E-book details

Microsoft Forefront UAG 2010 Administrator's Handbook. Integrating UAG into your organization’s network will always be a challenge, but this manual will make life easier. It’s the only book solely dedicated to UAG and covers everything with a simple, user-friendly approach

Microsoft Forefront UAG 2010 Administrator's Handbook. Integrating UAG into your organization’s network will always be a challenge, but this manual will make life easier. It’s the only book solely dedicated to UAG and covers everything with a simple, user-friendly approach

Erez Ben-Ari, Ran Dolev, Erez Y Ben

Ebook
Microsoft Forefront Unified Access Gateway (UAG) is the latest in a line of Application Publishing (Reverse Proxy) and Remote Access (VPN) Server products. The broad set of features and technologies integrated into UAG makes for a steep learning curve. Understanding all the features and abilities of UAG is a complex task that can be daunting even to experienced networking and security engineers. This book is the first to be dedicated solely to Microsoft Forefront UAG. It guides you step-by-step throughout all the stages of deployment, from design to troubleshooting. Written by the absolute experts who have taken part of the product’s development, official training and support, this book covers all the primary features of UAG in a friendly style and a manner that is easy to follow. It takes you from the initial planning and design stage, through deployment and configuration, up to maintenance and troubleshooting. The book starts by introducing UAG's features and and abilities, and how your organization can benefit from them. It then goes on to guide you through planning and designing the integration of the product into your own unique environment. Further, the book guides you through the process of publishing the various applications, servers and resources - from simple web applications to complex client/server based applications. It also details the various VPN technologies that UAG provides and how to take full advantage of them. The later chapters of the book educate you with common routine “upkeep” tasks like monitoring, backup and troubleshooting of common issues. Finally, the book includes an introduction to ASP, which some of the product's features are based on, and can help the advanced administrator with enhancing and customizing the product.
  • Microsoft Forefront UAG 2010 Administrators Handbook
    • Table of Contents
    • Microsoft Forefront UAG 2010 Administrator's Handbook
    • Credits
    • About the Authors
    • About the Reviewers
    • www.PacktPub.com
      • Support files, eBooks, discount offers and more
        • Why Subscribe?
        • Free Access for Packt account holders
        • Instant Updates on New Packt Books
    • Preface
      • What this book covers
      • What you need for this book
        • Who this book for
        • UAG versus IAG
        • What's in the box?
      • Conventions
      • Reader feedback
        • Errata
        • Piracy
        • Questions
    • 1. Planning Your Deployment
      • Basic principles
      • How UAG works
      • Software requirements
      • Hardware requirements
      • Considerations for placing the server
      • Planning the networking infrastructure
      • Domain membership
      • Planning remote connectivity
      • Load balancing and high availability
      • Choosing clients
      • From test to production
      • Tips for a successful deployment
        • Deployment checklist
        • Do's and Don'ts for a successful deployment
      • Summary
    • 2. Installing UAG
      • What the installation contains
        • Service Packs and updates
      • Preparing your server
        • Pre-installation checklist
        • Preparing the installation files
      • Installation
        • Verifying the installation
        • Running the Getting Started Wizard
        • Applying updates or Service Packs
        • Common issues during installation
      • Post installation issues
      • Summary
    • 3. UAG Building Blocks
      • What are trunks and applications?
      • Types of trunks
      • Types of applications
        • Built-in services
        • Web applications
        • Client/Server and Legacy
        • Browser-embedded applications
        • Terminal Services (TS) / Remote Desktop Services (RDS)
      • What is URL signing and how does it work?
      • Designing your trunks, applications, and nesting
      • Some common applications and the appropriate templates
      • DNS name resolution
      • Preparing for an HTTPS trunk
        • Asymmetric encryption
        • Digital certificates
      • Creating an HTTPS trunk
      • Publishing an HTTP trunk
      • What happens when you add a trunk?
      • Summary
    • 4. Publishing Web Applications
      • The four steps to application publishing
      • Application specific hostname applications versus Portal hostname applications
      • The Add Application Wizard
      • Application order
      • Considerations for Exchange publishing
      • Considerations for SharePoint publishing
        • Different internal and external names
        • Same internal and external FQDN names but different protocols
        • Same internal and external names and protocols
      • Sharepoint and IE security enhancements
      • What is the Active Directory Federation Services 2.0 application?
      • Certificate validation for published web servers
      • Did you remember to activate?
      • Summary
    • 5. Advanced Applications and Services
      • Advanced application types
      • Remote connectivity
      • Configuring browser embedded applications
      • Configuring client/server applications
        • Enhanced Generic Client Applications
        • Enhanced HAT
        • Generic HTTP Proxy Enabled Client Application
        • Generic SOCKS Enabled Client Application
        • Citrix Program Neighborhood (Direct)
        • Outlook (corporate/workgroup mode)
        • SSL Application Tunneling component automatic disconnection
      • Local Drive Mapping
      • Remote Network Access
      • SSL Network Tunneling (Network Connector)
        • Planning for Network Connector
        • Adding Network Connector to the portal
        • Configuring the Network Connector server
        • Activating and testing the Network Connector
        • Network Connector disconnecting?
      • SSTP
      • Remote Desktop applications
      • Remote Desktop RDG templates
        • Remote Desktoppredefined and user defined
      • Remote Desktop considerations
      • File Access
        • Preparing to Publish File Access
        • Configuring File Access Domains, Servers, and Shares
        • Using File Access
        • More fun with File Access
      • Summary
    • 6. Authenticating and Controlling Access
