mohit saxena -...
TRANSCRIPT
Session Objectives And Takeaways
UAG Overview & Vision
Deep dive to some features:Array
NLB
Remote Desktop Services
Portal
Exchange
The new information workplace
5
Partner
Organization
Home
Mobile Devices
USB Drive
The flow of information has no boundaries
Information is shared, stored and accessed
outside the control of its owner
UAG Solution Architecture
DirectAccess
HTTPS (443)
Layer3 VPN
Data Center / Corporate Network
Business Partners /
Sub-ContractorsAD, ADFS,
RADIUS, LDAP….
Home / Friend /
Kiosk
Employees Managed
Machines
Mobile
Exchange
CRM
SharePoint
IIS based
IBM, SAP, Oracle
Terminal /
Remote Desktop
Services
Non web
NPS, ILM
Internet
UAG Vision
Increasingly, people envision a world of anywhere access - a world in which the information, the communities, and the content that they value is available instantly and easily, no matter where they are.Bill GatesEnabling Secure Anywhere Access in a Connected World, Feb 2007
Roadmap
Today Tomorrow
Protection
Access
Forefront Edge Security and Access products provide enhanced network edge protection and application-centric, policy-based access to corporate IT infrastructures
• Deliver simple and secure remote access to Exchange from any location or device through integrated SSL VPN capabilities.
• Improve productivity by easily publishing client/server applications and networking resources alongside messaging.
Anywhere Access
• Drive compliance using out-of-the-box rules and policies created for Exchange.
• Easily integrate strong authentication and endpoint health assessment into Exchange security policies.
• Limit information access and prevent data leakage.
Integrated Security
• Easily create and publish remote access policies for Outlook Web Access, Outlook Anywhere, and ActiveSync.
• Manage all remote access to Exchange through single gateway.
• Scale remote access deployments for Exchange with integrated load balancing.
Simplified Management
UAG is optimized for the broad range of Exchange solutions, delivering
secure, anywhere access for employees and partners.
+
• Deliver a simple and secure remote user experience for SharePoint through integrated SSL VPN capabilities.
• Extend SharePoint portal functionality by integrating client/server applications and networking resources.
• Enables easy, secure access to multiple SharePoint portals through integration with Active Directory and web-based single sign-on.
Anywhere Access
• Drive compliance through out-of-the-box rules and built-in policies for SharePoint.
• Easily integrate strong authentication and endpoint assessment into access policies.
• Limit information access and prevent data leakage.
Integrated Security
• Easily create and publish remote access policies for SharePoint extranets.
• Manage all remote access to SharePoint through a single gateway.
• Simplify deployment and ongoing tasks through wizards and built-in policies.
Simplified Management
UAG is optimized for SharePoint, delivering secure, anywhere access
for your employees, partners and customers.
+
DirectAccessProviding seamless, secure access to enterprise
resources from anywhere
− Provides seamless, always-on, secure connectivity to on-premise and remote users alike
− Eliminates the need to connect explicitly to corpnet while remote
− Facilitates secure, end-to-end communication and collaboration
− Leverages a policy-based network access approach
− Enables IT to easily service/secure/update/provision mobile machines whether they are inside or outside the network
− Available in Windows 7 and Windows Server 2008 R2
SSL-VPN
+
Always On
IPv6 IPv6
IPv4IPv6
orIPv4
UAG and DirectAccess better together:
Extends access to line of business servers with IPv4 support
Access for down level and non Windows clients
Enhances scalability and management
Simplifies deployment and administration
Hardened Edge Solution
UAG In a GlanceWeb
Application
PublishingSSL VPN
Layer 3 VPNSSL Network
Tunneling, SSTP
Terminal
ServicesRemoteApps,
RemoteDesktop,
VDI
DirectAccess
Enhanced Authentication & Identity
Unified Management
Enterprise Readiness
Enhanced Protection – Edge Ready
Interoperability
Array
Array is a set of UAG machines which:
Share the same configuration (trunks, applications)
Managed as a unit
Why?
Increased Availability
Increased Scalability
Centralized Management
How?
One node serves as the “manager”
Other nodes are “members”
Configuration is propagated from manager to members
Internal
External
UAG array
member
UAG Array
Manager
UAG array
member
Integrated NLB
Once array is setup, admin can easily configure and activate Windows NLB from within UAG console:
RD/TS Client
(MSTSC)
RD/TS Client
(MSTSC)
Remote Desktop (AKA Terminal Services)
UAG seamlessly integrates Remote Desktop Gateway (RDG/TSG) to provide application level gateway for TS applications.
IAGRD Session
Host(TS Server)
HTTPS Tunnel
RDP
UAG
+
RDG
RDP over HTTPS RDP
RD Session
Host(TS Server)
Remote Desktop (AKA Terminal Services)
Brings VPN, RemoteApps, RemoteDesktop and Web applications together:
Same portal
Integrated management
Single sign-on
Enhanced Security
Granular policies based on client health: No anti-virus no driver sharing
Exchange Publishing
OutlookAnywhere
InternetHTTPS (443)
UAGOutlook Web Access
ActiveSync
Client Access Server
Authentication
End-point health detection
Enterprise Readiness
Edge Ready
Load Balancing
SSO
Client Access Server
Client Access Server
More UAG Features
SharePoint 2010, SharePoint 2010 Mobile
Integrated SSTP support
NAP integration
SCOM Management Pack
and more…
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.