TMG Alternative

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

If you didn't know already, Microsoft have decided to discontinue their excellent Forefront TMG (previously ISA) server product. We use ISA/TMG heavily to publish large scale Exchange/SharePoint/Lync platforms, and it has always done the job perfectly. The decision is baffling, but it's very unlikely Microsoft is going to change its mind now.

I was wondering, what do the good people of CF use to publish the aforementioned products to the internet? I'm aware of the alternatives, but have only ever personally used ISA/TMG.

Thanks,

Gavin

 

We use hardware appliances like F5 BigIP, they work as reverse proxy and load balancers... We use them with Exchange, Lync, and other third party products. I've used ISA/TMG in the past, but not enough to really play with them and see their full functionality.

 

We won't be ditching it just yet, but there are licensing implications which means we can't (easily) acquire additional licenses for it.

I can only imagine they pulled it because of the difficulty in supporting it? There's pretty much nothing that a 'first line' response could cover, so calls would have to very quickly be passed to someone competent both in the product itself and 'networking' as a whole (i.e. someone quite expensive).

We're currently looking at KEMP's range of virtual load balancers (The KEMP ESP). The interface has a 'basic but functional' feel, and their initial pre-sales support seems to be excellent, so they may be the solution we go for.

It would be interesting to hear if anyone has had much experience with KEMP?

The last set of load balancers we purchased (to publish POP/IMAP/SMTP) have proved to be unreliable. We have twelve in production, handling various levels of traffic, and they all seem to be extremely unreliable, they randomly stop responding (requiring a power cycle) for no apparent reason and occasionally lose their configuration altogether. Their support team also managed to cause a MSO, despite written confirmation that their support access would be read only... *sigh*

- Gavin

 

It wasn't a question of supporting it, but rather a question of aligning Microsoft to be a "security" company, or a "security focused" company. Apparently the first option didn't really play to Microsoft's favor and thus several 'Forefront' suites are being discontinued.

Shame really, many customers are happy with TMG and the TMG pros in my team need to focus their experience on other technologies now. For those of us with home labs, TMG was also a good (free) alternative for us to publish Exchange or Lync in a secure manner. I can't see myself buying a Kemp or F5 to for my fiddling