Publishing a Share on a different network through UAG

Hiya,

This is a very undetailed question as I don't have all the specs of our UAG Server but basically our UAG server acts as web gateway/portal for Company A to get to Terminal Servers on Company B

At the moment we have icons published on the web gateway which allow users to click in these to open connections to Terminal Servers on Company B

Someone has asked us if it is possible to publish an icon which basically opens a shared folder or non shared folder on Company B.

Many Thanks
LVL 2
rhiancohenVMware Senior ConsultantAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BembiCEOCommented:
Let me answer as unspecific as you asked.... (there are a lot of aspects).
Publishing a file system through a firewall is usually what you don't want to do. But in fact, possible, in theory.

In practice you would more think about a vpn solution. A firewall (and especially TMG / UAG) is more to protect the internal world against the external world, and to open ports for file access in a firewall is what every security specialist would force to cry loud out of the window.  

While remote access (terminal server session) can be limited to some dedicated ports, file access need some ports which are better to kept closed, at least to the outside world. One of the reasons why terminal server and vpn where developed as a more secure and reliable solution for remote workers.

The point of question is whom you trust and whom not. The outside world you never should trust. For trustfull workers you can control the access also to the file system via vpn tunnels and / or terminal server connection.

If there is really the need for file access to the outside world, the you can expose any folder via FTP  and pass the FTP traffic through the firewall.

Conclusion: Forget direct file access passing a firewall, always thing about services, which can expose files via services which can be exposed more save through a firewall.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rhiancohenVMware Senior ConsultantAuthor Commented:
Yes makes perfect sense. Our UAG Admin already expressed his concerns about opening any ports for file access.

We are going to go the FTP route and see how we get on with that.

Thanks for your help with what was a very vague question.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.