Overview of Forefront UAG DirectAccess

Updated: February 1, 2011

Applies To: Unified Access Gateway

Forefront Unified Access Gateway (UAG) DirectAccess extends the benefits of Windows DirectAccess across your infrastructure, enhancing scalability, and simplifying deployments and ongoing management.

Forefront UAG DirectAccess features include the following:

  • Improved manageability of remote users—Forefront UAG DirectAccess enables IT professionals to manage mobile computers, by updating Group Policy settings, and distributing software updates any time the mobile computer has Internet connectivity, even if the user is not logged on. This flexibility allows IT professionals to manage remote computers on a regular basis, and ensures that mobile users stay up-to-date with security and system health policies.

  • More secure and flexible network infrastructure—Forefront UAG DirectAccess takes advantage of technologies such as Internet Protocol version 6 (IPv6) and Internet Protocol security (IPsec), providing a more secure and flexible network infrastructure for enterprises, by using:

    • Authentication—Forefront UAG DirectAccess authenticates the client computer, enabling the computer to connect to the intranet before the user logs on.

    • Encryption—Forefront UAG DirectAccess uses IPsec to provide encryption for communications across the Internet.

    For more information on IPv6, see Microsoft Internet Protocol Version 6 (IPv6) (https://go.microsoft.com/fwlink/?LinkID=154707).

    For more information on IPsec, see IPsec (https://go.microsoft.com/fwlink/?LinkId=154708).

    For more information on NAP, see Network Access Protection (https://go.microsoft.com/fwlink/?LinkId=154709).

  • IT simplification and cost reduction—Forefront UAG enables you to reduce your costs by:

    • Providing unified management—Forefront UAG provides unified management for all the remote access technologies.

    • Hardware consolidation—Forefront UAG manages remote access technologies, load balancing and array functionality, and NAT64 and DNS64 on the same server, and using the same management console.

  • Extended access to IPv4-only resources—Forefront UAG DirectAccess uses integrated NAT64 and DNS64 to enable clients to access IPv4-only resources, in addition to IPv6-based resources.

  • Simplified deployment and administration—The Forefront UAG DirectAccess configuration is incorporated into the Forefront UAG Management Console, and is configured using interactive wizards, providing simpler deployment and management.

  • Enhanced scalability, high availability and management—By utilizing its array management capabilities and Windows network load balancing, Forefront UAG enables you to set up multiple DirectAccess servers in an array, providing high availability and scalability.