Jump to content
CLOSING SOON! DfE Technology in Schools Survey for 2025 (England Only) - Closes 23rd of May!

TMG 2010 SP2 is not available

sukh

By sukh
in Enterprise Software

 Share

Recommended Posts

SYNACK

SYNACK

Posted
Posted
Be interesting to see if it actually works when passing high traffic volumes now.... ;)

 

Issues? Was it under a virtual environment and on 2008 R2? It seemed to have some issues for us under 2008 r2 until the sp1 feature pack.

Domino

Domino

Posted
Posted

Issues? ISSUES?!

 

Ours consistently block traffic from vpn connected remote sites, for no reason. Or lock up totally, requiring a hard boot, or just blacklist whole subnets. On the initial rollout I had to rebuild it about three times due to issues with R2, then 64bit, then our network layout in general.

 

MS could never get to the bottom of it, even after talking to the dev team, so we've been ripping them all out and replacing them with Cisco ASA's (aside from exchange/sharepoint publishing). Shame as the ISAs we had before worked fairly reliably.

 

in short, I hate them. with a passion.

  • Thanks 1
SYNACK

SYNACK

Posted
Posted
Issues? ISSUES?!

 

Ours consistently block traffic from vpn connected remote sites, for no reason. Or lock up totally, requiring a hard boot, or just blacklist whole subnets. On the initial rollout I had to rebuild it about three times due to issues with R2, then 64bit, then our network layout in general.

 

MS could never get to the bottom of it, even after talking to the dev team, so we've been ripping them all out and replacing them with Cisco ASA's (aside from exchange/sharepoint publishing). Shame as the ISAs we had before worked fairly reliably.

 

in short, I hate them. with a passion.

 

Agreed that ISA was way more stable, ours is in a realitivly small deployment and even that was a bit squiffy until the latest round of patches. I'm hopeing that SP2 will iron out the last of the little glitches in it and pring it up to the standard of any of the ISA RTMs.

bio

bio

Posted
Posted

I have been working with proxy2.0/isa2000/isa2004/isa2006/TMG for many years now and i agree that ISA2006 was most stable. I hope that SP2 fixes the few glitches we have with TMG

 

bio..

SYNACK

SYNACK

Posted
Posted
Just installed it here and it has not killed anything, did not even require a pc reboot. I also hope like bio that this fixes some of the outstanding niggles and brings it up to ISA's standards.
Domino

Domino

Posted
Posted

From here: What the demise of Forefront TMG means for Windows Server

 

You may have noted that this past spring, Microsoft told the analyst firm Gartner that it wouldn’t be producing another shipping version of its Forefront Threat Management Gateway software.

 

Specifically, Microsoft indicated—strangely, only in this report and not in any other external communications—that it has placed Threat Management Gateway (TMG) in sustained engineering mode, and it doesn’t intend to offer products in the firewall and secure gateway space in the future. In effect, the product is dead, and in the future it will only get security updates and critical bug fixes; no further innovation will happen on the code base, at least in its present form.

 

This move left many scratching their heads. From its previous incarnation as Microsoft ISA Server through its rebranding into the Forefront line of products, TMG was considered a “best of breed” product in the security and edge-ware space. Despite it not being—and in some customers’ view, because it wasn’t—an appliance, TMG’s clever and intuitively set-up stateful packet inspection services and Web caching made it a go-to product in many Microsoft shops.

 

So the folks with the biggest and deepest investments in TMG—the ones using it day in and day out on their networks to keep the bad guys out—are naturally wondering where this move leaves them. What of TMG, and perhaps more importantly, what are the options for the future?

 

The clearest, most direct option Microsoft has is to fold TMG into its Unified Application Gateway (UAG) product, which is essentially a filter on inbound access to corporate resources. UAG is based on the same filtering engine as TMG; the direction of supported traffic is simply switched. This makes for a logical, and probably relatively simple, move to integrate the now-defunct TMG capabilities into the newer product the software giant is fond of pushing. However, UAG has its disadvantages: it’s mainly available only as a hardware and software combination, it’s somewhat clunky interface-wise, and it’s a lot more costly than TMG ever was. By subsuming the popular bits into a relatively unpopular product, Microsoft might be pushing for more adoption of UAG, but perhaps at an ultimate cost of customer satisfaction.

 

A less clear but undoubtedly more popular option would be simply to include TMG’s core capabilities within Windows Server 8. Microsoft has already been emphasizing the importance of device firewalls and making sure, from a defense-in-depth standpoint, individual machines and endpoints have the capability to withstand attacks. Including the TMG engine for free to anyone who buys a server license could appeal to both this logic and the customer base and allow the positive aspects of TMG to not get lost within a more complicated, specialized product.

 

Clearly for shops with a significant investment in ISA Server, Threat Management Gateway and so on, the absence of a future roadmap for the product—and its relegation to the backburner, being provided only security fixes for a limited period of time—is a point of concern. The window is now open for other vendors to provide integration and migration services to TMG customers as Microsoft exits this market. If you’re rethinking your edge protection, it’s a smart move to exclude Microsoft from your plans. In any event, they’ve decided to move on, and you should, too.

  • Thanks 1
gshaw

gshaw

Posted
Posted
That's part of the reason I've ignored it as an option for replacing our current firewalls as it's basically a timebomb until the support expires (also the idea of an edge firewall running Windows makes me feel distinctly nervous!)

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • 33 When would you like EduGeek EDIT 2025 to be held?

    1. 1. Select a time period you can attend


      • I can make it in June\July
      • I can make it in August\Sept
      • Other time period. Comment below
      • Either time
×
×
  • Create New...