+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
Internet Related/Filtering/Firewall Thread, As TMG has been retired... in Technical; As Forefront Threat Manager Gateway has been retired so to speak. What is out there as an alternative? Do I ...
  1. #1
    denon101's Avatar
    Join Date
    Jul 2008
    Location
    Stuck in the server room......
    Posts
    397
    Thank Post
    54
    Thanked 37 Times in 35 Posts
    Rep Power
    21

    As TMG has been retired...

    As Forefront Threat Manager Gateway has been retired so to speak. What is out there as an alternative? Do I look at software or hardware?

    Thanks

    Anthony

  2. #2
    Zimmer's Avatar
    Join Date
    Nov 2008
    Location
    Chadderton
    Posts
    116
    Thank Post
    10
    Thanked 10 Times in 10 Posts
    Rep Power
    14
    We built our network from the ground up after leaving a BSF Managed Service over the summer just gone - We decided to go with a Smoothwall UTM-1000 appliance, soon realising how awesome the UTM 1000's OS was we decided to buy a basic Dell PowerEdge and install the Smoothwall UTM software on it and run both in an active-active failover array. So far we have been extremely impressed with the setup, we throw a LOT of traffic at the array and it handles it with ease, only a few times during peak hours has the UTM-1000 reported high resource usage on CPU load. The filtering is spot on, better than most of the other products we played with when evaluating appliances over the summer.

    We have recently purchased six more UTM series OS licences and six HP microservers to install into our parter primary schools - The plan is to mave all six remote Smoothwall UTM's monitoerd, updated and managed from our central UTM array

    We also use TMG/UAG for remote access and webapps, although its earmarked for end of life I'm not worried about it and it will be fit for purpose for a while to come.
    Last edited by Zimmer; 14th December 2012 at 02:14 PM.

  3. #3

    Join Date
    Oct 2005
    Posts
    855
    Thank Post
    52
    Thanked 117 Times in 107 Posts
    Rep Power
    75
    This is interesting - I've also just started to look at alternatives to TMG - in particular I'm keen for something that will do the reverse proxying that I use for publishing sites.

    It's a bit of an odd move for Microsoft I think... I know a lot of people dislike ISA and TMG - but I've found them both to be pretty good.

  4. #4

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,267
    Thank Post
    112
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    It had to go becusse Microsoft's view of the future is for everyone bar the largest of Enterprises and those with very specific regulatory requirements is that every thing is delivered from Azure/Office365/etc to BYOD.

    A cost effective flexible firewall is something that helps support inertia of the current status quo. It had to be got rid of. It is clear that this plan was their internal strategic road map for at least four years (evidenced by the lack of IPv6 support, Lack of SIP support for their own VoIP product, retreat from 3rd party oem market, pointless name change, and finally: no incremental improvements to what promised to be a killer feature: URL/Content filtering)

    IMO.


    Right now I'm in no hurry to migrate off, but I'm keeping an eye on SmoothWall and the Sophos UTM offer, and while looking at SIP/VoIP a few people recommended the ASA 5xxxx range.
    Last edited by psydii; 15th January 2013 at 12:28 PM.

  5. #5
    jamesfed's Avatar
    Join Date
    Sep 2009
    Location
    Reading
    Posts
    2,212
    Thank Post
    138
    Thanked 346 Times in 292 Posts
    Rep Power
    90
    I've been looking at Meraki of late - seen a few too many people on here have to do all kinds of crazy stuff to their Smoothwalls and so far this is looking like my best bet.

    Web filter/firewall and site to site VPN appliance (with WAN accelerator) all in one with Layer 7 application filtering and traffic shaping!

  6. Thanks to jamesfed from:

    psydii (16th January 2013)

  7. #6
    pritchardavid's Avatar
    Join Date
    Sep 2009
    Location
    South Ockendon, Thurrock, United Kingdom
    Posts
    932
    Thank Post
    18
    Thanked 64 Times in 58 Posts
    Rep Power
    26
    This is what I need to know now too!

    Were doing our Microsoft Renewal at the momment

    So we need to know what to use weather to change from TMG to UAG on this, or get rid of TMG use what? Smoothwall?
    We only are using the reverse proxy to publish Facility ePortal, Remote Desktop, Two School Websites, VLE

    Would also like to add the following soon, Exchange, Lync, Sharepoint, Direct Access (Maybe)

    What is the best to use? Is there anything I use use just for publishing? or is it better to use UAG or Smoothwall? (Also what Smoothwall software product to use?)

  8. #7

    Join Date
    Oct 2005
    Posts
    855
    Thank Post
    52
    Thanked 117 Times in 107 Posts
    Rep Power
    75
    Hmm... interesting.

    I think I'm going to sit tight with TMG for a while and spend some time at BETT seeing what alternatives are available.

    It doesn't appear that there is a single product available that will replace TMG in the ways I use it - Firewall, Proxy, Reverse-proxy, VPN... etc.

  9. #8
    TheScarfedOne's Avatar
    Join Date
    Apr 2007
    Location
    Plymouth, Devon
    Posts
    1,161
    Thank Post
    707
    Thanked 172 Times in 156 Posts
    Blog Entries
    78
    Rep Power
    86
    Im currently using it too - and not in a big rush to change as it needs development from the other players in the market to support the SSO for internal and external sites like Exchange, Sharepoint, Lync, HAP, Helpdesk etc...

