FAQ's

Q. What is the Portcullis Systems Unified Access Gateway (UAG)?

 Q. What are the benefits of a Portcullis Systems UAG appliance?

A. At Portcullis Systems, we build upon the great technologies from Microsoft and HP to provide significant additional value for our customers. Our technologies make deployment easy, boost performance of applications and help to centrally manage your array of Portcullis Systems devices wherever they may be located. Portcullis Systems appliances also add significant benefits to UAG deployments with enhanced features like application acceleration through Portcullis Systems Ballista™ and our enterprise auditing software PSAM™.

Q. What support options does Portcullis Systems offer?

A. Portcullis Systems is a world-class provider of Forefront Security appliances and global 24 x 7 support to customers around the world. As a Global OEM partner for HP and Microsoft, we deliver our high-value software solutions on tier-1 hardware platforms to provide reliable, scalable performance with the best support available in the industry. We can provide hardware engineers onsite to your locations around the world in as little as 4 hours for an unmatched level of service.

Q. Are Portcullis Systems appliances FIPs compliant?

A. Our HS-UAG7000F and HS-UAG9000F models conform to FIPS 140-2 Level 2 encryption standards for organizations requiring the highest levels of data encryption. The cryptographic technology is a multi-chip embedded hardware cryptographic module that resides within the gateway appliance. It is contained in its own secure enclosure that provides physical resistance to tampering.

Q. Does the Portcullis Unified Access Gateway include all the features in Intelligent Application Gateway (IAG) and work in the same scenarios as IAG?

A. UAG is built on the proven platform of IAG and extends the capabilities of IAG with new features and functionality. Forefront UAG continues Microsoft's differentiation around application intelligence, endpoint security, granular policy controls, and ease of use. UAG will be deployed in the same scenarios as IAG as well as some expanded scenarios. For DirectAccess scenarios, UAG will further improve deployments by providing access to/from existing infrastructure, simplifying configuration, and enhancing management.

Q. What are the key features of Unified Access Gateway?

 A. Portcullis Unified Access Gateway is designed to build on the secure remote access capabilities in IAG 2007, extending Microsoft's focus on application intelligence, security and control, and ease of use:
• Application Intelligence: Forefront UAG includes broad application support for Microsoft and third-party applications. Key features include granular application filtering, multiple tunnels allowing various levels of client/server and network access, session cleanup and removal, as well as Remote Desktop and RemoteApp integration.
• DirectAccess Enhancement: Forefront UAG extends DirectAccess to legacy applications and platforms and simplifies DirectAccess deployments with wizards and automated policies. Furthermore, it scales DirectAccess through built-in load balancing and array management.
• Endpoint Access Controls: Forefront UAG performs extensive and granular end point health detection, and is integrated with Network Access Protection (NAP) policies.
• Scale and Management: Forefront UAG includes built in load balancing, array management capabilities, as well as enhanced monitoring and management via System Center Operations Manager.

Q. How is DirectAccess different from current VPN solutions?

A. Virtual private networks (VPNs) securely connect remote users to their network. While DirectAccess can also do that, it is only one of the many things that DirectAccess can perform well. Additionally, DirectAccess can ensure that users are connecting to the exact server to which they think they are connecting (end-to-end authentication) and provide data encryption all the way to the server (end-to-end encryption). DirectAccess also allows IT professionals to service remote computers whenever the DirectAccess client has Internet connectivity. Additionally, working together with Network Access Protection (NAP), DirectAccess can ensure that the clients are always compliant with system health requirements to ensure a secure and healthy IT environment.

Q. How does the Portcullis Unified Access Gateway extend DirectAccess?

A. DirectAccess in Windows 7 and Windows Server 2008 R2 enhances the productivity of mobile workers by connecting them seamlessly and more securely to their corporate network any time they have Internet access—without the need to establish a VPN session. DirectAccess enables corporate network file shares, intranet Web sites, and line-of-business applications so they can remain accessible wherever you have an Internet connection. DirectAccess requires Windows 7 Enterprise Edition or Windows 7 Ultimate Edition computers and a Windows Server 2008 R2 DirectAccess Server at the edge of your network. Unified Access Gateway 2010 (UAG) extends the benefits of DirectAccess across your infrastructure, enhancing scalability and simplifying deployments and ongoing management.
UAG takes DirectAccess deployments to a new level as it helps:
• Extend access to line of business servers with IPv4 support such as Windows 2003 and non-Windows servers.
• Provide SSL VPN access for down level (Windows 7 standard & home/Vista/XP) and non-Windows clients as well as PDAs.
• Enhance scale and management through array management capabilities and integrated load balancing.
• Simplify deployments and ongoing administration using wizards and automated tools.
• Deliver a hardened, edge-ready, solution that can swiftly be deployed.

Q. What are minimum operating system requirements for DirectAccess?

A. DirectAccess clients must run Windows 7 Enterprise Edition or Windows 7 Ultimate Edition, and must connect to a Windows Server 2008 R2 DirectAccess server. The client machines must also be joined to an Active Directory Domain Services (AD DS) domain.

Q. What gets installed on the client to enable DirectAccess?

A. DirectAccess does not require any client-side installation. DirectAccess clients use Active Directory domain membership and Group Policy settings for their configuration and leverage software already built in to the Windows 7 Enterprise or Ultimate operating systems. Group Policy settings are applied while connected to the local area network (LAN) or through a DirectAccess connection. There is no user interface on the DirectAccess client. When DirectAccess is operating effectively, it is transparent to the end user.

Q. How is Forefront Unified Access Gateway different from the Forefront Threat Management Gateway (TMG)? Why should I use UAG for application publishing rather than TMG?

A. Forefront Threat Management Gateway is a comprehensive, secure Web gateway that helps protect employees from Web-based threats. It provides multiple layers of continuously updated protections, including URL filtering, antimalware inspection, and intrusion prevention. These technologies are integrated with core network protection features, to create a unified, easy-to-manage gateway that reduces the cost and complexity of Web security. Forefront UAG, on the other hand, delivers secure, anywhere access to messaging, collaboration, and other resources, increasing productivity while maintaining compliance with policy. Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user's identity—UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.