Free Sample
+ Collection
Code Files

Microsoft Forefront UAG 2010 Administrator's Handbook

Starting
Erez Ben-Ari, Ran Dolev

Integrating UAG into your organization’s network will always be a challenge, but this manual will make life easier. It’s the only book solely dedicated to UAG and covers everything with a simple, user-friendly approach.
$35.99
$59.99
RRP $35.99
RRP $59.99
eBook
Print + eBook

Want this title & more?

$12.99 p/month

Subscribe to PacktLib

Enjoy full and instant access to over 2000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

Book Details

ISBN 139781849681629
Paperback484 pages

About This Book

  • Maximize your business results by fully understanding how to plan your UAG integration
  • Consistently be ahead of the game by taking control of your server with backup and advanced monitoring
  • An essential tutorial for new users and a great resource for veterans
  • Uncover the advantages and ease of use of Direct Access, the latest VPN technology from Microsoft
  • Packed with detailed explanations of concepts, terms and technologies, with hand-in-hand guidance through the tough parts
  • Includes the most updated information, up to and including Service Pack 1 for UAG 2010

Who This Book Is For

If you are a Networking or Security engineer who intends to integrate UAG into the organization network, then this book is for you. You need no experience with UAG or its predecessors, though basic understanding of Networking and Windows Server management and engineering is required. Experience with security systems like Firewalls would also help you to better understand some of the topics covered by this book.

Table of Contents

Chapter 1: Planning Your Deployment
Basic principles
How UAG works
Software requirements
Hardware requirements
Considerations for placing the server
Planning the networking infrastructure
Domain membership
Planning remote connectivity
Load balancing and high availability
Choosing clients
From test to production
Tips for a successful deployment
Summary
Chapter 2: Installing UAG
What the installation contains
Preparing your server
Installation
Post installation issues
Summary
Chapter 3: UAG Building Blocks
What are trunks and applications?
Types of trunks
Types of applications
What is URL signing and how does it work?
Designing your trunks, applications, and nesting
Some common applications and the appropriate templates
DNS name resolution
Preparing for an HTTPS trunk
Creating an HTTPS trunk
Publishing an HTTP trunk
What happens when you add a trunk?
Summary
Chapter 4: Publishing Web Applications
The four steps to application publishing
Application specific hostname applications versus Portal hostname applications
The Add Application Wizard
Application order
Considerations for Exchange publishing
Considerations for SharePoint publishing
Sharepoint and IE security enhancements
What is the Active Directory Federation Services 2.0 application?
Certificate validation for published web servers
Did you remember to activate?
Summary
Chapter 5: Advanced Applications and Services
Advanced application types
Remote connectivity
Configuring browser embedded applications
Configuring client/server applications
Local Drive Mapping
Remote Network Access
SSL Network Tunneling (Network Connector)
SSTP
Remote Desktop applications
Remote Desktop RDG templates
Remote Desktop considerations
File Access
Summary
Chapter 6: Authenticating and Controlling Access
UAG session and authentication concepts
Trunk level authentication settings
Authentication servers
Application level authentication settings
Application authorization settings
AD FS 2.0
Summary
Chapter 7: Configuring UAG Clients
What are the client components?
Supported platforms
Installing and uninstalling the client components
Preemptive installation of the components
Checking the client components version
The trusted sites list
Don't need the Client components?
Summary
Chapter 8: Endpoint Policies
What endpoint policies can do and how they work?
Endpoint policies access type
Platform specific policies
Assigning endpoint policies
Built-in policies
Choosing or designing the appropriate policies for your organization
Creating policies using the policy editor
Editing policies in script mode
Configuring upload and download settings
Configuring restricted zone settings
Certified Endpoints
Integration with Network Access Protection
How does NAP work?
Configuring UAG to use NAP
Summary
Chapter 9: Server Maintenance and Upkeep
Who needs monitoring?
The UAG activation monitor
The UAG Web Monitor
Configuring UAG event logging
UAG services
UAG and the System Event Log
Publishing the UAG Web Monitor
Live Monitoring using TMG
The Windows Performance Monitor
Running a server trace
Updating the server with Windows Updates
Updating the server with UAG updates
Other updates
Antivirus on the server and other tools
Backing up UAG
Restoring UAG (to itself, and to other servers)
Summary
Chapter 10: Advanced Configuration
Basic trunk configuration
Advanced configuration overview
The General tab
The Authentication tab
The Session tab
The Application Customization tab
The Portal tab
The URL Inspection tab
Global URL Settings and URL Set tabs
Rule editing and modification
NLB and Arrays
Adding load balancing into the mix
Putting it all together
Summary
Chapter 11: DirectAccess
What's in it for me?
A little bit of history
How does DirectAccess work?
IPSec and its tunnels
IPv6—what's the big deal?
Hardware considerations
Connecting your server to the Internet
The Network Location Server
More infrastructure considerations
Client connection modes
Setting up the IP-HTTPS public site
DirectAccess name resolution
ISATAP, DNS64, and NAT64
Tunneling mode
DirectAccess Connectivity Assistant
Putting it all together
Wizard Rime
Keeping an eye on the server
Trouble?
Summary
Chapter 12: Troubleshooting
Whodunnit?
Administrative errors
Portal and Trunk issues
Application issues
Client issues
Customization issues
General errors
What's next?
Summary

