Skip to main content


Showing posts from March, 2012

UAG endpoint detection and access policies

Endpoint detection and access policies are among the most important security features of the Unified Access Gateway (UAG). Naturally, the ability to evaluate the health of endpoint devices and to enforce certain requirements goes a long way towards enhancing overall security profile of any remote access solution and can play an essential role in implementing organization’s security in-depth strategy. UAG endpoint detection and access policies allow for an extremely detailed level of control. The policies can be applied at three different levels: Trunk – policies applied at this level will be enforced before a user logs on, and if the computer does not meet them, the user will not even reach the log-on page. Portal – policies applied at this level may prevent a user from accessing the portal application after the log-on. Application – policies applied at this level may block access to some or all published applications. When the user tries to access the UAG portal client compo

International Cloud

Just a couple of interesting Cloud Technologies related facts and points.  Please, see the original source for more information and a complete Infographic  

UAG Customization

One of the strong selling points of UAG 2010 is its extensibility. Thing to keep in mind though is that while UAG customization can be very flexible, implementing complex scenarios will most certainly take you beyond out of the box functionality. And here's where some guidance would be much appreciated. TechNet resource " Customizing Forefront UAG " is a good starting point, and there’s a book that was just published that covers this very topic – “ Mastering Microsoft Forefront UAG 2010 Customization ” by Erez Ben-Ari. I have already picked up a Kindle version for $9.99, but haven't had a chance to read it yet. If Ben-Ari's previous book " Microsoft Forefront UAG 2010 Administrator's Handbook " is of any indication, this is going to be an excellent resource.

Symbolic Linking

Symbolic links allow for the transparent sharing of data across volumes as well as network shares (i.e.  data located on the same computer or on remote computers ). The technology makes accessing data across various shared network resources easier and more transparent, in a similar way Distributed File System (DFS) does, but without the need to setup DFS infrastructure (of course, DFS functionality goes way beyond of what the symbolic links can do so, you have to understand the requirements and - use the right tool for the job). If the notion of s ymbolic links sounds familiar that's because it has existed within the UNIX/Linux world pretty much forever. The functionality's now been made available in the Windows Server 2008 operating system to add some oomph to the migration from and the application compatibility with UNIX/Linux operating systems. Well, regardless of where the functionality came from or what the intended goals might have been, it could still be quite hand

UAG Pre-installation Checklist

Here's a quick pre-installation checklist I have developed for the UAG deployments. Of course, it may not cover all possible deployment scenarios. So, feel free to expand upon it as necessary. Network: Networking has been configured correctly Static IPs assigned to all network interfaces Static IPs to be assigned to each trunk (in load-balanced array this will be assigned to the VIP associated with the trunk) have been reserved Connectivity to the Internet works Connectivity to the internal network works All internal networks (network ranges that UAG will be fronting/protecting) have been explicitly identified Server(s): All servers meet system requirements   All available Windows updates have been installed All servers are clean, with no additional (unnecessary) software installed All servers have been properly named If applicable (required for UAG array), all servers have been joined to the domain  No previous versions of UAG, TMG, or SQL are installed on

UAG 2010

Forefront Unified Access Gateway 2010 delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors from a diverse range of endpoints and locations, including managed and unmanaged PCs and mobile devices. Background: Forefront Unified Access Gateway (UAG) and Threat Management Gateway (TMG) trace their lineage back to other well known Microsoft products - Intelligent Application Gateway (IAG), Internet Security and Acceleration (ISA) Server, Proxy Server, and incorporate technologies from Microsoft acquisitions ( Whale Communications ). The following outlines latest steps in the UAG and TMG products evolution:    and a brief feature comparison: Business Ready Security: Microsoft's Business Ready Security strategy is designed to help organizations of all sizes with managing risk while empowering collaboration and information sharing. At the time of this writing there are  five comprehensive solutions th

Office 365 Information and Resources

Office 365 Getting Started Overview: General Overview | video   Part 1: Connecting with people and information in new ways | video    Part 2: Scheduling and running meetings with ease | video    Part 3: Collaborating on documents and sharing business information | video Tour for Users: Chapter 1: Welcome to Office 365 | video   Chapter 2: Email and more | video   Chapter 3: Collaborate with Team Sites | video   Chapter 4: Microsoft Office and Office Web Apps | video   Chapter 5: Communicate now with Lync | video Tour for Administrators: Office 365 for Enterprises: The Admin Experience | video Office 365 Information and Resources Portal: Provides a “one-stop-shop” access to the Office 365 features (manage your profile, change your password, download and install required components, navigate to OWA via Outlook link, navigate to SharePoint via Team Site link). Office 365 Portal URL | Getting started with Office 365 |