?
Solved

Drawback of having my TMG cluster connected to the domain.

Posted on 2010-09-01
4
Medium Priority
?
886 Views
Last Modified: 2012-05-10
Hi,

I have just build a TMG cluster, I will be moving it into our DMZ but was wondering if I should connect it to the domain or not. Any reason why I should NOT connect my TMG setup to the domain?

Mostly I want to know about the security reasons behind why not to do it.

Thanks
0
Comment
Question by:reactionz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33574349
Best practice is to connect it to the domain everytime
Keith
0
 

Author Comment

by:reactionz
ID: 33574357
Thanks for that. Is there any documentation outlining this at all that I can look at and show to the powers-that-be?

I tried to look but can't find anything.
0
 
LVL 4

Expert Comment

by:kurian2z5
ID: 33574588
There was an article by one of the Microsoft guys regarding why ISA server should be connected to the domain. In the end, there are no security issues and you can assign domain user level access.
0
 
LVL 4

Accepted Solution

by:
kurian2z5 earned 200 total points
ID: 33574636
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question