Forefront TMG 2010 – internal upgrade

Well, i finally got around to replacing our internal Adexis ISA 2006 with Forefront TMG 2010 (threat management gateway – not a fan of that name….)

very nice to be rid of the last Windows 2003 (production) box on the network… now just need OCS 2007 R2 to support 2008 R2, and we would also be rid of all the 2008 boxes…. always nice to be current 🙂

Anyhoo – ISA upgrade…. absolute piece of piss…. with previous upgrades i had always found the smallest things would make the config import die… it wasn’t a show stopper, but it was, a pain.

Going from 2006 to 2010, a number of settings, such as certs, specific listening IPs etc imported happily, even though the certs or IP’s weren’t on the machine yet. As soon as i updated the network config and imported the certs – they lined straight back up again – fantastic! (didn’t even have to go back in and update the rules to their original settings!)

Some of the the things in the interface are still a little average…. such as not being able to drag/drop the rule positions, or drag/drop rules into groups…. but, with my current “like for like” usage – its looking good – and yet another very easy migration path. (MS have obviosuly concernatrated on this considering how easy exchange 2010 is also to upgrade)

Will look into implementing some of the new features over the next few weeks.

Leave a Reply