Request A Quote

Direct Access and SSL VPN Security Platform

Net-Gateway nUAG Remote Access Series

  • Enables Direct Access in UAG DA Mode
  • Secures remote and mobile users, customers and partners
  • Anywhere, anytime access to corporate resources and applications
  • Granular Access Control and Comprehensive End-Point Policy Enforcement
why choose iron Software Define Data Center Hnv Hybrid Cloud Gateway MCE Cloud Edge Gateway Cloudboxx, branch-in-a-box Wss, windows storage systems

Product DatasheetnUAG-3500U: Unified Remote Access Gateway Appliance

Net-Gateway nUAG-3500U

Net-Gateway nUAG-3500U Remote Access Series

Unified Remote Access Platform

  • Custom-built for Large Sized Enterprises
  • Supports up to 3,000 Remote Users
  • Redundant Hotswap Disks and Power Supply Modules
  • Built-in Highly Scalable NLB Array Support

Appliance Overview

The Iron Networks nUAG 3500U is an enterprise grade, comprehensive, secure remote access management gateway appliance based on an embedded version of Microsoft Forefront Unified Access Gateway 2010. It delivers secure, anywhere-access to messaging, collaboration, and other resources, increasing productivity while maintaining compliance with policy.

Net-Gateway nUAG - Secure Remote Access Series

Iron Networks nUAG 3500U is a single scalable and highly manageable solution for administrators to deliver corporate-wide access and implement granular policies based on the user's identity and the health of the device - fully integrated, easy to deploy  with turnkey “out of the box” convenience which includes:

Remote Access to SharePoint, Exchange and 3rd Party Business Application: Optimized for SharePoint and Exchange, UAG delivers secure, anywhere access for your employees, partners and customers. Leveraging a combination of granular application filtering capabilities, deep endpoint health detection and wizard driven configuration-UAG provides for a simple and highly secure means of publishing Exchange and SharePoint deployments.

Comprehensive Remote Access (SSL VPN): As a comprehensive SSL VPN, UAG provides multiple levels of access and tunneling to deliver internal applications and network resources to remote users.

DirectAccess: UAG extends the benefits of DirectAccess across the infrastructure, enhances scalability, and simplifies deployment and ongoing management.

Net-Gateway nUAG-3500U Remote Access Platform Key Features

The Iron Networks nUAG 3500U is ideal for Large Sized Enterprises deployments; it’s a purpose-built, 1U rack-optimized and most competitive secure remote access solutions appliance platform in its class.

Net-Gateway nUAG - Secure Remote Access Series

 

Scalability, High Availability and Array Management

  • High Availability Array Support: Multiple Forefront nUAG appliances can be grouped into a load balancing redundant array using integrated Forefront NLB functionality or an external hardware based load balancer to scale linearly, increasing capacity for throughput and number of users.
  • Array Management: All array members share the same configuration, including trunks, published application, permission files, custom files, and VPN settings.
    • Processor: 64-bit Single Processor, Quad Core Xeon x86 processor architecture. High-speed processor, cache, larger memory and multi lane PCIe bandwidth designs for maximized deep packet content inspection acceleration with lowest packet latency, highest system throughput and unfaltering scalability to support large number of processor intensive integrated security applications workload.
    • Network Ports: 8 GbE LANs - High network port density provides the performance and operational flexibility and redundancy required to secure a high-availability network infrastructure, along with economies of scale needed by large companies, enterprise, data centers, and service providers.
    • Lights-Out Port: Remote Lights-Out-Management (LOM) via dedicated iKVM network Port guarantees uninterrupted Out-Of-Band remote access even when appliance is off.
    • SSL Accelerator: Embedded high performance Cavium SSL Co-processor hardware for 100% TCP/IP Offload for enhanced system stability and performance at peak loads.
    • High System Reliability: Maximum uptime through superior thermal design, component-level redundancy, serviceability and built-in remote lights-out appliance management system:
      • Disk Redundancy: Dual enterprise grade SATA disks and hardware RAID controller for disk mirroring configuration allows uninterrupted system operations in case of a single disk failure. It offers highest level of availability and no downtime while RAID array is being rebuild on replacement drive.
      • Power Supply Redundancy: Dual hot-swap, high efficiency power supply modules.
      • System Image Redundancy and Quick Recovery Option: Efficient In-Field Appliance Image Management: Multiple system image partitions. ARRMS provides PiT image recovery backup/restore, factory reset and bare-metal image recovery
    • Embedded Recovery Manager: Appliance Recovery and Remote Management System (ARRMS™) provides offline and online remote system management and maintenance to the appliance hardware and software image.
      • ARRMS operating environment functions completely independently of the main appliance hardware and software environment. The appliance can boot into "maintenance mode" where the administrator has full BIOS-level access to the hardware and software environments, even with the appliance operating system shutdown or the hardware powered off.
      • System image backup, restore and "Bare-Metal" recovery. Backup any number of system image to local disk partition, removable media or a network target, such images than can be used for a quick restore to "last good known state". Provides one-click  appliance reset  to Factory-default image.
    • Embedded Web LOM Manager: Remote Lights-Out-Management (LOM) via dedicated iKVM (Keyboard, Video Mouse port access over Web) network Port guarantees uninterrupted Out-Of-Band remote access and manageability for a complete "As if you were sitting in front of it" experience.
    • Embedded LCD Manager: Headless Appliance Deployment System - Appliance systems include touch-key with graphical LCD hardware and software which allows simple installations without connecting keyboard, mouse and video monitors. This greatly simplifies installs, including remote location installs without local IT support
    • Integrated Oneface System Manager: Provides rich and robust set of feature including Backup Manager, security manager, update manager, configuration manager, SNMP agents, alert notification system and a component manager for 3rd party add-on integration
    • Integrated Security Audits: Iron Networks appliance systems are built with security best practices in mind. Various software add-ons, hardware components and system configurations will change a system profile; each of image versions is systematically packaged, tested for reliability and receives complete security audit on an ongoing basis by our security system experts.
    • An ISO 9001:2000 Certified Quality: The Net-Gateway series product line is the most integrated Microsoft Forefront network security appliances on the market. Unlike alternatives that are simply based on proprietary or general-purpose server hardware, our appliances are designed for highest reliability, optimized for maximum performance, and manufactured to exact quality specifications. Network edge security is a critical business function, trust Iron Networks to deliver reliable and comprehensive solutions, support and services.
  • Iron Networks Hardware System Platform Features

