Forefront IAG 2007 SP1

On May 21st, we announced IAG's SP1 - RTM expected around this August.  I'll give a summary of the new features coming out with SP1:

Vista Client support

Details:

· Both online and offline installation / updates / removal of Download Manager

· Detection of multiple legacy client-security components

· SSL tunnel and session security with basic and socket forwarding

· Keyboard and mouse monitoring

· Network Connector functionality

· Added support for Forefront Client Security in endpoint security checks

Benefits:

· Attachment Wiper clears out IE images, cookies, history and auto-complete forms, plus private app-specific caches

 

ADFS enhancements

Details:

· SAML pre-authentication for all access

· Protected SAML-based access for users with federated trust relationships using granular, per-user policy

· DMZ-ready deployment (hardened appliance)

· Kerberos Constrained Delegation (KCD) support for SmartCard-only authentication

Benefits:

· Maintains SSO experience for users without needing direct server connections

· Web applications are not exposed

· Reduces TCO and increases security by eliminating need for a dedicated Federation Server Proxy

Performance

Detail:

· Enhanced regular expression handling

· Reduced buffer allocation / sizes

· Enhanced HTTP text string handling

Benefits:

· Reduced CPU consumption results in higher throughput

· Improved memory consumption