About the Endpoint Session Cleanup component
Published: January 11, 2010
Updated: February 15, 2013
Applies To: Unified Access Gateway
Some of the Forefront Unified Access Gateway 2010 SP3 features discussed in this article may be deprecated and may be removed in subsequent releases. For a complete list of deprecated features, see Features Deprecated in Forefront UAG SP3.
The Forefront Unified Access Gateway (UAG) Endpoint Session Cleanup component deletes persistent data that is downloaded to a client endpoint from the sites protected by Forefront UAG or data related to the Forefront UAG session that is created by the client endpoint browser. This occurs when:
A Forefront UAG session ends, for example, when the user closes the browser.
When the user logs off from a Forefront UAG site by using the site’s logoff mechanism.
During a scheduled logoff, or a scheduled cleanup.
After an unscheduled power outage, or an unscheduled reboot.
The Endpoint Session Cleanup component deletes items that are saved in the browser’s cache during the session, such as Web pages, cookies, and also application-specific cached files that are stored in the application’s temporary folder. The Endpoint Session Cleanup component also deletes items that are saved in the browser’s offline folder. These include files that were opened from within the browser for editing by an external application, such as an Office application (for example, a document that was opened via the browser for editing in Microsoft Office Word). The offline folder is cleaned only when all Forefront UAG sessions on the client endpoint end. Only items that were written to the offline folder after the Endpoint Session Cleanup component was first activated during the initial login, are deleted.
Optionally, you can configure the Endpoint Session Cleanup component to delete items that are saved outside the cache, including the browser history, Web address auto complete, intelliforms, forms autocomplete, and cached passwords. The Endpoint Session Cleanup component deletes these items only when the component shuts down, and not at the end of each session. If the user closes the browser without first logging out of the site, the Endpoint Session Cleanup component does not shut down immediately; it shuts down only on the next scheduled logoff or scheduled cleanup. Note that all items are deleted according to the DOD 5220.22-M standard.
The Endpoint Session Cleanup component includes a built-in crash recovery mechanism that ensures that all items are removed even under extreme circumstances, such as a power shutdown. If, under those circumstances, the component is terminated without deleting all of the required items, when the computer is next started, the component automatically runs and cleans up any remaining items.
Endpoint Session Cleanup is one of the Forefront UAG client endpoint components which users are prompted to download when they try to access a Forefront UAG site, prior to logon. You can set a client endpoint policy whereby users can access a site or launch an application only if the Endpoint Session Cleanup component is running on the client.