This checklist is designed to help you plan your Forefront Unified Access Gateway (UAG) deployment. It lists the tasks you should do to install and deploy Forefront UAG successfully. The checklist also provides links to where you can find instructions and planning information for each task.
Tasks are grouped according to:
Infrastructure considerations and tasks
The following table lists the tasks and infrastructure options you should consider before installing and deploying Forefront UAG:
Task | Where to find information |
---|---|
Forefront UAG can be deployed in a number of topologies. Select a topology, and ensure that you understand any specific topology-related tasks that should be completed. |
For an overview of network topologies, see Identifying your infrastructure deployment goals, in the Infrastructure planning guide. |
Join Forefront UAG to a domain or workgroup |
Forefront UAG can be deployed as a domain member or in workgroup mode. For an overview of domain and workgroup scenarios, see Mapping your deployment goals to an infrastructure design. When installing Forefront UAG as a software application, you should join the server to a domain or workgroup before you run Setup. |
Deploy certificates |
Forefront UAG uses server certificates in a number of scenarios. For information about certificate requirements, see Mapping your deployment goals to an infrastructure design. |
Preinstallation tasks
The following table lists the tasks you should do before running setup.
Task | Where to find information |
---|---|
Verify computers |
Ensure that the computers on which you want to install Forefront UAG meet the hardware and software requirements, and that network adapters are installed and configured as required. For more information, see System requirements for Forefront UAG servers. |
Plan for installation |
Before running Setup, read Preparing to install, and the Installation checklist. Then follow the instructions in Installing the Forefront UAG application. |
Post-installation tasks
The following table lists the tasks you should complete after installing Forefront UAG:
Task | Where to find information |
---|---|
Configure network adapters |
After installation, the Getting Started wizard runs to help you configure network settings. For more information, see Running the Getting Started Wizard. |
Deploy multiple Forefront UAG servers |
Multiple Forefront UAG servers can be joined together in an array configuration, providing high availability. By default, the first Forefront UAG server that you install acts as the array manager, storing the configuration for all array members. For more information about deploying Forefront UAG in a multiple-server array deployment, read the Array planning guide, and then complete the procedures described in Array deployment guide. |
Deploying Forefront UAG DirectAccess |
Forefront UAG integrates Windows DirectAccess to allow seamless connectivity to corporate networks regardless of location. If you want to deploy DirectAccess, there are a number of prerequisites to consider before beginning deployment. For more information, see Forefront UAG DirectAccess prerequisites. After ensuring that your server meets all DirectAccess prerequisites, read the Forefront UAG DirectAccess planning guide for information about creating a DirectAccess design to meet your deployment goals. Then configure DirectAccess according to the procedures described in the Forefront UAG DirectAccess deployment guide. |
Publish internal resources |
Using Forefront UAG you can publish internal resources, including Web and non-Web applications, internal file structures, and VPN client access using SSL network tunneling with SSTP or Forefront UAG Network Connector. To learn more about publishing via Forefront UAG, read the Publishing planning guide, and then complete the procedures described in the Publishing deployment guide to create a Forefront UAG portal or site, and publish applications. |
Configure client identity and access mechanisms |
You can configure a number of mechanisms for identifying and controlling remote users accessing resources publishing via Forefront UAG. To learn more about client authentication, access policies and portal authorization, read the Access control for publishing planning guide, and then use the Access control for publishing deployment guide including procedures for: Implementing frontend authentication, and Implementing access policies for endpoint health validation. |
Plan client endpoint component deployment |
Forefront UAG deploys client-side components on endpoints connecting to Forefront UAG sites. The components installed depend upon the operating system and browser running on the endpoint, and upon which applications and resources are published on the server-side. Read about planning component deployment in the Client component deployment planning guide, then follow the instructions in the Endpoint component deployment guide. |