Introducing Windows Server 2012 R2 Unified Remote Access
As with all things, development and progress must happen. The same is true with Microsoft® and Windows Server® 2012 R2. Microsoft has invested a great deal of time and effort into making Server 2012 R2 a truly complete unified remote access platform, capable of serving most enterprise-wide remote access and BYOD scenarios and requirements.
In this post, I will highlight the new and updated functionality in this R2 release, and how it can be used to update your current infrastructure and to address growing needs.
Server 2012 –The Back Story
Server 2012 was the first step to consolidate several remote access features, primarily for client and server VPN and network connectivity. Microsoft consolidated both their DirectAccess and IPsec VPN functionalities into a single role, and enabled a single management pane for both features.
In addition to consolidating the remote network connectivity into a single role and management pane, Microsoft also combined the IPv6 translation technologies to support DirectAccess into Windows Server. Previously, it needed to be an IPv6 only infrastructure, or to use Unified Access Gateway 2010.
Server 2012 – On to the Future
The first major enhancement for the Unified Remote Access role that Microsoft added was enabling multi-tenancy for both the site-to-site VPN and client-based VPN. This is primarily geared toward hosting and managed service providers, as this enable those organizations to consolidate and support multiple customers from a single solution, rather than having infrastructures for each customers.
The second major enhancement, and really a new feature for Server 2012, is the development of a web application proxy. Microsoft has always had a Web Application Proxy, starting with Proxy 2.0, then on ISA Server, IAG 2007 and UAG 2010, and TMG 2010. The difference with the current iteration of the reverse proxy is the forward-looking nature of integration with Active Directory Federation Services (AD FS).
Integration with AD FS makes sense, from a technical and business standpoint, as it simplifies storage and management of the application publishing infrastructure within AD FS. For organizations that do not have an AD FS infrastructure in place already, this will enable them to implement a federation infrastructure, and prepare for the future where most applications will require federation for seamless authentication. Additionally, the Web Application Proxy role is also an AD FS proxy server, thereby allowing not only the use of claims for authenticating on-premise applications, but also for hosted applications, such as Office365.
Lastly, the Web Application Proxy supports native and pass-through authentication methods, as well as provide OAuth application access for mobile apps.
TMG and UAG Replacement Options
As most of you are aware, Microsoft has announced the sunset dates of both the TMG and UAG product lines. For organizations that are using these products, most of the functionality inherent in these legacy products can be translated to the Server 2012 R2 Unified Remote Access platform. For organizations using TMG 2010 to provide for threat management and content filtering, unfortunately, the Server 2012 platform does not have these capabilities built in.
Celestix E-Series Appliance
As Microsoft’s largest OEM hardware provider, and a global remote access solutions provider for over 5000 companies, we are pleased to introduce you to our Cloud Edge Security Appliance solution based on Windows Server 2012 R2. Our solution is dedicated to the principle that deployment and configuration for remote access shouldn’t be difficult, and we strive to make turnkey solutions that enable you to be operational in less time and to work with greater efficiency. Our solution will also help you handle datacenter and cloud workloads smoothly and to integrate employees’ personal mobile devices into the enterprise fabric.
Our E Series solutions come in multiple form factors that will accommodate a variety of user base sizes, and allow you to adopt the new functionality that your business goals require.
For more information, please contact info@celestix.com or visit Cloud Edge Security Appliance.