I always thought TMG was the replacement for ISA-Server... and now they are killing it ?
To answer my own question, it seems to be true... a lot of very unhappy admins about right now.
It won't take long before I start getting asked about this, and I guess that's the end of MS in our security infrastructure upgrade plan.
For the most part it seems they're just rolling anti-virus tools directly into the products they protect (as they have done with Windows 8), which seems reasonably sensible and it's probably a necessary step to let go of the enterprise management tools of these, to give the Security Partners some assurance of a future.
ISA-Server, aka TMG, is probably the only "real" casualty in all this. But there's an obviously compelling argument for suggesting that if you want to go with a Microsoft solution for remote access to the network, you are leaps and bounds better off planning migration to DirectAccess than considering another version of TMG.
TMG is a fully featured firewall, more comparable to a Cisco ASA device... which is what we are now re-jigging our upgrade plans for.
@elmer: Yeah, but by and large it's much, much cheaper to just put an off-the-shelf hardware firewall device in place than to go with TMG. Especially once you go with DirectAccess, since most of the complexity that usually goes along with authentication and access control just becomes a non-issue (plus you get the benefits of remote management of client devices without having to have them connect to a vpn).
Forefront as a business is gone. The offerings within Forefront have either been absorbed into the Microsoft offerings they were aligned with, into the businesses they were aligned with, or where neither made sense been declared end-of-life.
Forefront TMG (previously known as ISA) was one of the casualties. This one strikes close to home because it was one of "mine". TMG was victim to a changing landscape in which the vast majority of the network edge security business had moved to network appliances. And so TMG was the leading product in the software-only category, but it had become an insignificant factor in the overall market. In addition, the general view was that the network boundary was going to disappear as the trends toward BYOD, IPv6, and IPsec accelerated. As such TMG had lost its strategic value before TMG 2010 (which was the major revamp and rename from ISA) even shipped. It's demise was inevitable, and I knew it couldn't be far off when I saw an article in which Microsoft made available a SNORT rule that Microsoft IT had created. That meant Microsoft IT had abandoned TMG in favor of a SNORT-based solution.
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.