Introducing UAG DirectAccess solution

  • Article

As the PM lead responsible for the UAG DirectAccess, I’m proud to present our solution based on the new and exciting technology introduced by Windows 7 Direct Access. If you want to learn more about this technology click here.

Microsoft Forefront Unified Access Gateway (UAG) utilizes DirectAccess technology built into Windows 7 and Windows Server 2008 R2 to create an enterprise level solution. UAG offers an all in one, end-to-end solution that lets the enterprise open its resources to managed clients in a seamless, painless manner.

UAG DirectAccess extends access to IPv4 servers

In order to support all backend servers, UAG DirectAccess adds a necessary transition technology (NAT64 and DNS64 also known as NAT-PT and DNS-ALG) to also allow clients access to IPv4 only servers – in addition to IPv6 based servers (natively or via ISATAP).

UAG DirectAccess enhances scalability, high-availability and management

Our solution adds the ability to scale and have multiple Direct Access Servers (DAS) in a cluster for providing high-availability of the service as well as scale-up. As part of ‘all in the box’ paradigm, UAG integrates Windows Network Load Balancing (NLB) support that could be seamlessly activated for the cluster.

UAG DirectAccess simplifies deployment and administration

We incorporated and augmented the DirectAccess configuration into its Unified Access Gateway management console allowing an easier deployment of the cluster. The console will help you setup, configure, activate and manage the cluster and each node in it from a central location. This console can be used to enforce policies (such as NAP and Smartcard), set IPs, etc.

UAG also provides access, from within the same cluster, for down level and non Windows clients

As its name suggests, Unified Access Gateway provides multiple access scenarios for managed remote clients (via UAG DirectAccess) as well as unmanaged, or even ‘foreign’ remote access clients in a secure way. By utilizing various remote access technologies, UAG can publish business server applications to unmanaged clients enforcing various authentication methods.

Nitzan Daube

Principal Program Manager Lead, UAG product group.

Comments

  • Anonymous
    January 01, 2003
    DirectAccess authentication is done is the very low levels of the OS so currently it is not possible to use other types of authentication.

  • Anonymous
    June 22, 2009
    The comment has been removed

  • Anonymous
    June 25, 2009
    The comment has been removed

  • Anonymous
    July 24, 2009
    The comment has been removed

  • Anonymous
    March 10, 2010
    Actually NAT-PT is not in draft, it has been made deprecated by RFC 4966. NAT64 and DNS64, however, are fresh Internet Drafts currently, waiting to become RFCs. So, will Microsoft switch to NAT64 and DNS64 after they become standard and let the obsolete NAT-PT go?