  10. #9

    Join Date
    Jan 2010
    Posts
    109
    Thank Post
    2
    Thanked 19 Times in 19 Posts
    Rep Power
    13
    Quote Originally Posted by pritchardavid View Post
    This is what I need to know now too!

    Were doing our Microsoft Renewal at the momment

    So we need to know what to use weather to change from TMG to UAG on this, or get rid of TMG use what? Smoothwall?
    Have you been told that you can keep TMG? I was told that we cannot continue to use it on a subscription basis, and it was withdrawn from sale on the 1st December 2012. At that point I had a good cry and ate an entire tub of cookies and cream ice cream as I wasn't planning on redoing the entire edge of our network from the receipt of the 60 day renewal letter.

    Quote Originally Posted by pantscat View Post
    Hmm... interesting.
    It doesn't appear that there is a single product available that will replace TMG in the ways I use it - Firewall, Proxy, Reverse-proxy, VPN... etc.
    That's the biggest hurdle for us. If it turns out that we definitely can't get MS to extend it for us, from preliminary research we're going to need at least two products to get near to all of the functionality we've currently got with TMG.

  11. #10

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,154
    Thank Post
    522
    Thanked 2,551 Times in 1,980 Posts
    Blog Entries
    24
    Rep Power
    877
    You can buy a 'permanent' TMG license from what I've been told.

    There isn't a Microsoft product that takes on all the aspects of TMG. They have UAG which does a bit, but proxying/caching would require a third party product.

  12. #11

    Join Date
    Jan 2010
    Posts
    109
    Thank Post
    2
    Thanked 19 Times in 19 Posts
    Rep Power
    13
    Sadly, we're not having a great deal of luck. Has anyone else actually managed to purchase or renew TMG recently, i.e. in 2013? The reply our reseller got was:

    "there is no option for a school... on an OVS-ES to continue to procure and use it..."

    They wouldn't even let us buy a copy outright.

  13. #12

    Join Date
    Oct 2005
    Posts
    855
    Thank Post
    52
    Thanked 117 Times in 107 Posts
    Rep Power
    75
    That's a bit of a bugger.

    I like TMG - it's working well for us... but I suppose it's time to look at other products that will do what we want to do. Has anyone made any progress on this? Seems crazy to reinvent the wheel!

  14. #13
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,381
    Thank Post
    125
    Thanked 97 Times in 66 Posts
    Rep Power
    31
    I'm using TMG for publishing our webite, email (OWA) and citrix access systems. Gutted that TMG isn't going to be around anymore as its been great since we first used ISA 2004. Now I'll have to find an appliance that will do all of the publishing etc that TMG does so well! Thanks a lot MS, one of your best products discontinued, and you offer the utter steaming pile of kak that is windows 8!

  15. #14

    Join Date
    Jul 2006
    Location
    London
    Posts
    1,267
    Thank Post
    112
    Thanked 242 Times in 193 Posts
    Blog Entries
    1
    Rep Power
    74
    What is quite scary for me is that I spend most of my time in the Firewall these days, since the edge is where it's happening... almost everything worthwhile involves traffic crossing it.. and since I like the concept of 'least necessary access' almost anything new that isn't straight-up HTTP involves a new rule or an adjustment to existing one. It will only get more fun when we start with BYOD or 1:1.

    The Firewall is (after DNS) the single most critical piece of an organisation's infrastructure. I love the fact you can run packet capture ON THE BOX, while looking at a high level traffic analysis report to help you make sense of what you are seeing. It's demise is a tragedy.

    Still SmoothWall, Meraki and Sophos UTM (formally Astero) seem the most likely candidates. I've got another couple of years before I need to make the jump though... so it will be interesting to see how the market develops. Here is a link to the 2012 Gartner Magic Quandrant for UTM devices. (hosted by Sophos, who get a favourable showing) Download the Gartner Magic Quadrant for UTM | Sophos

  16. #15

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,240
    Thank Post
    882
    Thanked 2,742 Times in 2,316 Posts
    Blog Entries
    11
    Rep Power
    784
    Abandon ware? Is it like SharePoint designer where they don't really care anymore, hell even ISA can still work as a decent solution. TMG should be good for another while yet as long as they don't get pissy about its continued use.

    Massive shame about it going though I know of no other product that handles the same scope of operation so easily and elegantly.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 18th July 2012, 04:13 PM
  2. NewSID has been retired
    By cookie_monster in forum O/S Deployment
    Replies: 17
    Last Post: 15th November 2009, 06:18 PM
  3. My joomla site 1.5 has been done over as well!
    By reggiep in forum EduGeek Joomla 1.5 Package
    Replies: 9
    Last Post: 7th October 2008, 10:27 AM
  4. NetBT - A duplicate name has been detected
    By sidewinder in forum Windows
    Replies: 2
    Last Post: 20th February 2007, 09:32 AM
  5. Replies: 20
    Last Post: 7th April 2006, 08:36 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •