First of all, I would like to thank Matthieu Martineau ( matthieu.martineau@piservices.fr ) (Gold Partner, MCSE and MCT) with whom I had the opportunity to investigate some of the breaking scenarios I mention at the end of this post In the wide...

Tracing a product is always a good thing. First , it helps you to understand how it works internally and so enhance your own skills… second , it helps you to understand why such expected feature or configuration is not working fine. With IAG (previous...

The purpose of UAG is to provide “remote access” (more an employee term) and “application publishing” (more a partner or customer term). This means that UAG has to be ready to “talk” to people that are not IT specialists at all. Security policy...

When you connect UAG, in an internal phase called “install and detect” the UAG client will download from the UAG server a file named Detection.VBS. This Detection.vbs file contains all the “VBS” code that will analyze the client machine. This...

Workstation analysis and security policy are the key features proposed by UAG to provide security at the application layer. Whereas firewall will operate at the network layer (filter by IP or TCP Port range), the application layer will look at “what”...

This December, a lot of changes happened in the Microsoft security portfolio. After more than 1 year of strong investments, Microsoft launched the “2010” versions of both “ISA” and “IAG” : * IAG Server becomes now “Forefront Unified Access Gateway...

Gridsure, a UK company, has created a very nice way to provide strong authentication. Strong authentication combines what you know (login, password) and what you have (something physical). In the long list of strong authentication mechanisms we know Smartacards...

Recently, I have decided to evaluate BPOS (Business Productivity Online Services), the Hosted offer of Microsoft. Basically, I want to use Exchange to host my personnal mail (OWA and Antivirus/Antispam) and also use Sharepoint/MOSS. With BPOS, you “rent...

A few days ago, I was working with Fadhel Ben Brahem, one of our IAG experts working for Dictao, a Microsoft Partner. IAG was implemented in a very complex LAN/Switches/LoadBalancer environnent. The goal, the failure The goal of our Proof Of Concept was...

I recently upgraded my machine to Windows 7 RTM, and have decided to also install the next version of Virtual PC named “Windows Virtual PC (WVPC)”. I am using a lot the Microsoft IAG Virtual Lab (downloadable online) for my day to day work (demo, dev...

On my blog, I have created a dedicated section (TAG = howTo-Filters) for IAG application filters. Every time I have to face a problem with a web application, I create a post on my blog, try to share the approach I used to identify the problem, and of...

Last year I had a lot of pleasure to work for the Central and Eastern Europe Region. I had the opportunity to visit several countries and collaborate with partners and customers. What a great experience. This year I will be working for Middle East and...

In my day to day activity, I frequently have to discuss with customers and partners about technology around mobility and security. In the last 4 weeks I had a lot of requests from customers in the context of H1N1 disease, this is why I created this...

By Lucimara Desiderá (MS Consultant, São Paulo) & Frédéric ESNOUF (MS Pre-sales IDA, Paris) Introduction Intelligent Application Gateway is a very powerful remote access solution which provides a wide range of technologies such as VPN...

Microsoft IAG (Intelligent Application Gateway) is a powerful “mobility” gateway capable of providing remote access to different kind of people: employees, partners, customers, … It introduces several approaches to provide this mobility: ·        ...

Lucky me, I am working for a company where mobility is truly part of the way we work. When I joined Microsoft, they gave me a “package” of technologies that I use every day. Check this picture: ·         A Laptop: running...

GEMALTO authentication server is called Protiva. It is a global authentication solution which can especially provide OTP (One Time Password) authentication.   The integration is very simple since the protocol used between IAG and Protiva server is...

Introduction Since IAG SP2, Kerberos Constrained Delegation (KCD) it handled at IAG level (not anymore at ISA level). Even if KCD logic remains the same, the approach to trace and troubleshoot is now different. The purpose of this document is to give...

By default, IAG is capable of detecting a wide range of software on the client side. What happen if the software I want to check is not in the list ? I had that constraint with one of my partners, Skyrecon Here is the methodology we used : 1) asked the...

  IAG is able to inspect your workstation and then later, per application, verify if you are compatible with the security policy.   For example, you want to make sure that only “corporate” machine can access ApplicationA, but everybody (of course...

  When you connect IAG for the first time a “client”  (in fact a bunch of sub components) are installed on the machine (there are other ways to install the client than online install). Later they will be loaded when needed when you connect IAG...

When you connect an IAG portal, a client-side component will inspect your workstation and will take a “technical picture” of your machine. This “picture” will contain by default more than 200 checks and can be extended quickly to cope with your...

As an IT PRO, I am spending most of my day with my laptop computer. It is used for basic things like email, Phone (VOIP), … but also for more stressful (my machine point of view) activities such as working on Virtual Machines. I wanted to “boost” my laptop...

Most of the products documentation are now online. this is very nice since it is centralized, and very easy to update, but on the other hand when working offline, you are stuck. This is the case for IAG that you can find here:   http://technet.microsoft...

  Intelligent Application Gateway 2007 Service Pack 2 is now available!   Marking a significant milestone for this technology, Service Pack 2 brings with it a variety of enhancements that improve overall IAG scalability, interoperability, and...