World Library  
Flag as Inappropriate
Email this Article

Microsoft Forefront Unified Access Gateway

Article Id: WHEBN0023263957
Reproduction Date:

Title: Microsoft Forefront Unified Access Gateway  
Author: World Heritage Encyclopedia
Language: English
Subject: Microsoft Servers, Microsoft Forefront Threat Management Gateway, Microsoft Forefront, UAG, DirectAccess
Publisher: World Heritage Encyclopedia

Microsoft Forefront Unified Access Gateway

Unified Access Gateway
Original author(s) Microsoft corporation
Developer(s) Whale Communications
Stable release 2010 with SP3 / 19 February 2013; 16 months ago (2013-02-19)[1]
Development status Active
Operating system Windows Server 2008 R2[2]
Platform x86-64[2]
Type Reverse proxy, virtual private network
License Trialware[3]
Minimum system requirements[2]
CPU 2.66 GHz; dual core; x86-64-compatible
Memory 4 GB
Hard disk drive space 2.5 GB
Operating system Windows Server 2008 R2 Standard or Enterprise edition
Other requirements The computer on which Forefront UAG is being installed should be devoid of all other software except its operating system.

Microsoft Forefront Unified Access Gateway (UAG), is a computer software solution that provides secure remote access to corporate networks for remote employees and business partners. It incorporates remote access technologies such as reverse proxy, virtual private network (VPN), DirectAccess and Remote Desktop Services. UAG was released in 2010, and is the successor for Microsoft Intelligent Application Gateway (IAG) which was released in 2007. UAG is part of the Microsoft Forefront offering.


Unified Access Gateway was originally developed by a startup company named Whale Communications in Rosh HaAyin, Israel. One of the challenges it tried to solve in the 1990s was to develop a remote access solution based on a VPN mechanism but without direct network access from the remote client to the corporate network.[4] This type of solution was specifically required by the Israeli military and government, to meet national information security standards.

The technology developed was called the Air Gap and the communication between the external network and internal network was managed by two separate 1U rack-mount servers linked together by a memory bank accessed through a SCSI interface.[5]

On 18 May 2006, Microsoft announced that it would be acquiring Whale Communications.[6] Microsoft completed the acquisition on 26 July 2006.[7][8] Following this acquisition, the product was renamed Microsoft Intelligent Application Gateway Server 2007. With this version, the SCSI-based Air Gap was dropped, and the product was unified as a single-server appliance. Instead of using the Air Gap as the security barrier, IAG used Microsoft's ISA Server firewall product. IAG was offered to the public as a pre-installed appliance by Celestix Networks, IVO Networks, PortSys and nAppliance. In 2009, with the release of Service Pack 2 for IAG, the product was also offered directly to the public from Microsoft in the form of a virtual appliance - a pre-installed VHD which could be run on Hyper-V or VMware Workstation.

In April 2008, Microsoft announced that the next generation of IAG will be named Forefront Unified Access Gateway. The product was released on 24 December 2009.[9] Service Pack 1 for this product was released on 3 December 2010.[10] Update 1 for Service Pack 1 was released on 17 October 2011[11] Service Pack 2 for this product was released on 6 August 2011.[12] Service Pack 3 was released on 19 February 2013[1]

Technical overview

Microsoft UAG provides secure socket layer (SSL) virtual private network (VPN), a Web application firewall, and endpoint security management (for compliance and security) that enable access control, authorization, and content inspection for a wide variety of line-of-business applications.

Included are customized granular access policy and security capabilities for Microsoft Exchange Server (2003, 2007 and 2010), Microsoft SharePoint Portal Server (2003, 2007 and 2010), Microsoft Terminal Services and Citrix Presentation Server. The product is highly customizable, and almost any application can be published With UAG.[13]

Out of the box UAG Server is able to work with many authentication vendors such as RSA Security, Vasco, GrIDsure, Swivel, ActivCard and Aladdin. It also works with numerous authentication systems and protocols such as Active Directory, RADIUS, LDAP, NTLM, Lotus Domino, PKI and TACACS+. Possible customizations include single-sign-on (SSO), as well as look-and-feel dynamic customization. With the current release of UAG with Update 2, the product also offers support for many third-party systems such as Linux, Macintosh and iPhone. The product also supports Mozilla Firefox.

UAG performs particularly well in providing a portal for web applications, such as web-based email and intranets, but it also provides full SSL VPN network access using either ActiveX (when using Internet Explorer) or Java components (when using Firefox, Opera, non Windows client such as Red Hat or Mac OS). These components can also perform end-point compliance checks before allowing access, to test for attributes on the PC such as domain name, antivirus definitions date or running processes.

The inclusion of DirectAccess with UAG has been a big influence on its success, as DirectAccess provides a very seamless VPN-like integration and is in high-demand by many organizations. DirectAccess is part of Windows, but UAG provides a very user-friendly configuration interface for it, making it easier to configure for administrators. UAG also adds two additional components - DNS64 and NAT64, which make deploying DirectAccess in an existing network easier, without the need to deploy IPv6.[14]

The product is sold in appliance form, from vendors such as IVO Networks, PortSys, Celestix Networks, and nAppliance. It is also offered as an installable DVD. The product can be installed on Windows Server 2008 R2.[15]

Version History

Version Release Date Version Number KB Number
Gold (no updates) 25 January 2010 4.0.1101.0 N/A
Sec Update MS10-089 9 Nov 2010 4.0.1101.052 2433585
Update 1 12 April 2010 4.0.1152.100 981323
U1 Rollup 1 18 May 2010 4.0.1152.110 981932
U1+Sec Update MS10-089 9 Nov 2010 4.0.1152.150 2433584
Update 2 21 September 2010 4.0.1269.200 2288900
U2+Sec Update MS10-089 9 Nov 2010 4.0.1269.250 2418933
Service Pack 1 RC 21 October 2010 4.0.1575.10000 N/A
Service Pack 1 14 January 2011 4.0.1752.10000 2285712
Service Pack 1 Rollup 1 3 February 2011 4.0.1752.10020 2475733
Service Pack 1 Rollup 2 (a.k.a. Q1 2011 Rollup) 6 April 2011 4.0.1752.10025 N/A
Security Update MS11-079 12 October 2011 4.0.1752.10073 2522485
SP1 + Sec Update MS12-026 10 April 2012 4.0.1753.10076 2649261
Service Pack 1 Update 1 13 October 2011 4.0.1773.10100 2585140
Service Pack 1 Update 1 Rollup 1 11 January 2012 4.0.1773.10110 2647899
SP1 U1 + Sec Update MS12-026 10 April 2012 4.0.1773.10190 2649262
Service Pack 1 Update 1 Rollup 2 12 June 2012 4.0.1773.10220 N/A
Service Pack 2 6 August 2012 4.0.2095.10000 2710791
Service Pack 3 20 February 2013 4.0.3123.10000 2744025
Service Pack 3 Rollup 1 15 April 2013 4.0.3206.10100 2827350

See also


Further reading

External links

  • Microsoft Forefront Unified Access Gateway Product Team Blog
  • Forefront Edge Security forum – Direct Access, UAG and IAG forum

This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.