Mohit SaxenaSenior Technical LeadMicrosoft Corporation

Session Objectives And Takeaways

UAG Overview & Vision

Deep dive to some features:Array

NLB

Remote Desktop Services

Portal

Exchange

Today's workforce is mobile…

The new information workplace

5

Partner

Organization

Home

Mobile Devices

USB Drive

The flow of information has no boundaries

Information is shared, stored and accessed

outside the control of its owner

UAG Solution Architecture

DirectAccess

HTTPS (443)

Layer3 VPN

Data Center / Corporate Network

Business Partners /

Sub-ContractorsAD, ADFS,

RADIUS, LDAP….

Home / Friend /

Kiosk

Employees Managed

Machines

Mobile

Exchange

CRM

SharePoint

IIS based

IBM, SAP, Oracle

Terminal /

Remote Desktop

Services

Non web

NPS, ILM

Internet

UAG Vision

Increasingly, people envision a world of anywhere access - a world in which the information, the communities, and the content that they value is available instantly and easily, no matter where they are.Bill GatesEnabling Secure Anywhere Access in a Connected World, Feb 2007

Roadmap

Today Tomorrow

Protection

Access

Forefront Edge Security and Access products provide enhanced network edge protection and application-centric, policy-based access to corporate IT infrastructures

• Deliver simple and secure remote access to Exchange from any location or device through integrated SSL VPN capabilities.

• Improve productivity by easily publishing client/server applications and networking resources alongside messaging.

Anywhere Access

• Drive compliance using out-of-the-box rules and policies created for Exchange.

• Easily integrate strong authentication and endpoint health assessment into Exchange security policies.

• Limit information access and prevent data leakage.

Integrated Security

• Easily create and publish remote access policies for Outlook Web Access, Outlook Anywhere, and ActiveSync.

• Manage all remote access to Exchange through single gateway.

• Scale remote access deployments for Exchange with integrated load balancing.

Simplified Management

UAG is optimized for the broad range of Exchange solutions, delivering

secure, anywhere access for employees and partners.

+

• Deliver a simple and secure remote user experience for SharePoint through integrated SSL VPN capabilities.

• Extend SharePoint portal functionality by integrating client/server applications and networking resources.

• Enables easy, secure access to multiple SharePoint portals through integration with Active Directory and web-based single sign-on.

Anywhere Access

• Drive compliance through out-of-the-box rules and built-in policies for SharePoint.

• Easily integrate strong authentication and endpoint assessment into access policies.

• Limit information access and prevent data leakage.

Integrated Security

• Easily create and publish remote access policies for SharePoint extranets.

• Manage all remote access to SharePoint through a single gateway.

• Simplify deployment and ongoing tasks through wizards and built-in policies.

Simplified Management

UAG is optimized for SharePoint, delivering secure, anywhere access

for your employees, partners and customers.

+

DirectAccessProviding seamless, secure access to enterprise

resources from anywhere

− Provides seamless, always-on, secure connectivity to on-premise and remote users alike

− Eliminates the need to connect explicitly to corpnet while remote

− Facilitates secure, end-to-end communication and collaboration

− Leverages a policy-based network access approach

− Enables IT to easily service/secure/update/provision mobile machines whether they are inside or outside the network

− Available in Windows 7 and Windows Server 2008 R2

SSL-VPN

+

Always On

IPv6 IPv6

IPv4IPv6

orIPv4

UAG and DirectAccess better together:

Extends access to line of business servers with IPv4 support

Access for down level and non Windows clients

Enhances scalability and management

Simplifies deployment and administration

Hardened Edge Solution

Now lets deep dive into the features….

UAG In a GlanceWeb

Application

PublishingSSL VPN

Layer 3 VPNSSL Network

Tunneling, SSTP

Terminal

ServicesRemoteApps,

RemoteDesktop,

VDI

DirectAccess

Enhanced Authentication & Identity

Unified Management

Enterprise Readiness

Enhanced Protection – Edge Ready

Interoperability

Array

Array is a set of UAG machines which:

Share the same configuration (trunks, applications)

Managed as a unit

Why?

Increased Availability

Increased Scalability

Centralized Management

How?

One node serves as the “manager”

Other nodes are “members”

Configuration is propagated from manager to members

Internal

External

UAG array

member

UAG Array

Manager

UAG array

member

Integrated NLB

Once array is setup, admin can easily configure and activate Windows NLB from within UAG console:

RD/TS Client

(MSTSC)

RD/TS Client

(MSTSC)

Remote Desktop (AKA Terminal Services)

UAG seamlessly integrates Remote Desktop Gateway (RDG/TSG) to provide application level gateway for TS applications.

IAGRD Session

Host(TS Server)

HTTPS Tunnel

RDP

UAG

+

RDG

RDP over HTTPS RDP

RD Session

Host(TS Server)

Remote Desktop (AKA Terminal Services)

Brings VPN, RemoteApps, RemoteDesktop and Web applications together:

Same portal

Integrated management

Single sign-on

Enhanced Security

Granular policies based on client health: No anti-virus no driver sharing

Portal

Exchange Publishing

OutlookAnywhere

InternetHTTPS (443)

UAGOutlook Web Access

ActiveSync

Client Access Server

Authentication

End-point health detection

Enterprise Readiness

Edge Ready

Load Balancing

SSO

Client Access Server

Client Access Server

UAG Beta Portal

More UAG Features

SharePoint 2010, SharePoint 2010 Mobile

Integrated SSTP support

NAP integration

SCOM Management Pack

and more…

http://microsoft.com/technet

Resources for IT Professionals

http://microsoft.com/msdn

Resources for Developers

www.microsoft.com/learning

Microsoft Certification & Training Resources

Resources

Complete an

evaluation on

CommNet and

enter to win!

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,

IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.