News

Forefront Unified Access Gateway Beta Released

• By Herb Torrens
• 07/16/09

Microsoft rolled out beta 2 of its Forefront Unified Access Gateway (UAG) enterprise security solution this week.

This latest release will support streamlined security features in Windows 7, and Windows Server 2008 R2, according to a Forefront team blog.

Formerly known as "Intelligent Application Gateway," UAG consolidates access technologies such as Secure Socket Layer Virtual Private Network (SSL VPN), Remote Desktop, Web publishing and Direct Access--all "under one roof," according to the blog. It allows administrators to manage access rights for all types of clients, including corporate laptops, home PCs, kiosks, PDAs and even borrowed PCs.

"The SSL VPN capability of UAG will allow organizations to enable remote access for only specific applications, or file systems, rather than to entire networks," noted Donald S. Retallack, Ph.D., research vice president for systems management and security at Directions on Microsoft, in an e-mail.

That capability can reduce an organization's exposure to compromised clients and attackers, Retallack explained. UAG will also include support for configuring and managing the new DirectAccess feature in Windows 7 and Windows Server 2008 R2. DirectAccess helps connect remote clients to a corporate network.

UAG provides multiple levels of remote access tailored to the user's profile and the machine being used, according to the blog. Specific levels of security are assigned on the fly according to the security level of the machine. A corporate machine may get full connectivity, while a borrowed PC will be scanned for up-to-date antimalware software before being assigned a level of access. UAG can block access to uploads and downloads for suspect client machines.

UAG promises IT pros the ability to quickly set up network access for users on nearly any machine, according to Microsoft.

"One of the advancements of UAG is that it does not require the slow and often unreliable process of setting up and managing specialized VPN client software on the end user's computer," stated Retallack. "Instead, users connect using a standard Web browser."