MOC 50402, Implementing Forefront Unified Access Gateway 2010

This 3 day instructor-led training class is presented by Microsoft training partners to their end customers. Channel Partners nationwide hire proven AMS Subject Matter Expert Microsoft Certified Trainers (MCT’s) to teach on-site or on-line classes.

This course prepares students to design and deploy remote access solutions using Microsoft Forefront Unified Access Gateway 2010 (UAG). Forefront UAG provides organizations with unparalleled flexibility in providing access to network resources (such as Web sites and internal applications) with granular access control, custom content protection, and endpoint validation. Forefront UAG also integrates with DirectAccess, a new Windows 7 technology that provides seamless remote access to all corporate resources without connecting to a virtual private network. This course is intended for architects, consultants, network administrators, and technical sales professionals who are responsible for selling, designing, and deploying edge access solutions for enterprises.

After completing this course, students will be able to:

  • Install and configure Forefront UAG as a standalone server or an array member.
  • Publish Microsoft Exchange Server, Microsoft Office SharePoint Server, and Remote Desktop Gateway applications to external users.
  • Configure Forefront UAG to authenticate and authorize users, and enforce security policies on clients.
  • Use Forefront UAG as a gateway for DirectAccess clients.
  • Understand the design and deployment considerations when building an enterprise access solution using Forefront UAG.

Before attending this course, students must have:

  • Solid understanding of Windows networking.
  • Experience with IPv6 is desirable but not required.
  • Working knowledge of Active Directory, LDAP, and RADIUS authentication.
    Basic understanding of Microsoft Exchange Server 2007 and Microsoft Office SharePoint Server 2007.

Course Outline

Module 1: Forefront UAG Overview
This module provides an overview of the features and capabilities of Forefront UAG, and the role it plays in enabling usage scenarios that are part of the Microsoft Business Ready Security strategy.

  • Microsoft Business Ready Security Strategy (BRS)
  • Forefront Unified Access Gateway Architecture
  • Licensing and Availability


Module 2: Forefront Unified Access Gateway Setup and Upgrade
This module covers the setup and configuration tasks for Forefront UAG, and describes how to migrate from Microsoft Intelligent Application Gateway 2007 (IAG) to Forefront UAG.

  • Installing Forefront UAG
  • Initial Configuration


  • Install Forefront Unified Access Gateway 2010
  • Install Forefront UAG 2010
  • Configure the initial settings using the Getting Started Wizard

Module 3: Forefront UAG Portal
In this module, you’ll understand the concept of a trunk in Forefront UAG, and how the product uses trunks to enable remote users to connect to internal applications. You’ll see the role of the Forefront UAG portals as front end interfaces for these users, and how Forefront UAG can be customized during deployments.

  • Trunks and Portals
  • Portal Customization
  • Client Detection


  • Create and Configure a Portal Trunk
  • Create a HTTPS trunk in Forefront UAG
  • Configure an Active Directory authentication repository

Module 4: Publishing Web Applications
In this module, you will learn how to configure Forefront UAG to enable remote endpoints to have access to internal Web applications. You will see how to enable access to Microsoft Exchange and Microsoft SharePoint, and how to deploy federation using Active Directory Federation Services (AD FS).

  • Web Publishing Overview
  • Publishing Microsoft Exchange
  • Publishing Microsoft SharePoint
  • Deploying Federation with AD FS


  • Publishing Exchange Applications
  • Configure Outlook Web Access (OWA) publishing using the OWA look and feel
  • Configure OWA publishing inside the Forefront UAG portal
  • Publish Outlook Anywhere and Exchange Autodiscover

Module 5: Remote Desktop Gateway Publishing
In this module, you will see how Forefront Unified Access Gateway (UAG) allows you to provide access to published RemoteApps and Remote Desktops by integrating a Remote Desktop Gateway (RD Gateway) to provide an application-level gateway for Remote Desktop Services (RDS) and applications.

  • Remote Desktop Publishing Overview
  • Deploying RD Gateway Publishing


  • Publishing Remote Desktop Services
  • Publish RemoteApp applications using the Forefront UAG portal
  • Publish a predefined Remote Desktop

Module 6: Remote Network Access
This module explains how you can configure remote access to the corporate network using the legacy Network Connector application or the Secure Sockets Tunneling Protocol (SSTP).

  • Remote Network Access Overview
  • UAG/SSTP Integration Architecture
  • Configuring Remote Network Access


  • Remote Network Access using SSTP
  • Configure remote network access using SSTP
  • Publish remote network access in the Forefront UAG portal

Module 7: IPv6 and IPv6 Transition Technologies
This module provides an overview of the IPv6 protocol used by Forefront UAG DirectAccess, and the technologies associated with transitioning from IPv4 to IPv6 networking.

  • IPv6 Overview
  • IPv6 Transition Technologies


  • IPv6 and ISATAP
  • Use IPv6 link-local addresses for local network connectivity
  • Deploy an ISATAP router in an intranet

Module 8: DirectAccess
This module gives an overview of DirectAccess, a technology enabled by Forefront UAG that provides seamless network access to Windows 7 clients.

  • DirectAccess Overview
  • DirectAccess Solution Components
  • Planning a DirectAccess Deployment
  • Deploying DirectAccess Using Forefront UAG


  • Deploying DirectAccess
  • Prepare the infrastructure requirements for DirectAccess
  • Configure DirectAccess using Forefront UAG

Module 9: Endpoint Security Policies and NAP Integration
This module presents an overview of the policy evaluation and enforcement technologies for the Forefront UAG endpoints.

  • Endpoint Policies
  • Network Access Protection Integration


  • Endpoint Policies and Network Access Protection
  • Use the Endpoint Policies with a Forefront UAG portal application
  • Configure Network Access Protection (NAP) with Forefront UAG DirectAccess

Module 10: Array Management
This module explores how Forefront UAG uses arrays to scale out to large deployments—improving the scalability and availability of the solution while reducing management overhead.

  • Forefront UAG Array Management Overview
  • Deploying and Operating Forefront UAG Arrays
  • Network Load Balancing Integration


  • Configuring Forefront UAG Arrays
  • Install an additional Forefront UAG server
  • Configure a Forefront UAG array and perform post-array configuration tasks

Module 11: Enterprise Deployment and Troubleshooting
This module covers the considerations involved in designing, deploying, and troubleshooting an enterprise access solution based on Forefront UAG.

  • Deploying Forefront UAG in Enterprise Environments
  • Supporting and Troubleshooting Forefront UAG

To Hire a proven Microsoft Forefront Subject Matter Expert Consultant and Instructor who teaches this class, call 800-798-3901 today!

Leave a Reply