      • UAG session and authentication concepts
        • The basic authentication flow
      • Trunk level authentication settings
      • Authentication servers
        • RADIUS
        • RSA SecurID
        • WinHTTP
        • Authentication server of the type "Other"
        • Smart card/client certificate authentication
        • Special handling for MS Office Rich Clients
      • Application level authentication settings
        • Handling form based authentication to backend applications
        • Kerberos constrained delegation
      • Application authorization settings
        • Local groups
      • AD FS 2.0
        • Requirements and limitations for AD FS 2.0 in UAG
        • Configuring the AD FS 2.0 authentication server in UAG
        • Additional configuration steps on the AD FS 2.0 server
      • Summary
    • 7. Configuring UAG Clients
      • What are the client components?
        • Endpoint detection
        • SSL Application Tunneling component
        • Socket Forwarding
        • SSL Network Tunneling component
        • Endpoint Session Cleanup component
      • Supported platforms
      • Installing and uninstalling the client components
      • Preemptive installation of the components
      • Checking the client components version
      • The trusted sites list
      • Don't need the Client components?
      • Summary
    • 8. Endpoint Policies
      • What endpoint policies can do and how they work?
        • How it works?
      • Endpoint policies access type
      • Platform specific policies
      • Assigning endpoint policies
      • Built-in policies
      • Choosing or designing the appropriate policies for your organization
      • Creating policies using the policy editor
      • Editing policies in script mode
      • Configuring upload and download settings
        • Identify by URL
        • Identify by extension
        • Identify by size
      • Configuring restricted zone settings
      • Certified Endpoints
      • Integration with Network Access Protection
      • How does NAP work?
      • Configuring UAG to use NAP
      • Summary
    • 9. Server Maintenance and Upkeep
      • Who needs monitoring?
      • The UAG activation monitor
      • The UAG Web Monitor
        • Monitoring sessions
          • General
          • Applications
          • Endpoint Information
          • Parameters
        • Session Statistics
        • Monitoring applications and users
        • Monitoring server farms
        • Monitoring server array members
        • Event Viewer
        • Event Query
      • Configuring UAG event logging
        • Queue and report size
        • Built-in
        • RADIUS and Syslog
        • Mail
      • UAG services
      • UAG and the System Event Log
      • Publishing the UAG Web Monitor
      • Live Monitoring using TMG
      • The Windows Performance Monitor
      • Running a server trace
      • Updating the server with Windows Updates
      • Updating the server with UAG updates
      • Other updates
      • Antivirus on the server and other tools
      • Backing up UAG
      • Restoring UAG (to itself, and to other servers)
      • Summary
    • 10. Advanced Configuration
      • Basic trunk configuration
      • Advanced configuration overview
      • The General tab
      • The Authentication tab
      • The Session tab
      • The Application Customization tab
      • The Portal tab
      • The URL Inspection tab
      • Global URL Settings and URL Set tabs
      • Rule editing and modification
      • NLB and Arrays
      • Adding load balancing into the mix
      • Putting it all together
      • Summary
    • 11. DirectAccess
      • What's in it for me?
      • A little bit of history
      • How does DirectAccess work?
      • IPSec and its tunnels
      • IPv6what's the big deal?
      • Hardware considerations
      • Connecting your server to the Internet
      • The Network Location Server
      • More infrastructure considerations
      • Client connection modes
      • Setting up the IP-HTTPS public site
      • DirectAccess name resolution
      • ISATAP, DNS64, and NAT64
      • Tunneling mode
      • DirectAccess Connectivity Assistant
      • Putting it all together
      • Wizard Rime
        • Client and GPO configuration
        • The DirectAccess Connectivity Assistant
        • DirectAccess Server configuration
        • Infrastructure Servers configuration
        • End-to-End Access configuration
      • Keeping an eye on the server
      • Trouble?
        • Removing DirectAccess
        • Setup and configuration errors
        • Whose fault is it?
        • DCA to the rescue
        • Server related issues
        • Client side issues
        • Transition technology issues
        • Advanced troubleshooting
        • Additional resources
      • Summary
    • 12. Troubleshooting
      • Whodunnit?
      • Administrative errors
        • File Access
        • SSL Network Tunneling
        • Certificate problems during activation
        • Backup and restore
        • Updating the server
      • Portal and Trunk issues
      • Application issues
        • Common application publishing mishaps
        • Blocking uploads and downloads
        • URL limits
        • Server Performance
          • Other optimizations
        • SharePoint issues
        • SSL tunneling
        • SSTP
        • Other server and application issues
      • Client issues
        • Client misbehavior
        • RDS client issues
        • Misc client issues
      • Customization issues
      • General errors
        • Tracing problems
      • What's next?
      • Summary
    • A. Introduction to RegEx RegEx
      • Why do I need this?
      • What are Regular Expressions?
      • The UAG RegEx RegEx syntax
      • Literals
      • Special characters
    • B. Introduction to ASP
      • What is ASP, and how does it work?
      • What can you do with it?
      • Getting started with ASP
      • Putting the pieces together
      • Some more ASP principles
      • No one likes to repeat himself
      • So, what's in it for me?
    • Index
  • Title: Microsoft Forefront UAG 2010 Administrator's Handbook. Integrating UAG into your organization‚Äôs network will always be a challenge, but this manual will make life easier. It‚Äôs the only book solely dedicated to UAG and covers everything with a simple, user-friendly approach
  • Author: Erez Ben-Ari, Ran Dolev, Erez Y Ben
  • Original title: Microsoft Forefront UAG 2010 Administrator's Handbook. Integrating UAG into your organization‚Äôs network will always be a challenge, but this manual will make life easier. It‚Äôs the only book solely dedicated to UAG and covers everything with a simple, user-friendly approach.
  • ISBN: 9781849681636, 9781849681636
  • Date of issue: 2011-01-24
  • Format: Ebook
  • Item ID: e_3cnc
  • Publisher: Packt Publishing