1. Home
  2. Docs
  3. SecureAccess Appliance
  4. Configuration
  5. Feature Details

Feature Details

The following sections provides details about remote connectivity features.

The Need to Knows section in the feature descriptions below cover important details about configuration. They are organized as follows:

  • Installs – lists roles and features that will be installed.
  • Affected Appliance Features – notes any conditions that may affect other features available on the appliance.
  • Required Configuration After Installation – notes any configuration that will be necessary once the feature is installed.

Network Policy Server (NPS)

NPS provides basic RADIUS authentication, authorization, and accounting, or RADIUS proxy (connection request referral).

Need to Knows

The following summary information is provided for reference.

Installs

  • Role Service: Network Policy Server
  • Feature: RSAT – Network Policy and Access Service Tools

Affected Appliance Features

  • NPS is required for Remote Desktop Gateway (RD Gateway). If RD Gateway is deployed, the NPS role is installed automatically as part of that feature setup.

Required Configuration After Installation

Configuration must be customized for an environment. Use the Network Policy Server link to open an RDP session in the browser to access RADIUS server/client configuration.

Remote Access with VPN

Remote Access with VPN configures DirectAccess (DA) on the E Series appliance. DirectAccess provides an automated, always-on secure connection for end user access to internal network resources in addition to manage-out functionality for remote domain-joined computers. Remote Access includes the option to enable a VPN that can be used for nonmanaged devices.

Need to Knows

The following summary information is provided for reference.

Install

  • Role Service: DirectAccess and VPN (RAS)
  • Feature: RSAT – Remote Access Management Tools (GUI and Command-Line Tools, module for Windows PowerShell)
  • Feature: Group Policy Management
  • Feature: RAS Connection Manager Administration Kit (CMAK)

Affected Appliance Features

  • Deployments with non-managed remote devices will require the VPN option to be enabled.
  • Cannot be co-located with Web Application Proxy

Required Configuration After Installation

Configuration must be customized for an environment; there are two options:

  • Click the Wizard button to open the Remote Access configuration tool.
  • Click the Remote Access with VPN link to open the Remote Access console as an RDP application.

Web Application Proxy

Web Application Proxy publishes access to internal web applications for external users. The E Series adds a portal to make accessing applications more convenient. It also leverages authentication, authorization, and SSO functionality. It is configured for deployments where ADFS runs on a separate server.

Notes:

  • Web Application Proxy cannot be colocated with the following roles:
    • ADFS – Web Application Proxy requires ADFS, but cannot be installed on the same server.
    • DirectAccess
  • The E Series only supports forms-based authentication.

Need to Knows

The following summary information is provided for reference.

Installs

  • Role Service: Web Application Proxy
  • Feature: RSAT – Remote Access Management Tools (GUI and Command-Line Tools, module for Windows PowerShell)

Affected Appliance Features

  • Web Application Proxy requires the Remote Access role to be installed.
  • Web Application Proxy is deployed when ADFS is intended to reside on a separate server from the E Series; information for that server will be used in Web Application Proxy configuration.

Required Configuration After Installation

Configuration must be customized for an environment; there are two options:

  • Click the Wizard button to open the Web Application Proxyconfiguration  tool.
  • Click the Web Application Proxy link to open the Remote Access console as an RDP application.

Remote Desktop Gateway

Remote Desktop Gateway (RD Gateway) provides access to internal resources for remote users. Access is through the Remote Desktop Connect (RDC) client, and avoids the need for a VPN. User connections are encrypted and authorization policies set standards for client access.

Important: RD Gateway requires NPS.

Need to Knows

Installs

  • Role Services: Network Policy Server, Remote Desktop Gateway, RPC over HTTP Proxy
  • Features: RSAT – Network Policy and Access Service Tools, Remote Desktop Services Tools/Remote Desktop Gateway Tools

Affected Appliance Features

  • RD Gateway requires NPS, which will be installed at the same time unless NPS is already installed, in which case the installation process proceeds just for RD Gateway.

Required Configuration After Installation

Configuration must be customized for an environment. Use the Remote Desktop Gateway link to open an RDP session to the Remote Desktop Gateway Manager Console in the browser.

Note: Firewall rules may need to be adjusted to allow traffic.

Remote Desktop Web Access

RD Web Access (RD Web Access) provides streaming access to hosted applications. Windows 7 uses RemoteApp to start an RD Services session. Other devices can use a web browser to access them through Desktop Connection. RD Web Access also uses the RD Web Connection feature to let users access computers that have Remote Desktop enabled.

Need to Knows

The following summary information is provided for reference.

Installs

  • Role Service: RD Web Access

Affected Appliance Features

  • None

Required Configuration After Installation

Rules for the external firewall must be adjusted to allow WMI traffic. See the topic Firewall Ports Reference for  additional information about firewall configuration.

Work Folders

Work Folders uses an internal file server to host work files for anywhere access from supported computers and devices. Data is synced across devices over an Internet connection. This supports a bring your own device (BYOD) program without sacrificing control over data. Once synced, files can be worked on from wherever and will be updated on the sync share when the device has Internet connectivity.

Important: Work Folders is supported for Windows 8.1/8.1 RT devices.

Work Folders provides options to:

  • Use a folder that already contains user data so Work Folders can be employed without migrating servers and data, or affecting existing share options (for example, Folder Redirection, Offline Files, and home folders).
  • Add policies for encryption and lock-screen passwords.

Need to Knows

The following summary information is provided for reference.

Installs

  • Role Services: File Server, File Server Resource Manager, Work Folders
  • Feature: RSAT – File Server Resource Manager Tools

Affected Appliance Features

  • None

Required Configuration After Installation 

Configuration must be customized for an environment:

  1. Click the Wizard button to run the Work Folders configuration tool.
  2. Next, use the Remote Desktop management console (System Remote Desktop) to open an RDP session from the local computer to the E Series appliance.
    • In Windows Server, open the Server Manager.
    • Navigate to File and Storage Services | Work Folders.
    • Click the link to create a sync share to open the Windows configuration wizard.