Remove From My Forums

SCCM 2012 IBCM w/ UAG

Question
0

Sign in to vote

Can SCCM 2012 leverage UAG for Internet based clients? Are there any white papers on this?

BR

Monday, March 4, 2013 6:14 PM

Answers

0

Sign in to vote
You can, but UAG isn't necessarily required. This article describes supporting Internet Based clients with ConfigMgr 2012:

http://blogs.technet.com/b/configmgrteam/archive/2012/05/25/system-center-2012-configuration-manager-r-i-p-native-mode.aspx

You'll want to become intimately familiar with the "Planning for Communications" product documentation:

http://technet.microsoft.com/en-us/library/gg712701.aspx

I hope that helps,

Nash
Nash Pherson, Senior Systems Consultant
Now Micro - My Blog Posts
<-- If this post was helpful, please click "Vote as Helpful".
- Marked as answer by Robert Marshall - MVPMVP Tuesday, March 5, 2013 10:02 AM
Monday, March 4, 2013 6:50 PM
0

Sign in to vote
You can't get away from certificates. For both technologies, each and every client requires a client auth cert which will get real expensive real quick and of course be an on-going cost when they expire if purchased from a public CA. Here are the cert requirements for DA: http://technet.microsoft.com/en-us/library/gg502563.aspx

Note that UAG is no longer really needed with DA in Server 2012 btw

Jason | http://blog.configmgrftw.com
- Edited by Jason Sandys [MSFT]MVP Tuesday, March 5, 2013 2:51 AM
- Marked as answer by Robert Marshall - MVPMVP Tuesday, March 5, 2013 10:03 AM
Tuesday, March 5, 2013 2:47 AM

All replies

0

Sign in to vote
You can, but UAG isn't necessarily required. This article describes supporting Internet Based clients with ConfigMgr 2012:

http://blogs.technet.com/b/configmgrteam/archive/2012/05/25/system-center-2012-configuration-manager-r-i-p-native-mode.aspx

You'll want to become intimately familiar with the "Planning for Communications" product documentation:

http://technet.microsoft.com/en-us/library/gg712701.aspx

I hope that helps,

Nash
Nash Pherson, Senior Systems Consultant
Now Micro - My Blog Posts
<-- If this post was helpful, please click "Vote as Helpful".
- Marked as answer by Robert Marshall - MVPMVP Tuesday, March 5, 2013 10:02 AM
Monday, March 4, 2013 6:50 PM
1

Sign in to vote

When you are already using UAG, you also might want to consider DirectAccess. That way you can manage the clients as "normal" clients.
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude

Monday, March 4, 2013 7:06 PM
0

Sign in to vote

Thanks to both of you. I am very familiar with IBCM and understand DirectAccess and hosting a MP/DP on the DMZ. My client is implementing UAG and asked if they can present client management to clients on the internet through UAG. They are looking at all options along with management of a PKI infrastructure or buying certificates. If they can get away from using certificates using UAG, that would also be a viable option.
BR

Monday, March 4, 2013 7:19 PM
0

Sign in to vote
You can't get away from certificates. For both technologies, each and every client requires a client auth cert which will get real expensive real quick and of course be an on-going cost when they expire if purchased from a public CA. Here are the cert requirements for DA: http://technet.microsoft.com/en-us/library/gg502563.aspx

Note that UAG is no longer really needed with DA in Server 2012 btw

Jason | http://blog.configmgrftw.com
- Edited by Jason Sandys [MSFT]MVP Tuesday, March 5, 2013 2:51 AM
- Marked as answer by Robert Marshall - MVPMVP Tuesday, March 5, 2013 10:03 AM
Tuesday, March 5, 2013 2:47 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

SCCM 2012 IBCM w/ UAG

Question

Answers

All replies