    Iron Networks Oneface Management System Features

    Iron Networks delivers Integrated Appliance "Turnkey" Solutions

Forefront UAG Features

Application Publishing

Publish Web and non-Web applications by means of Forefront UAG trunks. You can create a portal trunk to provide a one-to-many connection with a single IP address, allowing users to access multiple applications from a consolidated portal gateway. You can also create a single-application trunk to provide a one-to-one connection; one IP address routes to a single published Web server, enabling access to any generic Web application.

Feature Description
Web applications publishing Provides an application layer inspection reverse proxy for publishing Web applications and Web farms. Application inspection provides positive logic inspection to ensure that only legitimate application connections are allowed. Forefront UAG application optimizers include out-of-the-box inspection settings for many key Microsoft and third-party applications.
RemoteApps publishing Forefront UAG allows you to leverage Remote Desktop Services (Terminal Services) with an integrated Remote Desktop Services Gateway, to publish RemoteApps via a Forefront UAG portal.
Client/server application publishing Forefront UAG allows you to publish non-Web applications over a secure connection using socket or port forwarding. You can request that users authenticate to Forefront UAG for access to user non-Web applications.
VPN client access You can publish a VPN connection in a portal, allowing remote endpoints to connect to the internal network and access all network resources. For VPN client access, you can use the proprietary Forefront UAG Network Connector, or allow clients with SSTP support to connect using SSTP.
File access You can publish internal file structures in a portal, thus allowing remote clients to access internal file servers and shares.

DirectAccess

Forefront UAG integrates Windows Server 2008 R2 DirectAccess to allow seamless connectivity to corporate networks regardless of location. DirectAccess can be configured directly in the Forefront UAG Management console.

Endpoint access controls

Forefront UAG provides a variety of mechanisms to control endpoint access to published applications, including:

Feature Description
Client authentication You can request remote clients to authenticate before establishing sessions to Forefront UAG sites, or allow anonymous access for passthrough authentication to backend servers. You can also configure single sign-on, so that credentials specified by users during session logon are passed to published servers that require authentication.
Endpoint access policies You can set up endpoint policies with which endpoints must comply in order to gain access to Forefront UAG sessions and applications. Endpoint policies specify prerequisites that endpoint must meet for session access. You can implement endpoint policies using inbuilt Forefront UAG policies, or with Network Access Protection (NAP) policies downloaded from a Network Policy Server (NPS).
Portal application authorization When publishing applications and resources in a portal, you can enable application authorization to ensure that only specific users and groups can access the application.

High Availability and Array Management

Forefront UAG allows you to group multiple Forefront UAG servers into an array. All array members share the same configuration, and can be managed as a single entity. One of the array members acts as the array manager, storing configuration settings for the entire array. You can configure array members to use network load balancing (NLB) for high-availability and failover. Use integrated Forefront UAG NLB to configure NLB features of Windows Server 2008 R2 directly in the Forefront UAG Management console.