What You Will Learn

  • Understand how UAG can help your organization with secure remote access.
  • Plan and design the integration of UAG into your unique environment.
  • Create trunks and publish all kinds of applications on them.
  • Enable VPN access for multiple platforms.
  • Design and implement DirectAccess for your organization.
  • Manage endpoint security with advanced policies.
  • Monitor, maintain and secure your Microsoft server.
  • Integrate UAG with multiple infrastructures and platforms.
  • Discover various types of applications UAG can publish, and how to publish them.
  • Learn how to provide remote access to your users or partners using SSL technology.
  • Take advantage of single sign-on with low administrative overhead and high security.
  • Integrate UAG with existing authentication infrastructure like Active Directory.
  • Gain knowledge of advanced endpoint management for ultimate security in a world of unknowns.
  • Perform troubleshooting and solve problems like the pros.
  • Integrate UAG with AD FS V2 for maximum corporate flexibility and security.
  • Discover how to publish Microsoft Office SharePoint Server 2007 and 2010 securely
  • Find out how UAG interacts with TMG 2010 (the successor to ISA server 2004)

In Detail

Microsoft Forefront Unified Access Gateway (UAG) is the latest in a line of Application Publishing (Reverse Proxy) and Remote Access (VPN) Server products. The broad set of features and technologies integrated into UAG makes for a steep learning curve. Understanding all the features and abilities of UAG is a complex task that can be daunting even to experienced networking and security engineers.

This book is the first to be dedicated solely to Microsoft Forefront UAG. It guides you step-by-step throughout all the stages of deployment, from design to troubleshooting. Written by the absolute experts who have taken part of the product’s development, official training and support, this book covers all the primary features of UAG in a friendly style and a manner that is easy to follow. It takes you from the initial planning and design stage, through deployment and configuration, up to maintenance and troubleshooting.

The book starts by introducing UAG's features and and abilities, and how your organization can benefit from them. It then goes on to guide you through planning and designing the integration of the product into your own unique environment. Further, the book guides you through the process of publishing the various applications, servers and resources - from simple web applications to complex client/server based applications. It also details the various VPN technologies that UAG provides and how to take full advantage of them. The later chapters of the book educate you with common routine “upkeep” tasks like monitoring, backup and troubleshooting of common issues. Finally, the book includes an introduction to ASP, which some of the product's features are based on, and can help the advanced administrator with enhancing and customizing the product.

Authors

Read More

Recommended for You

Mastering Microsoft Forefront UAG 2010 Customization
$ 29.99
Instant Microsoft Forefront UAG Mobile Configuration Starter
$ 16.00
Implementing Microsoft Forefront Unified Access Gateway 2010 [Video]
$ 25.50
Enterprise Identity Management with Microsoft Forefront Identity Management [Video]
$ 25.50