Complicated POC...?

I was expecting a long day today....

I knew that this proof of concept was more demanding, as we were looking to use AD, RSA and KCD authentication, and deploy a number of applications.

The trunk was created and it was configured to use RSA (via ACE server) and Windows 2003 (using KCD), but with this configured the login page would not be delivered.

We agreed to disable the KCD in order to carry on with the POC. The next issue was RSA!! The RSA client is installed on the appliance, but required RSA files to be copied on to the appliance to get it to work. I don't deal with RSA, but fortunately the customer resolved this.

After a little confusion about RPC access, we should be clear. The IAG appliance does not support the use of ISA features!! The ISA is there for the SSL-VPN and the ISA features should not be used for anything else!

We deployed OWA, Citrix, Sharepoint, File Access (using a NetApp filer), Network Access, RDP sessions, telnet, as well as discussed policies and customisation.

Outlook access was being left on the MSA appliance, where ISA would manage the RPC connection.

I expected difficulties with the NetApp filer, but as it can be accessed via NETBIOS, all the shares were visable through the File Access application.

The POC went smoothly and it was fortunate that I was working with someone technical! Some of the issues I'd normally have to work around with HOST files or self signed certificates were avoided as the customer knew what to expect! Thanks Matt!

Busy day with new eyes!

A few things, firstly my eyes are a little sore, but even after a couple of days my vision is as good as it was with contact lenses!!

Anyway.... a couple of IAG bits to cover:

1) An evaluation that needed to be scoped! Some interesting bits as they want to look at: RSA (ACE), Celestix HOTPin, KCD and Windows 2003 AD authentication, with OWA, Sharepoint, File Access and Citrix (Web & client based). I'm confident with all the components, except for the KCD. Anyone who has ever worked with KCD, will not it's not always straight forward! Research will happen next week, so we'll see from there.

2) Pre-sales call, where we needed to be able to publish Terminal Server and use Swivel as the authentication method. IAG can either "pop" the RDP client and create a secure tunnel to connect the client to the Terminal Server, or to connect to TSWeb, which will then connect to the terminal server. It's not like AEP Netilla, which will start up a Java RDP client, which will allow any machine with Java to be able to connect to a Terminal Server. As for Swivel, I know a number of IAG/Whale Communication partners that use Swivel as the authentication method, but not something I've used. If it's based on RADIUS, then the only thing that the customer will need to investigate is how to ensure the webpages are displayed correctly.

A few things to look up to learn a bit more, so KCD and Swivel research!!