Mapping your deployment goals to a Forefront UAG DirectAccess design
Updated: April 8, 2010
Applies To: Unified Access Gateway
After identifying and evaluating your Forefront Unified Access Gateway (UAG) DirectAccess deployment goals, you can map these goals to a Forefront UAG DirectAccess design that meets your deployment objectives. This topic describes how you can map one goal or a combination of any of the predefined Forefront UAG DirectAccess deployment goals to a Forefront UAG DirectAccess design. For information about identifying your deployment goals, see Identifying your Forefront UAG DirectAccess deployment goals.
Note
After mapping your deployment goals to a Forefront UAG DirectAccess design, you can begin documenting your design. For information, see Documenting your Forefront UAG DirectAccess design.
The following table shows how the Forefront UAG DirectAccess designs meet the deployment goals.
Deployment goal | DirectAccess design requirements |
---|---|
Transparent and automatic remote access for DirectAccess clients |
Functionality in the Forefront UAG DirectAccess server and clients. For information, see Connection process. |
Ongoing management of remote DirectAccess clients |
Bidirectional connections whenever the computer is connected to the Internet. For information, see Designing Forefront UAG DirectAccess for remote management. |
Efficient routing of intranet and Internet traffic |
Use of the NRPT and IPsec to separate Internet and intranet traffic. For information, see NRPT rules. |
Reduction of remote access-based servers in your edge network |
Access to intranet resources through the Forefront UAG DirectAccess server. For information, see Resources available to Forefront UAG DirectAccess clients. |
End-to-end traffic protection |
The end-to-end access model. For information, see Choosing an access model. |
An integrated DNS64 and NAT64 solution |
Integrated NAT64 and DNS64 on the Forefront UAG DirectAccess server. For information, see Choosing a solution for IPv4-only intranet resources. |
A scalable Forefront UAG DirectAccess solution |
Forefront UAG array management and load balancing. For information, see Capacity planning for Forefront UAG DirectAccess servers. |
Multi-factor credentials for intranet access |
Smart card authorization on the intranet tunnel. For information, see Smart cards for additional authorization. |