Remote-access Guide

iag remote access

by Mr. Jermain Dach Published 2 years ago Updated 1 year ago

Full Answer

What remote access options does Vava support?

VA supports remote access with two different applications 1. Citrix Access Gateway (CAG) and 2. CISCO RESCUE VPN Client. The Citrix Access Gateway is designed for users that do not have VA Government Furnished Equipment (GFE) – CAG is a good option to allow users access to general applications such as email and chat.

How do I request remote access to CAG or rescue?

Users would still need to request remote access and have their remote access accounts enabled for use with either CAG or RESCUE. You may request remote access by visiting the Remote Access Self Service Portal ( only available while on VA's internal network).

How do I get remote access to Inova?

Call 1-855-MY-INOVA (855-694-6682) Common Questions Provides remote access to Inova applications. Note: This access method requires a connection client. Provides remote access to the Inova Radiology system for authorized referring Physicians and business partners.

What do I do if I have problems connecting to CAG?

If you are experiencing problems connecting, please contact the Enterprise Service Desk at 855-673-4357 (TTY: 1-844-224-6186). CAG is designed for users that do not have VA Government Furnished Equipment (GFE). CAG is a good option to allow users access to general applications such as email and chat.


What is IAG certification?

The Access Certification service in the Cloud Identity Access Governance (IAG) provides the option to certify access spread across multiple cloud solutions by allowing reviewers to regularly audit and certify the roles assigned.

What is IAG in SAP?

SAP Cloud Identity Access Governance (IAG) provides out of the box integration with SAP’s latest cloud applications such as SAP Ariba, SAP Successfactors, SAP S/4HANA Cloud, SAP Analytics Cloud and other cloud solutions with many more SAP and non-SAP integrations on the roadmap..

What is privilege access management?

Privilege Access Management is another service which is provided in the Cloud Identity Access Governance (IAG) solution to monitor, report, audit and take action against any critical access in a critical environment such Cloud application

What is access analysis?

The Access Analysis service is primarily the application meant for security administrators and compliance teams to analyze access risks across cloud applications and refine or remediate access according to the auditory requirements.

Who maintains Cloud Identity Access Governance?

Cloud Identity Access Governance (IAG) is maintained by SAP DevOps which is responsible for the constant upkeep, maintenance and pushing in new enhancements.

What is access request service?

Access Request Service provides customers the opportunity to utilize self service access request forms for user and role provisioning into the Cloud applications along with the power of workflow driven access provisioning mechanisms along with any other features.

What does IAG do?

IAG works with you to manage any and all of your compliance requirements. Whether you have regulatory requirements, industry regulations or company guidelines, we will keep your technology in line and your business running smoothly.

What is IAG Prosecure?

IAG ProSecure™ clients have access to industry-leading firewalls, spam filters and threat detection technology to deliver complete protection for your networks, servers, even employee workstations. Plus, our Help Desk is always standing by to provide industry-leading support for you and your employees.

Can IAG Prosecure leave my company exposed?

Just doing the bare minimum with firewalls, anti-virus software and spam filters can still leave your company exposed. IAG ProSecure takes our decades of experience battling these malicious threats and attacks and to create a complete, robust cybersecurity plan tailored to your company’s needs.

What is the IAG solution?

One of the strong points of the IAG remote access solution is the granular access control that can be enforced by using the native endpoint configuration detection. This is improved in UAG, but UAG now also includes the option to leverage an existing NAP deployment to enforce endpoint policy configuration. This is especially helpful in DirectAccess deployments where native UAG endpoint policy detection is unavailable.

What is included in UAG?

Now included in UAG is the ability to create high availability clusters. This is a substantial improvement over IAG, which had no native high availability or centralized management support. With IAG, providing redundancy required the implementation of an external load balancer, which added complexity and expense to the solution. With UAG the administrator can configure a clustered array of UAG servers and manage them as a single logical device. A virtual IP address can be assigned to the cluster to provide load balancing and the cluster can be managed from a single management console. External load balancers can certainly be used, but they are no longer a requirement.

What is an AD RMS?

AD RMS – SharePoint libraries that are protected by Active Directory Rights Management Servers (AD RMS) can now be access through UAG.

Does UAG support load balancing?

UAG now supports Web Farm Load Balancing for published web applications. When publishing an Exchange CAS farm, a farm of SharePoint front end servers or any web application that leverages stateless web front ends, UAG can now provide load balancing for these resources natively. UAG performs health checks on published servers and if a resource is unavailable for any reason, UAG will no longer forward requests to that node until it is online and healthy again. Enabling NLB or implementing an external load balancer to provide high availability is no longer required.

Does UAG support SharePoint?

With the latest updates installed, UAG now provides full support for publishing Exchange 2010 and SharePoint 2010. Built-in deployment wizards now walk you through gathering all of the necessary information required to successfully make your on-premises Exchange and SharePoint farms available securely to remote users. In addition, UAG now provides full support for Lync web services publishing, Dynamics CRM 2011 publishing, and full support for SharePoint 2010 with Office Web Apps.

Is UAG 64 bit?

Like its cousin, TMG, UAG is now a native 64-bit application that runs on the latest 64-bit operating system from Microsoft – Windows Server 2008 R2. However, unlike TMG, UAG does not run on any earlier versions of Windows. With 64-bit support, UAG can now address much more memory than IAG was capable of. Removing the 4GB memory limited imposed by 32-bit operating systems means that UAG can be scaled up more effectively, and can handle much more traffic than its predecessors.

Does UAG support remote desktop?

Providing support for Remote Desktop (RD) users is greatly improved in UAG. When UAG is installed, the server is automatically configured as a Remote Desktop Gateway, which allows UAG to easily publish full remote desktop sessions to individual servers, groups of servers, or servers defined by the user. In addition, UAG includes support for publishing RemoteApps, which is a function provided by the RD gateway. This feature allows individual applications (as opposed to the full desktop) to be made available to remote users over SSL.

How to request remote access VA?

You may request remote access by visiting the Remote Access Self Service Portal ( only available while on VA's internal network).

What is CAG 2FA?

CAG requires 2 Factor Authentication (2FA) by default for all users. The methods supported include PIV, CAC, and MobilePASS.

What is a rescue GFE?

RESCUE GFE provides a security posture check and ensures VA data is encrypted from the end device into the VA trusted network. Prior to the device connecting and being allowed onto the VA trusted network the system is checked for multiple security baselines.

How to enable TLS 1.1?

To enable TLS within Internet Explorer: Select ‘Tools’, then ‘Internet Options’, then the ‘Advanced’ tab. Enable the checkbox for ‘Use TL S 1.1’ (found towards the end of the list).

Is PIV card reader site specific?

Today, the distribution of PIV card readers is site-specific. We are discussing the possibility of alternative distribution methods. If distribution processes or procedures change, we will provide updated instructions.

Is VA responsible for non-VA websites?

This page includes links to other websites outside our control and jurisdiction. VA is not responsible for the privacy practices or the content of non-VA Web sites. We encourage you to review the privacy policy or terms and conditions of those sites to fully understand what information is collected and how it is used.

Does RESCUE GFE support Windows 10?

This software is installed on all GFE laptops prior to being provided to the user. Currently RESCUE GFE supports Windows 7, Windows 8, Windows 10 and MAC OSX.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9