- Security Programming and Security Management
- 50402B: Implementing Forefront Unified Access Gateway 2010
This instructor-led course prepares you to design & deploy remote access solutions using Microsoft Forefront Unified Access Gateway 2010 (UAG). Forefront UAG provides organizations with unparalleled flexibility in providing access to network resources..
- Course Outline
This three-day instructor-led course prepares you to design and deploy remote access solutions using Microsoft Forefront Unified Access Gateway 2010 (UAG). Forefront UAG provides organizations with unparalleled flexibility in providing access to network resources (such as Web sites and internal applications) with granular access control, custom content protection, and endpoint validation. Forefront UAG also integrates with DirectAccess, a new Windows 7 technology that provides seamless remote access to all corporate resources without connecting to a virtual private network. This course is intended for architects, consultants, network administrators, and technical sales professionals who are responsible for selling, designing, and deploying edge access solutions for enterprises.
This course is intended for IT security and infrastructure specialists who have experience with Windows networking and authentication protocols. Experience with the IPv6 protocol is desirable but not required.
At Course Completion
After completing this course, students will be able to:
- Install and configure Forefront UAG as a standalone server or an array member.
- Publish Microsoft Exchange Server, Microsoft Office SharePoint Server, and Remote Desktop Gateway applications to external users.
- Configure Forefront UAG to authenticate and authorize users, and enforce security policies on clients.
- Use Forefront UAG as a gateway for DirectAccess clients.
- Understand the design and deployment considerations when building an enterprise access solution using Forefront UAG.
Module 1: Forefront UAG Overview
This module provides an overview of the features and capabilities of Forefront UAG, and the role it plays in enabling usage scenarios that are part of the Microsoft Business Ready Security strategy.
- Microsoft Business Ready Security Strategy (BRS)
- Forefront Unified Access Gateway Architecture
- Licensing and Availability
- Understand how Forefront UAG fits into the Microsoft Business Ready Security strategy solutions.
- Describe the Forefront UAG solution and internal architectures.
- Provide customers with licensing options for Forefront UAG.
This module covers the setup and configuration tasks for Forefront UAG, and describes how to migrate from Microsoft Intelligent Application Gateway 2007 (IAG) to Forefront UAG.
- Installing Forefront UAG
- Initial Configuration
- Install Forefront UAG 2010
- Configure the initial settings using the Getting Started Wizard
- Describe the Forefront UAG setup process.
- Explain how customers can migrate from IAG to Forefront UAG.
In this module, you'll understand the concept of a trunk in Forefront UAG, and how the product uses trunks to enable remote users to connect to internal applications. You'll see the role of the Forefront UAG portals as front end interfaces for these users, and how Forefront UAG can be customized during deployments.
- Trunks and Portals
- Portal Customization
- Client Detection
- Create a HTTPS trunk in Forefront UAG
- Configure an Active Directory authentication repository
- Understand how Forefront UAG uses trunks and portals to provide access to internal resources.
- Explain how to customize the Forefront UAG portal look and feel.
- Describe how Forefront UAG detects the remote endpoint capabilities and how to customize this process.
In this module, you will learn how to configure Forefront UAG to enable remote endpoints to have access to internal Web applications. You will see how to enable access to Microsoft Exchange and Microsoft SharePoint, and how to deploy federation using Active Directory Federation Services (AD FS).
- Web Publishing Overview
- Publishing Microsoft Exchange
- Publishing Microsoft SharePoint
- Deploying Federation with AD FS
- Configure Outlook Web Access (OWA) publishing using the OWA look and feel
- Configure OWA publishing inside the Forefront UAG portal
- Publish Outlook Anywhere and Exchange Autodiscover
- Publish Web applications to the Internet using Forefront UAG trunks.
- Enable remote client access to Microsoft Exchange and Microsoft SharePoint services.
- Configure Forefront UAG to use federation for portal and application access.
In this module, you will see how Forefront Unified Access Gateway (UAG) allows you to provide access to published RemoteApps and Remote Desktops by integrating a Remote Desktop Gateway (RD Gateway) to provide an application-level gateway for Remote Desktop Services (RDS) and applications.
- Remote Desktop Publishing Overview
- Deploying RD Gateway Publishing
- Publish RemoteApp applications using the Forefront UAG portal
- Publish a predefined Remote Desktop
- Explain the benefits of using the Remote Desktop Gateway (RD Gateway) publishing feature.
- Describe how Forefront UAG integrates with RD Gateway.
- Explain how to configure Forefront UAG to publish RemoteApps, predefined Remote Desktops, and user-defined Remote Desktops.
This module explains how you can configure remote access to the corporate network using the legacy Network Connector application or the Secure Sockets Tunneling Protocol (SSTP).
- Remote Network Access Overview
- UAG/SSTP Integration Architecture
- Configuring Remote Network Access
- Configure remote network access using SSTP
- Publish remote network access in the Forefront UAG portal
- Explain the different technologies used by Forefront UAG to enable remote access to the corporate network.
