Forefront Unified Access Gateway 2010 (UAG) delivers comprehensive, secure remote access to corporate resources for employees, partners, and vendors on both managed and unmanaged PCs and mobile devices. Utilising a combination of connectivity options, ranging from SSL VPN to DirectAccess, as well as built in configurations and policies, UAG provides centralised and easy management of an organisation's complete anywhere access offering.

Integrating a deep understanding of the applications published, the state of health of the devices being used to gain access, and the user's identity – UAG enforces granular access controls and policies to deliver comprehensive remote access, ensure security, and reduce management costs and complexity.

• Remote Access to SharePoint and/or Exchange. Optimised for SharePoint and Exchange, UAG delivers secure, anywhere access for your employees, partners and customers. Leveraging a combination of granular application filtering capabilities, deep endpoint health detection and wizard driven configuration—UAG provides for a simple and highly secure means of publishing Exchange and SharePoint deployments.
   

• Comprehensive Remote Access (SSL VPN). As a comprehensive SSL VPN, UAG provides multiple levels of access and tunneling to deliver internal applications and network resources to remote users.
   

• DirectAccess. UAG extends the benefits of DirectAccess across the infrastructure, enhances scalability, and simplifies deployment and ongoing management.

• Improve Productivity of Mobile Workforce. DirectAccess provides increased productivity for your mobile workforce by offering the same connectivity experience both in and outside of the office. DirectAccess is on whenever the user has an Internet connection, giving users access to intranet resources whether they are traveling, at the local coffee shop, or at home.
   

• Improved Manageability of Remote Users. Without DirectAccess, mobile computers can only be managed when users connect to a VPN or physically enter the office. With DirectAccess, mobile computers can be managed any time the mobile computer has Internet connectivity, even if the user is not logged on. This allows remote computers to be managed regularly and helps ensure mobile users stay up-to-date with security and system health policies. DirectAccess helps ensure that organisations can meet regulatory and privacy mandates for security and data protection for assets that must roam beyond the corporate network.
   

• Improved security. DirectAccess uses Internet Protocol security (IPsec) for authentication and encryption. Optionally, you can require smart cards for user authentication. DirectAccess integrates with Network Access Protection (NAP) to require that DirectAccess clients must be compliant with system health requirements before allowing a connection to the DirectAccess server. IT administrators can also configure the DirectAccess server to restrict the servers that users and individual applications can access.

*Feature is improved in UAG