The Microsoft Intelligent Application Gateway 2007 (IAG 2007) is an SSL VPN gateway that supports all types of SSL VPNs. We’ve covered the IAG 2007 a bit on this site and look forward to even more comprehensive coverage in the future. One of the issues that have hamstrung our efforts to popularize the IAG is that no software version of the solution was available.
That’s where today’s good news comes in. At the Interop conference in Las Vegas today, Microsoft announced the upcoming release of the Microsoft Forefront Unified Access Gateway or UAG. The Forefront UAG is positioned to be the “one-stop shop” for secure remote access to corporate applications by bringing together all of the remote access methodologies available for Microsoft networks today.
However, UAG will not be limited to supporting just Microsoft applications; the Forefront UAG will continue in the great tradition of the IAG in supporting secure remote access to non-Microsoft applications. This will help carry on the universal appeal that the IAG had to the upcoming UAG.
While the details of the improvements and new features haven’t been officially announced, some of the improvements noted at Interop include:
- Easy product and licensing upgrades from either IAG 2007 or ISA 2006
- Improvements in end point security and cache clean up, including application awareness regarding how application data is cached
- Tight integration with Network Access Protection (NAP)
- More wizards to further simplify Forefront UAG configuration which reduces the cost of steep learning curves typically associated with SSL VPN solutions
- Improved positive and negative logic filtering, which protects against both known and unknown exploits (zero-day attack protection)
- Application optimizers for SharePoint will be improved to fully support the SharePoint Alternate Access Mapping (AAM) feature and enable a fully transparent end-user exporter for all remote SharePoint users
Margaret Dawson, Group Product Manager for the Forefront Edge products (which includes the next version of the ISA Firewall, the Forefront Threat Management Gateway or TMG, and the Forefront UAG) stated “We wanted to update our naming and branding, and the vision you will see us better over time is the integration and alignment with multiple access solutions across Microsoft. We will do a better job of integrating with SharePoint, OWA, mobile, Windows Server…This integration with our products and other solutions provides easier management and [better] user experience,”
The ISA Firewall has always been a thought leader in the application layer inspection firewall space, and the IAG’s major advantage over other SSL VPN solutions was its primary focus on security, though the use of very sophisticated positive and negative logic filters for Web applications.
Margaret Dawson reinforces the commitment to application layer inspection as the gold standard for network security “One of the biggest differentiators we have today and will continue to build on is application intelligence.. In remote access, there are two approaches — a network-centric view and an application view. Not surprisingly, we have an application focus… to our access solution”
For more information about today’s release, check out:
http://www.darkreading.com/document.asp?doc_id=152403&WT.svl=news2_1
http://www.microsoft.com/forefront/prodinfo/roadmap/uag.mspx
HTH,
Tom
Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP — Microsoft Firewalls (ISA)