Coffeehouse Thread

6 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Forefront TMG - Killed ?

Back to Forum: Coffeehouse
  • User profile image
    elmer

    Perhaps I am misreading this.... but it says to me like MS are killing of most of the Forefront products ?

    http://blogs.technet.com/b/isablog/archive/2012/09/12/important-information-regarding-changes-to-forefront-product-roadmaps.aspx

    I always thought TMG was the replacement for ISA-Server... and now they are killing it ?

  • User profile image
    elmer

    To answer my own question, it seems to be true... a lot of very unhappy admins about right now.

    It won't take long before I start getting asked about this, and I guess that's the end of MS in our security infrastructure upgrade plan.

  • User profile image
    AndyC

    For the most part it seems they're just rolling anti-virus tools directly into the products they protect (as they have done with Windows 8), which seems reasonably sensible and it's probably a necessary step to let go of the enterprise management tools of these, to give the Security Partners some assurance of a future.

    ISA-Server, aka TMG, is probably the only "real" casualty in all this. But there's an obviously compelling argument for suggesting that if you want to go with a Microsoft solution for remote access to the network, you are leaps and bounds better off planning migration to DirectAccess than considering another version of TMG.

  • User profile image
    elmer

    TMG is a fully featured firewall, more comparable to a Cisco ASA device... which is what we are now re-jigging our upgrade plans for.

  • User profile image
    AndyC

    @elmer: Yeah, but by and large it's much, much cheaper to just put an off-the-shelf hardware firewall device in place than to go with TMG. Especially once you go with DirectAccess, since most of the complexity that usually goes along with authentication and access control just becomes a non-issue (plus you get the benefits of remote management of client devices without having to have them connect to a vpn).

  • User profile image
    felix9

    From Hal2020: http://hal2020.com/2012/09/15/goodbye-forefront-it-was-nice-knowing-you/

    Forefront as a business is gone.  The offerings within Forefront have either been absorbed into the Microsoft offerings they were aligned with, into the businesses they were aligned with, or where neither made sense been declared end-of-life.

    Forefront TMG (previously known as ISA) was one of the casualties.  This one strikes close to home because it was one of "mine".  TMG was victim to a changing landscape in which the vast majority of the network edge security business had moved to network appliances.  And so TMG was the leading product in the software-only category, but it had become an insignificant factor in the overall market.  In addition, the general view was that the network boundary was going to disappear as the trends toward BYOD, IPv6, and IPsec accelerated.  As such TMG had lost its strategic value before TMG 2010 (which was the major revamp and rename from ISA) even shipped.  It's demise was inevitable, and I knew it couldn't be far off when I saw an article in which Microsoft made available a SNORT rule that Microsoft IT had created.  That meant Microsoft IT had abandoned TMG in favor of a SNORT-based solution.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.