Enhanced Monitoring and Logging

You can log Forefront UAG events and errors to a variety of logging formats, including a built-in reporter, a RADIUS server, and a local or remote SQL server. Forefront UAG provides the Web Monitor console as a Web application for viewing events, and managing Forefront UAG sessions.

Compare Forefront UAG with Intelligent Application Gateway IAG UAG
Application Publishing    
Granular application filtering √*
Session cleanup and removal
Endpoint health detection √*
Integration    
Integrated with NAP policies  
Remote Desktop and RemoteApp integration  
Extends and simplifies DirectAccess deployments  
Scale and Management    
Built in load balancing  
Array management capabilities  
Enhanced monitoring and management (SCOM)  

*Feature is improved in UAG

Net-Gateway Appliance Platform Overview

Forefront Optimized "Turn-Key" Appliance Solution

Iron Networks Forefront appliances are purpose-built, high performance hardware devices integrated with Iron Networks designed Oneface system management tools and Microsoft Forefront Edge Security Software Solutions.

Net-Gateway Appliance Platform Overview

Security Hardened Appliance Platforms for Microsoft Forefront Network Edge Solution Delivery

Our Net-Gateway appliance platforms for Microsoft Forefront Security solutions are designed for organizations that want an integrated leading edge hardware, security and software service offering from Microsoft on an optimized hardware platform. These platforms offer best-of-breed Microsoft Forefront Edge security packaged with Iron Networks’s, security hardened system, performance tuned platform, value added OneFace technology, and world-class support.

Iron Networks powered system and hardware management software provides a complete integrated solution for Microsoft Forefront Threat Management Gateway (TMG) and Unified Access Gateway (UAG) and Direct Access (DA) edge security software suites. We have net Gateway models that can be deployed either as standalone units, or as fully redundant, highly available arrays. Our standard business edition appliances are deployed as a standalone device and enterprise edition appliances can be deployed as a standalone device or high-availability (HA) devices with network load balancing (NLB) in a large clustered array for optimal service resiliency.

Purpose-Built for Optimum Performance and System Reliability

Iron Networks offers a wide range of hardware configurations, each of the models are pre-configured with most optimized hardware components and system management tools to meet our customers unique business requirements. Configurations are fine tuned to deliver various levels of system performance, capacity, scalability and availability required to meet the requirements of small to large size business, small to large size enterprise and branch offices.

Iron Networks platforms running Microsoft Forefront Edge Security systems provide the security and management benefits of special purpose hardware products, and provide the familiar management interfaces of other Microsoft technologies. Security appliances often have special purpose hardware specific to network security. Appliance products running Microsoft Embedded Edge Security technologies have the following unique advantages:

The Net-Gateway Platform Appliance Advantage

Each security appliance has various software and hardware components installed and integrated. This configuration is then carefully tuned and hardened to maximize the security posture of each system. This hardening is exhaustive, costly and difficult to provide in general IT hardware and software only implementations, but imperative on edge security devices.

Iron Networks has the lowest total cost of ownership as compared to traditional software alternatives. The Iron Networks appliance-based architecture eliminates many of the costs of traditional systems management including software and hardware procurement, installation, off-site training, and the resources required for ongoing upgrades, system maintenance and technical support. Our appliance advantage offers security hardened configurations for smooth “Out-Of-the-Box” experience.

Net-Gateway Platform Appliance Advantage

Iron Networks delivers Integrated “Turnkey” Appliance Solutions:

Iron Networks Networks, an ISO 9001:2000 company, is a provider of mission critical network edge security infrastructure solutions. Unlike alternatives that are simply based on proprietary or general-purpose server hardware, our appliances are designed for highest reliability, optimized for maximum performance, and manufactured to exact quality specifications. You can trust Iron Networks Net-Gateway appliances to deliver the most reliable and comprehensive Forefront solutions.

 

