Multiple Forefront UAG DirectAccess server infrastructure design
Published: January 11, 2010
Updated: February 1, 2010
Applies To: Unified Access Gateway
Forefront Unified Access Gateway (UAG) DirectAccess extends the benefits of Windows DirectAccess across your infrastructure, enhancing scalability, and simplifying deployments and ongoing management. Forefront UAG DirectAccess gives remote users the experience of being seamlessly connected to your internal network any time you have Internet access. Following the installation of Forefront UAG, you can configure a Forefront UAG server to act as a Forefront UAG DirectAccess server. In addition, multiple Forefront UAG servers can be gathered into an array to provide scalability and high availability. Traffic can be load balanced across array members, providing failover for remote endpoint requests.
The infrastructure design requirements for deploying an array of Forefront UAG DirectAccess servers include the following:
A domain controller running Windows Server 2003 or Windows Server 2008.
A DNS server running Windows Server 2008 is recommended.
A certificate infrastructure.
Requirements for DirectAccess client deployment.
Active Directory group requirements.
Protocol and port configuration for firewalls located in front of DirectAccess servers.
Network and routing requirements for an array deployment.
For a detailed list of infrastructure requirements for deploying Forefront UAG DirectAccess, see Forefront UAG DirectAccess prerequisites.
For a detailed list of infrastructure requirements for deploying Forefront UAG DirectAccess SP1, see Forefront UAG DirectAccess prerequisites for SP1.
For information about network and routing requirements for an array deployment, see Configuring NLB for a Forefront UAG DirectAccess array.
For information about infrastructure requirements for a hardware load balancer, see Configuring external load balancing for a Forefront UAG DirectAccess array.
For information about network and routing requirements for an array deployment in Forefront UAG DirectAccess SP1, see Configuring NLB for a Forefront UAG DirectAccess array in SP1.