Solved

isa 2006 & tmg query

Posted on 2012-04-10
12
806 Views
Last Modified: 2012-04-11
hi as a learning curve/test, ive configured a win 2003 domain platform attached to a win 2003/2 nic - 'isa 2006' standard via netgear router box direct to internet successfully providing internet access for internal domain users and a successful remote vpn.

my next task is to learn and configure the 'site-to-site vpn/branch office etc

note: currently i only have 32bit machines and have setup in the passed a windows 2008 32 bit basic user domain for learning curve.

note: i am aware tmg 2012 requires a win 2008/64 bit platform as not supported on win 2003!!

note:  forefront tmg is not supported on all editions of windows server 2008
- Installation of forefront tmg is only supported in standard, enterprise and datacenter edition and is not supported on windows server core!

i am now reading 'url':

-http://www.isaserver.org/tutorials/Microsoft-Forefront-TMG-UAG-feature-comparison.html

question 1.  am i understanding below correct that i should do the following:

- 'export' my isa 2006/standard and save
- complete fresh install of - TMG_ENU_Management_x86
- lastly 'import' - saved isa 2006/standard configurations

"In-place upgrade from ISA Server 2004/2006 to Forefront TMG is not supported
- You have to export the ISA Server configuration and to import this configuration on a fresh TMG installation"  - ?

question 2.

what is the difference between isa 2006 & forefront tmg ?

question 3.

as i have downloaded both 'evaluation copies' im trying to understand when i should use:

- isa 2006 enterprise - ?
or
- TMG_ENU_Management_x86 - ?

it would be appreciated if i could get a specific answer to each of the 3 questions above so will have some direction as i have chosen to learn step by step and eventually evolve across to 'tmg 2012' when i have 64 bit machines!! :)
0
Comment
Question by:mikey250
  • 7
  • 5
12 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 37829004
ISA is for 32-bit environments up to and including 2003, TMG is 64-bit from Windows Server 2008 onwards. Whilst there was an early beta version of TMG for 32-bit windows server 2008 this should not be used - would be like comparing a Model T ford and a ferrarri and saying they are the same because both are cars.

ISA should not be used for ANY new installation really as is now out of mainstream support. The tmg_enu_management_x86 is NOT FTMG, it is the management system.

The fundamentals between isa and TMG are not huge but how they do 'under the covers' is significant. TMG gives you all the url categories that you can allow/deny built in to the solution rather than having to create them all manually. Still does proxy, stateful inspection/firewall and application gateway/publishing. Still is VPN solution etc but the GUI has been updated by a lot. Also - as mentioned - it only runs on a 64-bit OS (and cannot be installed on a normal DC).

TMG/UAG are COMPLETELY different products within the Forefront family product. UAG is the enterprise product for remote access and publishing (protecting the internal networks from 'things' that are allowed IN access the internal networks/services); TMG is the Enterprise product for Proxy etc (protecting internal users and services when they go OUT to the untrusted environments such as the Internet etc).
0
 

Author Comment

by:mikey250
ID: 37829077
hi keith again!!!:)  ok!

when you say:  "The tmg_enu_management_x86 is NOT FTMG, it is the management system". - what should i do with it although old as you say (dont forget only learning curve for me in the visual sense also as never clapped eyes on isa products at all until you've assisted me ?

until i can evolve/afford 64 bit!!

also this comment below is stated in the 'url' in my main thread above:

"In-place upgrade from ISA Server 2004/2006 to Forefront TMG is not supported
- You have to export the ISA Server configuration and to import this configuration on a fresh TMG installation"
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 500 total points
ID: 37829095
If you have a spare server - and can get hold of the Windows server 2008 32-bit edition to put on the said server - then you can try and install it. If you have not got one/can not get the OS then it is useless to you - and can be junked.
0
 

Author Comment

by:mikey250
ID: 37829212
yes i do have a win 2008 32bit as i already at the end of last year configured it as 'dc/dns/dhcp', with gpmc/software installed automatically onto a client machine just to test and that was it just to get familiar with the 'os'!  it is not installed now though!!

i have no spare 'server' yet until ive finished with isa 2006 standard
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37829427
OK - the 32-bit beta copy of TMG was three years ago now but I am pretty sure that was the name of it. The size of the x86 file might help to point it out whether this is just the management part (whiis lterally just the management piece or the full beta version before it went to 64-bit only.
0
 

Author Comment

by:mikey250
ID: 37829725
ok.  thanks for that!!

i will now look into 'site-to-site vpn' and 'branch office' or whatever with isa 2006 standard.  once done can you tell me what i should be doing with isa 2006 enterprise although other than linking multiple sites to do what isa 2006 standard does, im not sure ?

im gonna call it a night now until tomorrow!!

thanks for replying!!:)
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 500 total points
ID: 37830351
The only purpose of ISA Enterprise against ISA standard is if you want to use the NLB function within ISA or you want to have two ISA nodes in an array for resilience/failover.
0
 

Author Comment

by:mikey250
ID: 37831817
hi keith, i did an isa 2006 fundamental video course over a week in between my other stuff at home online the other week but it only touched upon the 'enterprise' but yes i remember them stating what you have just said.

all good so i can leave that for the time being really!!

appreciated!!:)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37831931
Yep :)
0
 

Author Comment

by:mikey250
ID: 37831947
tar!:)
0
 

Author Comment

by:mikey250
ID: 37831954
i have a 'dns server publishing' thread out there!! dont suppose you can look at it for me!!

ignore my comments above ive just had a good response so will not configure it unless i look at 'split dns'.  will go on to do list for another day!!
0
 

Author Closing Comment

by:mikey250
ID: 37831986
sound advice!!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now