Net-Gateway nUAG - Secure Remote Access Series

Specifications

Performance Specifications    
Storage Capacity : 300GB
Deployment Type : Mid/Large Sized Enterprise
Recommended Named Users : 10,000
Concurrent Users ( Low Activity Usage, < 5 Apps) : 5,000
Concurrent Users ( Medium Activity Usage, 5-10 Apps) : 3,000
Concurrent Users ( High Activity Usage, 11-20 Apps) : 1,200
Concurrent Users ( Power Usage, 20+ Apps) : 700
Burst Mode: Concurrent New User Login / Minute
: 200
Burst Mode: Concurrent New User Login < 3 minutes
: 500
Hardware Specifications    
Processor : Single Processor, Quad Core Xeon
Memory : 12 GB
Network Interfaces (RJ45) : 8x GbE LAN
System Management Interface (RJ45) : 1x iKVM Lights-Out (IPMI) Remote Access
Storage – Data (Redundant) : Dual SATA Disk, Mirroring (RAID-1), Hot swap
Storage - Recovery OS (ARRMS) : 2 GB, USB Flash DOM
SSL HW Accelerator : Cavium CN 1600 Series
LCD w/Keypad Display : Graphical w/ 6-Keypad
System IO Ports (VGA/USB/Serial) : 1 / 2 / 1
AC Power Supply : Dual Hotswap Redundant, 650 Watts 100 to 240 VAC Auto 47 to 63 Hz, 3A
Physical Dimensions : Chassis: 19”, 4-post rack-mountable Height: 1.5” (1U), 1 rack unit; Width: 17.5”; Depth: 27” Weight: 30 lbs.
Storage Temperature : -40°F to 122°F (-40°C to 50°C) 5% to 95% relative humidity, non-condensing
Operating Temperature : 35°F to 95°F (1.7°C to 35°C) 5% to 95% relative humidity, non-condensing
Agency Certifications : Safety: UL, FCC, CE, TUV, CB Environmental: WEEE and RoHS
Support and Services : Standard warranty includes 30-day software support with one-year hardware support; upgradable

nUAG Series Appliance

Powered by Microsoft Forefront Remote Access UAG 2010

nUAG-3500U: Remote Access Appliance, Intel Xeon Quad Core, 12GB RAM, 2 x300GB HDD RAID Hotswap, 8 x GbE Ports, 1 x 10/100 iKVM(LOM) Port, PCIe SSL Accelerator, LCD, Dual HotSwap Power Supplies, 1U Rackmount. Iron Networks designed Multi Appliance - Oneface System Manager for Remote/Lights-Out management, Quick Appliance PiT Recovery, Restore and Reset Support. Powered by Microsoft Embedded Forefront UAG 2010. Included 10 CAL licenses, Customer must buy additional CALs from Microsoft

Appliance Platform:  
nUAG-3500U Remote Access Appliance, Microsoft UAG 2010, 1U NN-NUAG-3500U
Support Plan Options:  
Silver HW Support:  Advanced Hardware Replacement Only  
Silver Support, HW Advanced Replacement Only, 1 Year,  3500U SUP-HS-3500U-1
Silver Support, HW Advanced Replacement Only, 3 Years,  3500U SUP-HS-3500U-3
Silver Support, HW Advanced Replacement Only, 5 Years,  3500U SUP-HS-3500U-5
Gold Support: 8x5 Helpdesk + Advanced Hardware Replacement  
HelpDesk Gold, 8x5 Email + Phone, 1 Year, 3500U SUP-HG-3500U-1
HelpDesk Gold, 8x5 Email + Phone, 3 Years, 3500U SUP-HG-3500U-3
HelpDesk Gold, 8x5 Email + Phone, 5 Years, 3500U SUP-HG-3500U-5
Platinum Support: 24x7 Helpdesk + Advanced Hardware Replacement  
HelpDesk Platinum, 24x7 Email + Phone, 1 Year, 3500U SUP-HP-3500U-1
HelpDesk Platinum, 24x7 Email + Phone, 3 Years, 3500U SUP-HP-3500U-3
HelpDesk Platinum, 24x7 Email + Phone, 5 Years, 3500U SUP-HP-3500U-5
Support Renewal Options:  
Silver HW Support Renewal;  Advanced Hardware Replacement Only  
Silver Support, HW Advanced Replacement Only, 1 Year Renewal,  3500U SUP-HS-3500U-R
Silver Support, HW Advanced Replacement Only, 2 Years Renewal,  3500U SUP-HS-3500U-2R
Silver Support, HW Advanced Replacement Only, 3 Years Renewal,  3500U SUP-HS-3500U-3R
Gold Support Renewal;  8x5 Helpdesk + Advanced Hardware Replacement  
HelpDesk Gold, 8x5 Email + Phone+HW, 1 Year Renewall,  3500U SUP-HG-3500U-R
HelpDesk Gold, 8x5 Email + Phone+HW, 2 Years Renewall,  3500U SUP-HG-3500U-2R
HelpDesk Gold, 8x5 Email + Phone+HW, 3 Years Renewall,  3500U SUP-HG-3500U-3R
Platinum Support Renewal, 24x7 Helpdesk+Advanced Hardware Replacement  
HelpDesk Platinum, 24x7 Email + Phone, 1 Year Renewal, 3500U SUP-HP-3500U-R
HelpDesk Platinum, 24x7 Email + Phone, 2 Years Renewal, 3500U SUP-HP-3500U-2R
HelpDesk Platinum, 24x7 Email + Phone, 3 Years Renewal, 3500U SUP-HP-3500U-3R
 

Copyright © 2017 Iron Networks, Inc. All Rights Reserved.