Microsoft Forefront - Unified Access Gateway (UAG) Presentation
Upcoming SlideShare
Loading in...5

Microsoft Forefront - Unified Access Gateway (UAG) Presentation






Total Views
Views on SlideShare
Embed Views



1 Embed 15 15



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • Can not open the file it is asking for text converter. any help...
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Microsoft Forefront - Unified Access Gateway (UAG) Presentation Microsoft Forefront - Unified Access Gateway (UAG) Presentation Presentation Transcript

  • Unified Access Gateway (UAG) December 2009 Brendan Foley Uri Lichtenfeld Director Product Manager Identity & Security Business Group
  • Agenda • Business Challenges • Business Ready Security • Overview of Forefront Unified Access Gateway − Anywhere Access − Integrated Security − Simplified Management • Demo • Licensing & Pricing • Summary November 2006
  • Business Challenges Threats Current Solutions Business Landscape Increased Product volume proliferation Greater Lack of sophistication integration Profit High cost of motivated ownership Security not aligned to business needs and new opportunities View slide
  • Business Ready Security Help securely enable business by managing risk and empowering people Identity Highly Secure & Interoperable Platform from: to: Block Enable Cost Value Siloed Seamless View slide
  • Business Ready Security Solutions Secure Messaging Secure Collaboration Secure Endpoint Information Protection Identity and Access Management
  • UAG delivers secure, anywhere access to messaging, collaboration and other applications, increasing productivity while maintaining compliance with policy. Anywhere • Employees/partners/customers are productive from anywhere • Simple and secure, optimized for SharePoint / Exchange Access • Extend networking connectivity with Windows DirectAccess. • Protects IT assets through fine-grained, built-in access policies Integrated • Easily enables a variety of strong authentication methods. Security • Helps limit exposure and data leakage • Consolidates remote access infrastructure Simplified • Simplifies deployment and ongoing tasks through wizards and Management built-in policies. • Delivers a simplified user experience, reducing support costs
  • How It Works Challenge: wide variety of devices and platforms increases risk UAG continually inspects and TCO. traffic and blocks How: User initiates access from Data Center / Corporate Network applications or browser; UAG then verifies user transactions that are identity and health of device and deemed risky Exchange from that provides appropriate access. user/location. CRM Mobile SharePoint IIS based IBM, SAP, Oracle Home / Kiosk Layer3 VPN TS/ RDS Internet HTTPS (443) Administrator Citrix configures granular DirectAccess access policy, based on identity of user and web Non health of device Solution: Leverage Business Partners UAG to consolidate AD, ADFS, access methods and RADIUS, LDAP…. deliver a consistent user Need: Remote workers policy experience and and NPS, ILM partners require secure Access access from anywhere. attempts are Employees logged and Managed Machines auditable.
  • Anywhere Access Forefront UAG: A key enabler of DirectAccess UAG extends the benefits of Windows DirectAccess across your infrastructure, enhancing scalability and simplifying deployments and ongoing management
  • UAG and DirectAccess better together: Extends access to line of business servers with IPv4 support Access for down level and non Windows clients Enhances scalability and management Simplifies deployment and administration Hardened Edge Solution Always On IPv6 SSL-VPN + IPv4
  • Anywhere Access Simple, secure access optimized for SharePoint . . . • Secure Remote Access for SharePoint. Enabling employees, partners and customers access to SharePoint from virtually any location or device. • Integrates SSL VPN Into SharePoint By integrating its menu as a Web-part, UAG can add access to client/server and network resources to any existing deployment. • Improved User Experience With enhanced web single-sign-on capabilities, UAG can deliver remote access to SharePoint portals and backend applications without requiring additional authentication.
  • Anywhere Access . . . And simple, secure access optimized for Exchange Publish all Exchange mail services as a single UAG application: • Easier publishing experience • Symmetrical topology for all front-end mail services Publish each Exchange service as a separate application: • Greater back-end topology
  • Integrated Security • Overlay granular access control to specific sites and/or features within sites • Built-in endpoint security policies (integrated with NAP) • Expanded authentication and authorization capabilities • Session clean-up and information leakage prevention • Integrated network security
  • Simplified Management • Simplifies deployment and ongoing tasks through wizards and built-in policies. • Simplified user experience - reducing support costs • Consolidates remote access infrastructure Step 2: Step 1: Provide the Choose the type All Step 3:internal name of application Configure the of the SharePoint to you wish same external publish. Server. name on your Done! SharePoint Server. Provide the external name.
  • Accessing SharePoint from managed and unmanaged clients
  • From IAG to UAG IAG UAG APPLICATION PUBLISHING Granular Application Filtering   Improved Session cleanup and removal   End point health detection   Improved INTEGRATION Integrated with NAP policies  New Remote Desktop and RemoteApp integration  New Extends and simplifies DirectAccess deployments  New SCALE AND MANAGEMENT Built in load balancing  New Array management capabilities  New Enhanced monitoring and management (SCOM)  New
  • UAG Form Factors • Server Software install (MSI) − Installs on hardware or virtual servers on Hyper-V or SVVP guest • Hardware appliance from OEM partners 16
  • How to Buy • Server License − OEM Partners: Customers can buy Forefront UAG as a physical appliance. This includes the underlying Windows Server 2003 R2 license. − Microsoft Volume Licensing: Customers can run Forefront UAG as software. These options require provisioning the Windows license from a customer’s existing agreement. • Client Access and Other Licenses − Microsoft Volume Licensing: Customers can buy Forefront UAG CALs, External Connectors, and SPLAs through Microsoft Volume Licensing. In addition to individual CALs, customers with large environments can purchase a 10,000 CAL pack.
  • Summary • Extends, scales and simplifies DirectAccess deployments • Delivers Anywhere Access to SharePoint, Exchange and more • Protects IT assets and limits exposure • Scalable and simple to deploy Download now! November 2006
  • © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Microsoft Confidential 19