Winfrasoft - UAG Appliance - Secure remote access to corporate resources

Providing remote access services to different classes of users, in different locations, on different devices is key requirement for todays mobile workforce. Such a myriad of requirement scenarios often expose many remote access systems limitations as they struggle to keep pace with the modern organisaiton.

UAG Delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors on both managed and unmanaged PCs and mobile devices. Utilising a combination of connectivity options, ranging from SSL VPN & Intelligent reverse proxy to DirectAccess & IPv6, UAG provides centralised and easy policy based management of an organisation's complete anywhere access offering.

Winfrasoft UAG Appliances are available on hardware from HP; also with VMware and Hyper-V solutions.

Note: Note: Microsoft ceased to provide UAG 2010 via Volume Licensing as of 1 July 2014, however Winfrasoft will continue to offer UAG appliances until at least 2020. In addition, Winfrasoft will continue to provide supportor new and existing UAG appliances beyond 2020 - providing longevity to the UAG product suite.

Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user's identity – UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.

Comprehensive Remote Access (SSL VPN). As a comprehensive SSL VPN, UAG provides multiple levels of access and tunneling to deliver internal applications and network resources to remote users.
DirectAccess. UAG extends the benefits of DirectAccess across the infrastructure, enhances scalability, and simplifies deployment and ongoing management.
Remote Access to SharePoint and/or Exchange. Optimised for SharePoint and Exchange, UAG delivers secure, anywhere access for your employees, partners and customers. Leveraging a combination of granular application filtering capabilities, deep endpoint health detection and wizard driven configuration, UAG provides for a simple and highly secure means of publishing Exchange and SharePoint deployments.

Tier-1 Data Centre Ready hardware from HP ensures quality hardware and industry leading quality catering for all deployment sizes and budgets.
Private Cloud Ready virtualisation support for VMware and Hyper-V.
SSL VPN and Web Portal for secure remote access to any application type.
Microsoft DirectAccess gateway for always on connection from Windows 7 and 8 PCs.
End Point client detection and policy based enforcement.
Two Factor Authentication via RADIUS and plug-ins for Authlogics PINgrid, PINphrase and PINpass.
Single Sign-On (SSO) to applications via HTTP, Forms and Kerberos Constrained Delegation (KCD).
Winfrasoft WebSSO password vault add-on for UAG option.
HTTPS inspection enables HTTPS-encrypted sessions to be inspected for malware or exploit while URL cloaking protects the inner workings of an application.
Publishing Wizards for Microsoft SharePoint Server, Outlook Web App and ActiveSync.
64bit architecture running on Windows Server 2008 R2 to maximise memory and CPU capabilities for top performance.

DirectAccess is very resource intensive and performance statistics should not be confused with typical UAG web portal usage scenario user volumes. When deciding on hardware for DirectAccess it is important that your hardware supports Receive Side Scaling Queues (RSS) as Microsoft estimates that approximately 30% greater capacity is achievable on RSS enabled systems. All Winfrasoft Appliances support RSS natively.

The following table shows the approximate maximum number of concurrent DirectAccess users for each appliance model based on typical usage scenarios. These numbers are not hard limits, each appliance can physically accept more connections at the expense of overall performance.

UAG Appliance Model	Approx concurrent Direct Access users	Receive Side Scaling Queues (RSS) support
UAG-3500	500 users
UAG-6500	1,000 users
UAG-9500	2,500 users

Suitability	Small to medium sized organisations or single purpose deployments with basic redundancy.
Hardware	HP Proliant DL120 G7
CPU	Quad Core Xeon E3-1220 3.1 GHz
RAM	4Gb DDR3-1333 ECC
HDD	2 x 160Gb SATA
Controller	Embedded SATA RAID
Hot Swap	No
RAID	RAID1 (Mirror)
NIC's	4 x 1Gbps

Suitability	Medium sized organisations with multi use scenarios requiring hot swap capabilities and upgradability.
Hardware	HP Proliant DL360p Gen8
CPU	Hex Core Xeon E5-2620v2 2.1 GHz
RAM	8Gb DDR3-1333 ECC
HDD	2 x 146Gb SAS
Controller	Dedicated 6Gb/s RAID 256/512Mb Cache
Hot Swap	Yes
RAID	RAID1 (Mirror)
NIC's	4 x 1Gbps

Suitability	High end Enterprise deployments requiring the ultimate scalability in an appliances solution.
Hardware	HP Proliant DL380p Gen8
CPU	Twin Hex Core Xeon E5-2620v2 2.1 GHz
RAM	16Gb DDR3-1333 ECC
HDD	4 x 146Gb SAS
Controller	Dedicated 6Gb/s RAID 256/512Mb Cache
Hot Swap	Yes
RAID	RAID 1+0 (Mirror + Stripe)
NIC's	4 x 1Gbps, 2 x 10GbE

Suitability	Private Cloud deployments utilising VMware or Hyper-V virtualisaiton technology which require a appliances solution.
Hypervisors	VMware or Microsoft Hyper-V

AFUK = Appliance Field Upgrade Kit

Forefront UAG 2010 introduces many new and improved features over its predecessor IAG 2007:

	IAG	UAG
Application Publishing
Granular application filtering*
Session cleanup and removal
Endpoint health detection*
Integration
Integrated with NAP policies
Remote Desktop and RemoteApp integration
Extends and simplifies DirectAccess deployments
Scale and Management
Built in load balancing
Array management capabilities
Enhanced monitoring and management (SCOM)

*Feature is improved in UAG