- Describe how Forefront UAG integrates with Forefront TMG and Windows to provide SSTP VPN access to Windows 7 clients.
- Configure Forefront UAG to provide remote network access using SSTP and the Network Connector.
This module provides an overview of the IPv6 protocol used by Forefront UAG DirectAccess, and the technologies associated with transitioning from IPv4 to IPv6 networking.
- IPv6 Overview
- IPv6 Transition Technologies
- Use IPv6 link-local addresses for local network connectivity
- Deploy an ISATAP router in an intranet
- Understand the limitations of the IPv4 protocol, and the benefits provided by IPv6.
- Describe the addressing, routing, and name resolution characteristics of the IPv6 protocol.
- Explain how ISATAP, 6to4, Teredo, and NAT64/DNS64 can be used to enable IPv6 connectivity over IPv4 networks.
This module gives an overview of DirectAccess, a technology enabled by Forefront UAG that provides seamless network access to Windows 7 clients.
- DirectAccess Overview
- DirectAccess Solution Components
- Planning a DirectAccess Deployment
- Deploying DirectAccess Using Forefront UAG
- Prepare the infrastructure requirements for DirectAccess
- Configure DirectAccess using Forefront UAG
- Understand the benefits provided by DirectAccess to users and IT organizations.
- Describe the DirectAccess architecture and its components.
- Understand the requirements and design decisions involved in a DirectAccess solution using Forefront UAG.
- Configure DirectAccess using Forefront UAG.
This module presents an overview of the policy evaluation and enforcement technologies for the Forefront UAG endpoints.
- Endpoint Policies
- Network Access Protection Integration
- Use the Endpoint Policies with a Forefront UAG portal application
- Configure Network Access Protection (NAP) with Forefront UAG DirectAccess
- Explain how Forefront UAG can enforce endpoint policies.
- Configure Forefront UAG to use NAP for policy validation.
This module explores how Forefront UAG uses arrays to scale out to large deploymentsÃNLGNLG¢,¬improving the scalability and availability of the solution while reducing management overhead.
- Forefront UAG Array Management Overview
- Deploying and Operating Forefront UAG Arrays
- Network Load Balancing Integration
- Install an additional Forefront UAG server
- Configure a Forefront UAG array and perform post-array configuration tasks
- Explain the benefits provided by using Forefront UAG arrays.
- Describe the array management architecture, and the tasks involved in creating and managing an array.
- Explain how the Network Load Balancing feature of Windows Server is integrated into Forefront UAG.
This module covers the considerations involved in designing, deploying, and troubleshooting an enterprise access solution based on Forefront UAG.
- Deploying Forefront UAG in Enterprise Environments
- Supporting and Troubleshooting Forefront UAG
- Describe the process of designing and deploying Forefront UAG in an enterprise environment.
- Describe the tools and best practices for troubleshooting issues with Forefront UAG.
- Prerequisites & Certificates
Before attending this course, students must have: * Solid understanding of Windows networking. Experience with IPv6 is desirable but not required. * Working knowledge of Active Directory, LDAP, and RADIUS authentication. * Basic understanding of Microsoft Exchange Server 2007 and Microsoft Office SharePoint Server 2007.
Certificate of completion
- Cancellation Policy
ctc TrainCanada - We Never Cancel*:
We are unique in the corporate training field in that we do not cancel desktop applications courses due to low enrollment. When there are less than 3 students, ctc TrainCanada will personalize the class (students then receive more time with the instructor to address their individual needs allowing the student to complete the full course in less time) or connect the student remotely to a class at one of our other branches via TrainLive remote classroom instruction. *Microsoft Certified Courses and other technical courses require a minimum enrollment of three students. Business Skills courses require multiple students in order to run due to the interactive nature of the training. Selected Desktop Applications courses may require a minimum enrollment of two students to run. ctc TrainCanada® reserves the right to deliver Microsoft Certified and other technical courses via TrainLive remote classroom instruction in order to guarantee the course to run.
ctc TrainCanada Cancellation policy:
You may cancel or reschedule this registration in writing with no penalty with a minimum of 10 business days' notice prior to the first day of the course. Full payment is required if you cancel or reschedule this registration within 10 business days prior to the first day of the course. However, substitutions are welcome. If you do need to cancel or reschedule a publicly scheduled course within the 10 day non-cancellation period (not a client dedicated course), payment is to be made and a training voucher for a public course will be issued to you. This allows you to attend a future date for the same course at no charge (subject to availability).
No-shows will not be issued a training voucher.
Complimentary Service: We offer all our students coffee, tea, juice or pop, muffins or pastries in the morning and cookies baked in our own oven each afternoon.
- Map & Reviews
[ View Provider's Profile ]
ReviewsHere are some reviews of the training vendor.
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.
This page has been viewed 964 times.