your users need to get their work done remotely you can manage on just one server!

Business Productivity

  • Optimized for employee remote access with a revamped portal catering to Internet Explorer as well as other leading browsers and mobile devices.
  • Secure partner access to line-of-business applications - using ADFS integration
  • Granular identity and health-based policy for improved risk management and compliance based on endpoint health detection.

Enterprise Ready

  • Scalable solution through performance enhancements, as well as gateway and backend load balancing - supporting NLB and web farm load balancing (WFLB).
  • Centralized management, reporting and logging - with Array Management, SCOM support and SQL logging.
  • Support for multiple strong authentication methods in combination with Kerberos Constrained Delegation, Integrated Windows Authentication, NTLM and more!
  • Virtualization ready.
  • Heavy investments in Secure Development Cycle (SDL) to produce secure design and secure code.

That’s it for the overview. Starting from the next blog post you will be getting all the juicy details straight from the source, beginning with Meir’s “Remote Access Technologies of the World - Unite!”.

Noam Ben-Yochanan,
PM Architect, UAG Team