Geeks With Blogs
Kay Sellenrode's Blog

So it took a while before i could post my expierence sofar with the TMG.
This all due to memory i ordered online and which just arrived 5 weeks later than expected.

So well lets start with my review of this new microsoft product.

The installation is a bit confusing. When you download the 310 MB file for the TMG and you run it, you will be told that it will install the Forefront Threat Management Gateway in "C:\program files(x86)\Microsoft ISA server" and it will finish with a screen telling you, you succesfully installed the TMG. Wow that was a fast setup to install the TMG.

But Badly enough all you just did was unpack the archive. so after browsing around on your hard drive you will find the Microsoft ISA server directory in your x86 (only on 64 bit machines) program files directory.

In there you have the whole setup to install TMG(ISA) on your machine. So i would advise to unpack your files not in program files but put it to your normal setup/install directory where it belongs.


From here you run the ISAAutorun.exe
This will show you the flash screen from where you can start the setup.

And once started with the real setup you notice soon that i has been improved quite some.
you will be prompted with the first question if you would like to install the full product or only the Management tools.
Though it might be a little optimized, after making your choice you will be prompted with the component selection screen. Personly i would like it to be like the office setup, give the user the option to click on an advanced button to select the components individually instead of giving all options.

now you also see why it is important to move the installation files to a different directory, the full product will use the exact same installation directory.
Next you will be given the internal network screen where you specify the internal lan addresses. Hereafter the setup will complete the installation and will end with an Getting Started Wizard.

This Getting started Wizard will guide you trough the basic setup of the TMG.
You start by selecting which profile you would like to use for the network setup.
in my case i used the Edge firewall setup. Hereafter i get prompted to tell what my internal network adapter is.
The meaning i don't really understand since i already provided my internal network address range earlier.
At least i can now specify additional internal routes, which is nice and was missing from the previous versions of ISA

from the network settings you will go to the next step "system settings" , this wizard will be for the most people just default and just to verify that the system is configured for the domain or workgroup.

all will end with the last wizard named "Deployment options". this one is all about Updates for the malware scanning which now is part of the TMG.
So now you have done the basic setup of the TMG, another Wizard will popup "the Web Access Policy Wizard"

And you will be prompted to enable or disable the malware option, default it will be active for a 90 days trial period.
It then lets you specify sites that you want to block for your users, interesting idea. Though i still think this would only work if you could do this with categories and a subscription to updated url lists. Blocking sites manually is mostly a waste of time in my opinion. now (again) you will be asked if you would like to scan your http traffic rules (created through the wizard) for malware. and then for me supprisingly you will be asked if you would like to enable caching on your disk.

Recent years it became less usefull i think to cash data from the internet and most of my customers have it all disabled. And while i was thinking that it would be gone, it is still there.

And ofcourse for enough good reasons, in the reverse proxy scenario it will remove some load from your webservers. And here in the Netherlands we might have great speeds to the internet. But my last trip through guatemala and Honduras showed me that 56k modem connections are still around.

So now we have finished all the default wizards and we come into the new management console.
For the people that have worked with ISA 2004/2006 they all will recognize this console and will just see some additions to what they know. For the few that havn't looked at ISA 2004/2006 and are still on ISA 2000, well it is time to go and take a deep dive into this product.

 My next post will descride my first few days working with the TMG.
if you have any questions just ask, hopefully i can answer them for you.



Posted on Sunday, May 18, 2008 5:39 PM | Back to top

Comments on this post: Forefront TMG (former ISA)

# re: Forefront TMG (former ISA)
Requesting Gravatar...
I wanna khnow what is TMG?please help me to realize what is it thank you so much
Left by ELNAZ on Sep 02, 2008 10:53 AM

# re: Forefront TMG (former ISA)
Requesting Gravatar...
i want download
Left by mohamed on Mar 08, 2010 3:12 AM

Your comment:
 (will show your gravatar)

Copyright © Kay Sellenrode | Powered by: