Solved

Publishing a Share on a different network through UAG

Posted on 2014-10-24
2
220 Views
Last Modified: 2014-10-27
Hiya,

This is a very undetailed question as I don't have all the specs of our UAG Server but basically our UAG server acts as web gateway/portal for Company A to get to Terminal Servers on Company B

At the moment we have icons published on the web gateway which allow users to click in these to open connections to Terminal Servers on Company B

Someone has asked us if it is possible to publish an icon which basically opens a shared folder or non shared folder on Company B.

Many Thanks
0
Comment
Question by:rhiancohen
2 Comments
 
LVL 35

Accepted Solution

by:
Bembi earned 500 total points
ID: 40405547
Let me answer as unspecific as you asked.... (there are a lot of aspects).
Publishing a file system through a firewall is usually what you don't want to do. But in fact, possible, in theory.

In practice you would more think about a vpn solution. A firewall (and especially TMG / UAG) is more to protect the internal world against the external world, and to open ports for file access in a firewall is what every security specialist would force to cry loud out of the window.  

While remote access (terminal server session) can be limited to some dedicated ports, file access need some ports which are better to kept closed, at least to the outside world. One of the reasons why terminal server and vpn where developed as a more secure and reliable solution for remote workers.

The point of question is whom you trust and whom not. The outside world you never should trust. For trustfull workers you can control the access also to the file system via vpn tunnels and / or terminal server connection.

If there is really the need for file access to the outside world, the you can expose any folder via FTP  and pass the FTP traffic through the firewall.

Conclusion: Forget direct file access passing a firewall, always thing about services, which can expose files via services which can be exposed more save through a firewall.
0
 
LVL 1

Author Comment

by:rhiancohen
ID: 40407212
Yes makes perfect sense. Our UAG Admin already expressed his concerns about opening any ports for file access.

We are going to go the FTP route and see how we get on with that.

Thanks for your help with what was a very vague question.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Requirements: root access via SSH, telnet, or other.. Alternately, access from the server administrator to run a counter-strike server, and the proper access rights to do so. Enough free disk space (and allowed to use this much, eg disk quota): 6…
this article is a guided solution for most of the common server issues in server hardware tasks we are facing in our routine job works. the topics in the following article covered are, 1) dell hardware raidlevel (Perc) 2) adding HDD 3) how t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question