The following lists the tasks you must do before deploying a Forefront Unified Access Gateway (UAG) array:

  1. Ensure that all the Forefront UAG servers that you want to join to the array are members of the same domain, and that each server meets the hardware and software requirements described in System requirements for Forefront UAG servers.

  2. Install Forefront UAG on each server.

  3. Check array permissions—To add servers to an array, you must provide credentials with an array administrator role in Forefront Threat Management Gateway (TMG) running on the Forefront UAG server. By default, the user that installs Forefront UAG has an array administrator role. If you want to use a different account, note the following:

    • It must be a domain account that is recognized by all array members.

    • The account should have local administrator permissions on the array manager server, and on all array members.

    • It is recommended to use an account with a long expiry period.

    • Ensure that you are logged on to the server, with the credentials that you will specify when running the Array Management Wizard.

  4. Configure a Forefront UAG array, as described in Implementing an array and load balancing design.

  5. If you are using a Network Policy Server (NPS) and Network Access Protection (NAP) policies to check the health of client endpoints, on the NPS, you must add the array manager and all array members as trusted RADIUS clients.