Why publish Remote Desktop Services with Forefront UAG?

Published: January 11, 2010

Updated: February 1, 2011

Applies To: Unified Access Gateway

Publishing Remote Desktop Services (RDS) via Forefront Unified Access Gateway (UAG) provides the following benefits:

  • Authentication─Authentication benefits include:

    • Strong authentication methods─Forefront UAG enhances authentication by providing a wide range of additional authentication methods, including smartcards, one-time passwords, and token authentication.

    • Preauthentication─You can require that users authenticate to the Forefront UAG server, ensuring that only authenticated traffic reaches RDS servers published via Forefront UAG.

    • Single sign on (SSO)─Forefront UAG adds single sign-on functionality for RDS. The credentials provided by the user for session login can be used to authenticate to published RemoteApps.

  • Access control and endpoint health─Forefront UAG enhances the authorization checks of the RD Gateway by enabling end user health checks. This is important when determining which remote application capabilities (driver mapping, printers, or clipboard integration), other than the basic screen and keyboard, are available to end users.

    Forefront UAG can verify endpoint health by using inbuilt access policies, Network Access Protection (NAP) policies, or a combination of inbuilt policies and NAP policies. You can create proprietary Forefront UAG access policies, or use access policies downloaded from a Network Policy Server (NPS).

  • Single point of access─You can provide access to all Remote Desktops and RemoteApps from a single Forefront UAG portal.

  • Ease-of-management—RD Gateway integration allows you to configure and manage RD Gateway from within the Forefront UAG Management console.

  • Deployment and high-availability─By deploying an array of Forefront UAG servers to publish RDS, and implementing Forefront UAG integrated network load balancing across the array nodes, you provide high availability to the RemoteApps and Desktop Connections that you publish.