Book Image

Mastering Microsoft Forefront UAG 2010 Customization

Book Image

Mastering Microsoft Forefront UAG 2010 Customization

Overview of this book

While UAG is built to integrate with many environments and publish dozens of application types, many organizations require a certain level of customization to meet their needs. With this book in hand, you will be equipped to deal with these types of customization scenarios, and you will be confident in using such workarounds without hassle and trial and error. Written by some of the leading experts on UAG, "Mastering Microsoft Forefront UAG 2010 Customization" covers the most complex and challenging options for customizing UAG in a way that is friendly and easy to follow. It walks you through various customization tasks, including explanations and code samples, as well as creative ideas for troubleshooting your work. Until now, only a few of the extensions to UAG's services have been publicly available, and most were only known to a select few. Now, this can include you! Throughout this book, you will tackle how to change the system's look-and-feel, deal with advanced authentication schemes and write special functions that need to be executed as part of the client interaction. With "Mastering Microsoft Forefront UAG 2010 Customization", you too can learn how to customize various aspects of UAG's functionality to enhance your organization or customers' experience.

Related Content you might be interested in

Current Title:

Small book image
Mastering Microsoft Forefront UAG 2010 Customization
Feb, 2012 | 186 pages
No titles found
Table of Contents (16 chapters)
Mastering Microsoft Forefront UAG 2010 Customization
Mastering Microsoft Forefront UAG 2010 Customization
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Customization Building Blocks
Customization Building Blocks
Introduction to UAG and how it works
The UAG detection, login, and authentication flow
Customization and supportability
The CustomUpdate mechanism
HTML, CSS, JavaScript, ASP, and ASP.NET
Other web technologies
Reading, editing, and debugging ASP code
A word about security
Further reading
Summary
2
Customizing UAG's Look and Feel
Customizing UAG's Look and Feel
Honey, I wouldn't change a thing!
The UI pages
Customizing the login and admin pages
Customizing the portal
Portal application icons
Changing texts
Portal selection for clients
Summary
3
Customizing Endpoint Detection and Policies
Customizing Endpoint Detection and Policies
How does endpoint detection work?
Things you can do with custom detection scripts
Creating and placing a custom detection script
Integrating custom detection with endpoint policies
Troubleshooting and debugging detection scripts
Endpoint detection in the real world
Summary
4
The Application Wrapper and SRA
The Application Wrapper and SRA
What content alteration can do for you
The Application Wrapper and SRA configuration files
How the AppWrap and SRA engines work
Having your own way
AppWrap syntax
SRA syntax
Summary
5
Creating Custom Application Templates
Creating Custom Application Templates
Building SSL-VPN templates
Creating your own templates
Template customizations and enhancements
More parameters used in the template
Summary
6
Custom Certificate Authentication
Custom Certificate Authentication
Certificate authentication concepts and terminologies
UAG and certificate authentication
Understanding the pieces of cert authentication for UAG
Troubleshooting certificate authentication
Summary
7
Custom Authentication Repositories
Custom Authentication Repositories
How does custom authentication work?
Verifying usernames
Working with an SQL database
More elaborate code
Testing and debugging your code
Putting it all together
Summary
8
Extending the Login Process with Customization
Extending the Login Process with Customization
The UAG authentication flow
Creating a Post Post Validate file
Integrating your own code and interacting with UAG's COM object
Putting data into the session
Adding parameters
Sending data to the backend server
More ideas
Summary
9
Customizing Endpoint Components
Customizing Endpoint Components
Controlling component deployment
Adding links to the portal for the client installation
Customizing SSTP
Summary
10
Additional Customizations
Additional Customizations
Customizations to the UAG console
Remote management and monitoring of UAG
Additional files you can customize
Extending File Access with DFS shares
Skipping cookie signing
Custom logouts
Summary

Endpoint detection in the real world

The purpose of endpoint detection is to allow us to control access, and ultimately deny computers that don't meet our security policy criteria. If the requirements are simply to check for the existence of antivirus software, or a specific version of Windows, then there's really no need for customization. A custom detection script comes in handy when we want to validate something beyond that. The requirement that comes up most often is the need to verify that the computer is a corporate asset, as opposed to some random computer the user happens to be using.

The default endpoint detection allows us to check the computer's domain, and match it against the one we specify. However, this is clearly not very secure, as the comparison is textual and anyone can spoof this rather easily.

With a custom detection, you could implement other ways. For example, you could plant a specific file somewhere on the hard drive of every corporate computer, and then use the custom...

Previous Section
End of Section 7
Next Section