Features Deprecated in Forefront UAG Service Pack 3

With the recent release of Service Pack 3 (SP3) for Microsoft Forefront Unified Access Gateway (UAG) 2010, Microsoft has published a list of features in UAG SP3 that have been deprecated. To be clear, this does not mean these features cease to function after you install SP3 on UAG! It is simply meant to give network engineers and security administrators an idea about what features are likely to be removed from future releases of Forefront UAG. Some of the deprecated features should come as no surprise. For example, DirectAccess support in Forefront UAG is now deprecated in favor of DirectAccess in Windows Server 2012. Also, features such as Secure Sockets Tunneling Protocol (SSTP) for client-based remote access are better handled using the remote access role in Windows Server 2012. Other deprecated features may present more of a challenge if you’ve been relying on them to provide secure remote access to applications, such as the deprecation of support for some authentication repositories (e.g. Novell Directory, Notes Directory, TACACS) or the Java-based Session Cleanup tool. For a complete list of deprecated features in Forefront UAG SP3, click here.

Leave a comment


  1. JohnS

     /  February 26, 2013

    I half-way expected (and in some ways wished) Lync to be listed on there based on the supremely poor and extremely delayed support for the product.

    Most of the changes were not eye raising with the following exception:
    “The Java-based Session Cleanup component works only on non-Internet Explorer browsers. Instead use Internet Explorer with the ActiveX-based Session Cleanup component. See Introduction to endpoint component deployment design.”

    I am not sure that I can realistically force coworkers or clients to use IE, because the development team decided it was imprudent to have a cleanup component

    • No such luck! Perhaps the Lync experience will be improved in v.Next? Let’s hope so. 🙂 Regarding the deprecation of support for Java-based session cleanup, this is purely an effort to limit the focus of the product and make it easier to support. Obviously this will ruffle some feathers as there are many users who prefer to use a browser other than Internet Explorer. Not the best solution in the world, but you have to remember that Microsoft isn’t necessarily competing with other solutions in this space. They are merely trying to provide a solution for very specific customers – those that are heavily invested and closely aligned with Microsoft.

  2. Hi Richard

    We have some customers who now want to upgrade to SP3 for Win 8 support mainly. However some UAG installs also co-exist with DA. As this is now classed as depracted does this mean MS will not support any issues that occur if they have upgraded to SP3?.

    • Installing SP3 on Forefront UAG 2010 configured as a DirectAccess server will not cause any issues at all. SP3 will not change any functionality with UAG whatsoever, in fact. The deprecated features list is simply there to provide us with an idea of what Microsoft has planned for the UAG v.Next. If you’re using UAG for DirectAccess today, you can continue to do so. However, future versions of UAG are not likely to support DirectAccess, so Microsoft is giving us some advanced warning so we can plan ahead for this. 🙂


Leave a Reply

%d bloggers like this: