As network threats have become more complex, every node in a network has become a potential target, from routers to switches to workstations. Enter Microsoft Threat Management Gateway (TMG) 2010. The successor to Microsoft Internet Security and Acceleration (ISA) Server, TMG 2010 offers a more robust set of features than its predecessor. In the book, Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion, authors Yuri Diogones, Jim Harrison and Mohit Saxena guide you through the features and functionality of TMG.

The writing style, typical of a team effort, is somewhat dry and technical.  On the plus side, the book assumes a basic knowledge of most networking protocols but doesn’t come across as patronizing.  Sections detailing the history of TMG were especially interesting, as the past critique of ISA server has typically been that it’s running on a Windows platform. Despite the historical notes, however, one glaring area is a lack of context and comparison to other equivalent products. Forefront TMG is currently going up against a large number of SMB firewall products (and a few enterprise ones) and addressing the strengths and weaknesses would’ve been a good addition. Unlike most of Microsoft’s other products, TMG needs to deal with a strong anti-software-based-firewall sentiment among many network administrators.

On the plus side, the book goes into great depth about each of the key features that make TMG a great product. The width of abilities (web proxying/high availability/firewall/vpn/IDS/IPS/scripting) included with TMG is breathtaking, and one of the strongest feature sets around. If anything, the short chapter comparing TMG to UAG left me thinking (despite the best efforts of the authors) “why bother using UAG…TMG may subsume those features at a later point?” Once systems administrators realize that TMG contains many of the enterprise level-features in a small, easy-to-scale package, they’ll certain want to evaluate it.

This then, plays to the greatest strength of TMG: as a software firewall, I can download it, install it, cluster it with a second VM, and play with it for days without needing additional hardware. I could even have a spare VM sitting unused, with dedicated network cards, just waiting for a failure (if for some reason I haven’t made use of the excellent TMG clustering features, that is!).

At the end of the book, the work succeeded on a basic level: I can’t wait to spin up TMG and see how it fares. Congrats to the Forefront TMG team for an excellent book.

Related Blog Posts

Chromeless YouTube Videos for Responsive Pages

By default, embedded YouTube videos are contained in a player chrome that contains video controls and branding. While developing our new responsive video tips page, we wanted a clean visual style with the following attributes: Video player that expands and contracts responsively Display a high definition version of the video Deliver the video in a […]

Mobilegeddon: The Fallout

Google’s mobile algorithm update, christened “Mobilegeddon” by the internet community, has now been in effect for a little over a month and a half. While Google was nice enough to give advance warning of their mobile-friendly ranking update, it didn’t stop companies from sending their development teams into a frenzy in an attempt to convert […]

Microsoft Azure - The jump to Hyperscale

There’s really no better way to describe yesterday’s Azure announcement except to say that everything is getting bigger and better. Before we discuss new announcements let’s look at where we are now. Per this excellent Ars Technica Article, Azure is already massive: 600,000 servers per region More than 11 million total servers Moving forward, Azure […]

Creating SharePoint Relative Links

Site Templates in SharePoint can be extremely useful, however one of the major shortcomings is that any links you put into the site template will be relative to the site collection, and not to the site. This can be overcome with some simple HTML embedded in Script Editor web part, meaning creating SharePoint relative links is quite easy […]