Skip to main content

 

Implementing Forefront Unified
Access Gateway 2010

This course prepares you to design and deploy remote access solutions using Microsoft Forefront Unified Access Gateway 2010 (UAG). Forefront UAG provides organizations with unparalleled flexibility in providing access to network resources (such as Web sites and internal applications) with granular access control, custom content protection, and endpoint validation. Forefront UAG also integrates with DirectAccess, a new Windows 7 technology that provides seamless remote access to all corporate resources without connecting to a virtual private network. This course is intended for architects, consultants, network administrators, and technical sales professionals who are responsible for selling, designing, and deploying edge access solutions for enterprises.

Learning Resources

Published on: June 14, 2010

 
Step 1

Forefront UAG Overview

This module provides an overview of the features and capabilities of Forefront UAG, and the role it plays in enabling usage scenarios that are part of the Microsoft Business Ready Security strategy.

After completing this module, students will be able to:

  • Understand how Forefront UAG fits into the Microsoft Business Ready Security strategy solutions.
  • Describe the Forefront UAG solution and internal architectures.
  • Provide customers with licensing options for Forefront UAG.
Step 2

Forefront Unified Access Gateway Setup and Upgrade

This module covers the setup and configuration tasks for Forefront UAG, and describes how to migrate from Microsoft Intelligent Application Gateway 2007 (IAG) to Forefront UAG.

After completing this module, students will be able to:

  • Describe the Forefront UAG setup process.
  • Explain how customers can migrate from IAG to Forefront UAG.
Step 3

Forefront UAG Portal

In this module, you’ll understand the concept of a trunk in Forefront UAG, and how the product uses trunks to enable remote users to connect to internal applications. You’ll see the role of the Forefront UAG portals as front end interfaces for these users, and how Forefront UAG can be customized during deployments.

After completing this module, students will be able to:

  • Understand how Forefront UAG uses trunks and portals to provide access to internal resources.
  • Explain how to customize the Forefront UAG portal look and feel.
  • Describe how Forefront UAG detects the remote endpoint capabilities and how to customize this process.
Step 4

Publishing Web Applications

In this module, you will learn how to configure Forefront UAG to enable remote endpoints to have access to internal Web applications. You will see how to enable access to Microsoft Exchange and Microsoft SharePoint, and how to deploy federation using Active Directory Federation Services (AD FS).

After completing this module, students will be able to:

  • Publish Web applications to the Internet using Forefront UAG trunks.
  • Enable remote client access to Microsoft Exchange and Microsoft SharePoint services.
Step 5

Remote Desktop Gateway Publishing

In this module, you will see how Forefront Unified Access Gateway (UAG) allows you to provide access to published RemoteApps and Remote Desktops by integrating a Remote Desktop Gateway (RD Gateway) to provide an application-level gateway for Remote Desktop Services (RDS) and applications.

After completing this module, students will be able to:

  • Explain the benefits of using the Remote Desktop Gateway (RD Gateway) publishing feature.
  • Describe how Forefront UAG integrates with RD Gateway.
  • Explain how to configure Forefront UAG to publish RemoteApps, predefined Remote Desktops, and user-defined Remote Desktops.
Step 6

Remote Network Access

This module explains how you can configure remote access to the corporate network using the legacy Network Connector application or the Secure Sockets Tunneling Protocol (SSTP).

After completing this module, students will be able to:

  • Explain the different technologies used by Forefront UAG to enable remote access to the corporate network.
  • Describe how Forefront UAG integrates with Forefront TMG and Windows to provide SSTP VPN access to Windows 7 clients.
  • Configure Forefront UAG to provide remote network access using SSTP and the Network Connector.
Step 7

IPv6 and IPv6 Transition Technologies

This module provides an overview of the IPv6 protocol used by Forefront UAG DirectAccess, and the technologies associated with transitioning from IPv4 to IPv6 networking.

After completing this module, students will be able to:

  • Understand the limitations of the IPv4 protocol, and the benefits provided by IPv6.
  • Describe the addressing, routing, and name resolution characteristics of the IPv6 protocol.
  • Explain how ISATAP, 6to4, Teredo, and NAT64/DNS64 can be used to enable IPv6 connectivity over IPv4 networks.
Step 8

DirectAccess

This module gives an overview of DirectAccess, a technology enabled by Forefront UAG that provides seamless network access to Windows 7 clients.

After completing this module, students will be able to:

  • Understand the benefits provided by DirectAccess to users and IT organizations.
  • Describe the DirectAccess architecture and its components.
  • Understand the requirements and design decisions involved in a DirectAccess solution using Forefront UAG.
  • Configure DirectAccess using Forefront UAG.
Step 9

Endpoint Security Policies and NAP Integration

This module presents an overview of the policy evaluation and enforcement technologies for the Forefront UAG endpoints.

After completing this module, students will be able to:

  • Explain how Forefront UAG can enforce endpoint policies.
  • Configure Forefront UAG to use NAP for policy validation.
Step 10

Array Management

This module explores how Forefront UAG uses arrays to scale out to large deployments—improving the scalability and availability of the solution while reducing management overhead.

After completing this module, students will be able to:

  • Explain the benefits provided by using Forefront UAG arrays.
  • Describe the array management architecture, and the tasks involved in creating and managing an array.
  • Explain how the Network Load Balancing feature of Windows Server® is integrated into Forefront UAG.

Enterprise Deployment and Troubleshooting

This module covers the considerations involved in designing, deploying, and troubleshooting an enterprise access solution based on Forefront UAG.

After completing this module, students will be able to:

  • Describe the process of designing and deploying Forefront UAG in an enterprise environment.
  • Describe the tools and best practices for troubleshooting issues with Forefront UAG.