With a need of absolute security in SSL VPN, Microsoft has introduced UAG. Forefront Unified Access Gateway is a software solution which provides better security in SSL VPN. Though UAG is bit different than other SSL VPN software, the software has some features which resemble SSL VPN. One of the important features of the software is a firewall facility provided in Application Layer. There is also better prevention in SQL injection for URL based applications. The URL syntax checking facility provided with the software is quite impressive. IPV6 based access technology has reduced the requirement of additional gateway setup in case of remote access VPN.
Room for Improvement:
Though UAG is a breakthrough in SSL VPN, it still lags in some fronts, like authentication control process in VPN. In some cases where standard schema is not followed for a server, UAG seems to not communicate well. UAG also requires Microsoft Windows Server 2008 R2 x64 platform. This is a setback for users of x86 platforms. UAG also faces some difficulties with communication through 802.1x authentication protocol in radius mode. Other than standard Active Directory group, UAG doesn't communicate with external groups in case of a remote VPN.
If you are trying to work out a solution for your SSL VPN with the same standard of platforms and Active Directory, then setting up UAG will be easier and it will perform as expected. UAG is an affordable software solution available in the market. It is useful for users using Windows Server platform with volume licensing copy and with 250 or more users.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jul 04 2012