The access gateway will act as the endpoint of the HTTPS connection and inspect the traffic before passing it to the backend servers for authentication, adding a security layer against common Internet threats.
Before installing UAG, there is a planning phase necessary to select the kind of deployment that is more fit to our company’s needs.
Having built my first Windows 2012 machine I thought it best to install anti-virus.
I extracted the Forefront Endpoint protection client from the SCCM 2012 package and installed it just fine.
Follow the simple instructions included to enable updates for other Microsoft products, including FEP.
(For more resources related to this topic, see here.) Microsoft Forefront UAG is a product focused on centralizing and managing access to internal resources from external networks.
Buy Now Start Your 30-Day Trial Are you part of a Flight Department? Fore Flight offers pilots who fly in Europe the powerful combination of EUROCONTROL-integrated planning and filing capabilities, weather visualization tools, state-of-the-art hazard awareness features, and Jeppesen’s world-class data and charts in one integrated app.
The complexity of the configuration will be related to the UAG features we are going to use, for example, with Direct Access it requires many modifications on the firewall before we are able to make it work.
The second topic in our list is the domain membership.
If we have an existing firewall, it’s a good idea to keep it in front of UAG, because the level of the security will not be lowered (UAG requires TCP ports 80 and 443, and the HTTP port is in use only if we plan to deploy a listener with no encryption), and we gain an additional layer of security.
The last scenario is a classic DMZ, with a second firewall deployed to isolate the Internet-exposed services from the internal network.
Search for updating forefront:
However, when I tried to update it I received an error I wasn’t expecting.