Built-in services are the Portal application itself, File-Access and the Web-Monitor. The portal application is automatically added to a trunk when you create a portal trunk, so you do not need to use it unless you delete the portal application for some reason and need to recreate it. The File-Access service allows users to download or upload files directly from internal file servers. The Web-Monitor is a built-in website that's automatically created when you install UAG, and publishing it on the portal allows an administrator to view and manage aspects of the portal remotely. We will discuss these services in more detail later in the book.

The "Web" family of application templates is probably your main focus, as it contains templates for the most important Microsoft Servers—SharePoint and Exchange. It also contains templates for Forefront Identity Manager 2010, Microsoft Dynamics CRM 4, Office Communicator Web Access 2007, Rights Management Services, Active Directory Federation Services 2.0 and most importantly—Other Web Application. The "other" web application is the most generic template, and will be your best bet for most applications that do not have a specific template assigned for them. That doesn't mean it can be used for everything else, but it is extremely flexible and it will work flawlessly for thousands of web applications.

The third group, Client/Server and Legacy, which is also extremely useful, is designed for applications that go beyond being a simple website by integrating external components. These applications cannot be published like regular ones, because they run outside the browser.

In the case of applications that are Client/Server TCP/IP based, the user will be running something other than a web browser, and the internal server may be something other than a web-server. For example, the client component may be a CRM application, and the backend server may be a database server. To handle such applications, UAG contains tunneling components. These are part of the UAG's client components, which are installed on a client machine automatically when required. When a Client/Server based application is launched, the client components launch a special listener that listens for communication attempts from the client application, encrypts them using SSL, and sends them to the backend server through the UAG. At the other end of the tunnel, UAG listens to responses from the backend server, and these are sent back to the client through the UAG client components. All of this is done silently, in the background, although the user can observe that something is happening in the form of a special icon that appears in their System-Tray:

The tunneling technique described previously is extremely versatile and using the templates that are in that group allows incredible types of connectivity to happen. Using the enhanced generic client application template, for example, allows you to do pretty much anything.

Another important application in the Client/Server and Legacy group is Remote Network Access. If you are familiar with IAG, you might recognize that as "Network Connector". Remote Network Access is an application that creates a fully fledged VPN connection to the corporate network, including IP assignment, DNS, and, of course, full SSL encryption of the traffic. We will discuss Remote Network Access in more detail later on, but it's considered by many to be one of the most important and useful abilities of UAG.

The fourth group of application templates is Browser-embedded, which are somewhat similar to Client/Server applications. In this case, the software used by the users to do their work is not a browser, but a piece of standalone code that is embedded in the browser. You can think of it as a middle ground between a standalone "client" application and a browser. This group, for veteran IAG users, used to contain many applications in IAG, but with UAG, it contains but two items. One is Citrix XenApp, and the other is simply a generic browser-embedded application template. Citrix is a classic browser embedded application, in which a link on a webpage causes an ActiveX version of the Citrix Client. The ActiveX runs within the browser, but it's also a standalone executable, so it requires a tunnel to be able to communicate to the back-end Citrix server. The Citrix XenApp UAG application template creates a tunnel in a way that's identical to the way Client/Server application templates do.

Many customers are not very happy about the fact that UAG misses so many of the Browser-embedded templates they grew to appreciate with IAG, but the fact of the matter is that the generic browser-embedded application template is actually capable of publishing almost all of these applications quite easily. It requires the UAG administrator to know the properties of the applications, like the TCP/IP ports that they use, but other than that, it's all pretty smooth.

The final group is Terminal Services (TS)/Remote Desktop Services (RDS), which is a collection of five templates used to provide access to internal servers via the RDP protocol. This is pretty straightforward, although the various templates each serve slightly different purposes. Some organizations use these to allow the organization's network administrators to connect to their servers from home and manage them, while others let users use an internal terminal sever to do routine work. Using Terminal Servers in this manner provides a smooth and secure work environment, because the Terminal Server that the user connects to is already configured with various applications that the user may require. Also, these servers are actually inside the organizational network, so the environment is a very close match to what the user is used to from working at the office.