Microsoft UAG SSL VPN
“I can recommend using Microsoft Unified Access Gateway as a secure method of allowing remote users access to the systems and applications that are needed on your internal network. Sapphire originally installed IAG and then provided the necessary expertise to upgrade to UAG. This was achieved with the minimum downtime needed and has provided us with a more robust remote access solution for staff who want access to email, either via Active-sync, or Outlook Web Access, fileshares and web based systems or alternately need full access to our network using Network Connector.
Access is policy driven as this ensures that we can restrict connectivity on a per person basis giving access only to the systems needed. These access policies closely integrate with our Active Directory, Encryption and Anti-Virus policies thus ensuring remote users devices follow the same security requirements of internal users. On this basis I can definitely recommend using UAG as an edge security device and Sapphire as pre-sales, configuration and installation consultants. They also provide a first class after sales service.”
Andy Taylor, ICT Data Network Specialist, South Tees Hospitals NHS Foundation Trust
The Microsoft Forefront Unified Access Gateway 2010 (UAG) delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors on both managed and unmanaged PCs and mobile devices. Utilising a combination of connectivity options, ranging from SSL VPN to DirectAccess, as well as built in configurations and policies, UAG provides centralised and easy management of an organisation's complete anywhere access offering.
Sapphire is a security consultancy specialising in Microsoft UAG. Sapphire has worked with Microsoft UAG, formerly Whale Communications, for over 10 years. We have one of the largest UAG consultancy teams in the UK. Because of our hands-on experience with the product we have the competitive edge when it comes to installing and supporting the solution. Our consultants are able to work closely with the end user, ensuring that the UAG solution is configured correctly and are often required to write custom scripts.
Sapphire only promotes solutions that we have tried and tested in our laboratory. After having spent much time trying to ‘break’ Microsoft solutions, our consultants are now that confident in the Microsoft product range that we have migrated our entire network over to a Microsoft environment.
Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access and the user's identity – UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.
Key Benefits
Anywhere Access
Forefront Unified Access Gateway makes it easier for organizations to deliver secure remote access to their applications and resources and improve employee and partner productivity, by combining an intelligent access policy engine and consolidating a variety of connectivity options including SSL VPN and DirectAccess.
- Empower employees, partners, and vendors to be productive from virtually any device or location through integrated SSL VPN capabilities.
- Deliver simple and secure access optimised for applications such as SharePoint, Exchange, and Dynamics CRM.
- Extend networking connectivity with Windows DirectAccess to existing infrastructure and legacy applications.
Integrated Security
Forefront Unified Access Gateway improves the security in remote access scenarios by enforcing granular access controls and policies that are tailored to the applications being published, the identity of the user and the health status of the device being used. UAG further improves security by enabling strong authentication to applications and mitigating the risks of downloaded data from unmanaged devices.
- Protect IT assets through fine-grained and built-in access policies that provide access to sensitive data based on identity and endpoint health.
- Easily integrate with Active Directory and enable a variety of strong authentication methods.
- Limit exposure and prevent data leakage to unmanaged endpoints.
Simplified Management
With Forefront Unified Access Gateway, administrators have a single platform through which to deliver and manage remote access. With built in policies and configurations for common applications and devices, administrators gain more control, more efficient management, greater visibility and lower total cost of ownership.
- Consolidate remote access infrastructure and management.
- Complify deployment and ongoing tasks through wizards and built-in policies.
- Reduce support costs by delivering a simplified connectivity experience for users.
Features
Forefront Unified Access Gateway (UAG) is a remote access solution that provides a gateway for managed and non-managed endpoints to access corporate applications and resources, as follows:
- Remote Access to SharePoint and/or Exchange. Optimised for SharePoint and Exchange, UAG delivers secure, anywhere access for your employees, partners and vendors. Leveraging a combination of granular application filtering capabilities, deep endpoint health detection and wizard driven configuration—UAG provides for a simple and highly secure means of publishing Exchange and SharePoint deployments.
- Comprehensive Remote Access (SSL VPN). As a comprehensive SSL VPN, UAG provides multiple levels of access and tunneling to deliver internal applications and network resources to remote users.
- DirectAccess. UAG extends the benefits of DirectAccess across the infrastructure, enhances scalability, and simplifies deployment and ongoing management.
Appliances
When purchasing Microsoft UAG, Sapphire provides its clients with the choice of two flavours of appliance. Sapphire works with Celestix and Portsys UK to provide a range of hardware to compliment each clients existing infrastructure.
Sapphires account managers will discuss the vendors available to you in detail and provide you with an appliance that suits you.
Portsys UK
The PortSys Unified Access Gateway is a flexible, powerful platform that gives mobile workers, partners and customers secure, complete access to almost any application - without the headaches of creating and maintaining VPN connections.
The PortSys Unified Access Gateway leverages the full power of Microsoft’s UAG to provide secure access to almost any resource within the enterprise – and allows you to change, limit or forbid access to specific resources based on the location, device or security level of the remote user. Configuration is not only simple, it provides far tighter security and increased flexibility when compared to SSL-VPNs. SSL- VPNs create an encrypted tunnel through your firewall without letting you see what travels through.
The PortSys Unified Access Gateway monitors traffic on your network, identifies the types of traffic and range of connections, then stops all attempts to penetrate your enterprise except those you have already approved, under conditions you have already set.
Portsys HP Appliances 
HS-UAG4000
HS-UAG7000 / 7000f
HS-UAG9000 / 9000f
Celestix
Celestix Networks is the premier developer of managed security appliances, offering a broad range of ready-to-deploy security appliances and turnkey security solutions.
Celestix appliances are designed to reduce product complexity and provide customers with less expensive, easy to use delivery platforms.
Working closely with strategic partners, Celestix ensures that its appliances have the breadth and depth of functions, features and performance to provide the best appliances to meet today's demanding security needs.
The WSA appliance is a Secure Socket Layer Virtual Private Network (SSL VPN) that provides employees and partners with policy-based secure access to applications and data from any PC or device and any location.
The WSA secure access solution enables remote access from diverse endpoints through a single point of entry to almost any business application and file share, while enforcing user authentication and authorization over a policy-defined application-layer connection. Endpoint security management enables granular access control and deep content inspection and application protection.
WSA Appliances 
WSA3200
WSA4200
WSA6200
WSA8200
Reference Materials
For a full list of our reference materials, please visit the Remote Working download section.
Case Studies
- Angus Council
- Biggart Baillie
- Fareham College
- Midlothian Council
- Ministry of Defence
- Thorntons
- Warwickshire LEA
Datasheets
Whitepapers
- Support 0845 58 27999
- General 0845 58 27001
- Request a Call / Quote
