If you’ve used IAG as your SSL VPN gateway, you’re probably aware that there really wasn’t a viable concept of gateway “array” or cluster”. It was pretty much configure one and then reconfigure the second box with the same settings. And forget about NLB.
The playing field changes with UAG. UAG is built on top of the TMG firewall, and partially leverages the array or cluster capabilities enabled by the TMG firewall infrastructure.
A TMG gateway supports two types of arrays:
- Enterprise arrays
- Standalone arrays
The key difference between the two is that the enterprise array requires that you use an Enterprise Management Server or EMS. When deploying Enterprise Arrays, all configuration settings are stored on the EMS server. In contrast, standalone arrays storage configuration information on one of the arrays members. The array member responsible for hosting the configuration information is the Array Manager.
Both Enterprise and Standalone Arrays store configuration information in Active Directory Lightweight Directory Services, or AD LDS.
While TMG arrays support both Enterprise and Standalone configuration, UAG Beta 2 supports only Standalone Arrays. For Beta 2, there is no Enterprise Array option.
That’ll get you started. If you want to know more about UAG array configuration, check out Rayne Wiselman’s post on the UAG Team Blog over at:
http://blogs.technet.com/edgeaccessblog/archive/2009/07/20/comparing-uag-and-tmg-arrays.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)