- Microsoft Intelligent Application Gateway
Microsoft Intelligent Application Gateway (IAG) is a
VPN solution that has originally been developed by the Israeli army in the middle of the nineties.One of the challenges for the army was to develop a remote access solution based on VPN mechanism but without direct network access from the remote client to the remote server.This new technology they managed to develop and implement was called the Air Gap and the communication between the outside and inside world was managed by two separate machines linked together by a memory bank only. There was no direct communication possible from 2 interconnected network, decreasing dramatically the risk of intrusion, DOS attacks etc.
This technology became a commercial product a couple of years later. The company who initially developed this product was called Whale Communications and was based in Israel.
In June 2006 Microsoft bought Whale Communications.Since, the Whale Communications appliances became Microsoft IAG Server 2007 (Intelligent Application Gateway).
In April 2008, Microsoft announced that the next generation of IAG will be named Microsoft Forefront Unified Access Gateway.
Technical overview
Microsoft IAG 2007 with
Application Optimizers provides secure socket layer (SSL) virtual private network (VPN), a Web application firewall, and endpoint security management (For compliance and security) that enable access control, authorization, and content inspection for a wide variety of line-of-business applications.Included are customized granular access policy and security capabilities for Microsoft Exchange Server, Microsoft SharePoint Portal Server, Microsoft Terminal Services, Telnet, FTP, SAP, Lotus Domino, Citrix Presentation Server, IBM WebSphere etc.
Almost anything can be published on the IAG Server portal.
Out of the box IAG Server is able to work with many authentication vendors such as RSA Security, Vasco, Swivel, ActivCard Aladdin. It also works with numerous authentication systems and protocols such as Active Directory, RADIUS, LDAP, NTLM, Lotus Domino, PKI and TACACS+Single Sign On (SSO) is also available per default.
Not only Windows clients (PocketPC included) but also Linux and Mac clients can access remote applications and networks published through IAG Server.
IAG performs particularly well in providing a portal for web applications, such as
web-based email and intranets, but it also provides full SSL VPN network access using eitherActiveX (when using Internet Explorer) orJava components (When using Firefox, Opera, non Windows client such as Redhat or Mac OS). These components can also perform endpoint compliance checking before allowing access, to test for attributes on the PC such as domain name, antivirus definitions date or running processes.It is currently only sold in appliance form, from vendors such as Celestix, Portcullis Systems(Formerly NEI), Pyramid, and nAppliance.
References
External links
* [http://www.microsoft.com/forefront/edgesecurity/iag/ Microsoft Intelligent Application Gateway 2007]
* [http://demos.portcullissystems.com Video Demonstration of Microsoft Intelligent Application Gateway 2007]
* [http://blogs.msdn.com/harishpa/archive/2008/06/18/secure-remote-access-isa-server-2006-vs-iag-2007.aspx Secure Remote Access: ISA Server 2006 vs IAG 2007]
* [https://partner.microsoft.com/40029223 Microsoft Partner Information: Microsoft Intelligent Application Gateway 2007]
* [http://www.microsoft.com/forefront/uag Microsoft Forefront Unified Access Gateway]
Wikimedia Foundation. 2010.