Solved

isa 2006 & tmg query

Posted on 2012-04-10
12
809 Views
Last Modified: 2012-04-11
hi as a learning curve/test, ive configured a win 2003 domain platform attached to a win 2003/2 nic - 'isa 2006' standard via netgear router box direct to internet successfully providing internet access for internal domain users and a successful remote vpn.

my next task is to learn and configure the 'site-to-site vpn/branch office etc

note: currently i only have 32bit machines and have setup in the passed a windows 2008 32 bit basic user domain for learning curve.

note: i am aware tmg 2012 requires a win 2008/64 bit platform as not supported on win 2003!!

note:  forefront tmg is not supported on all editions of windows server 2008
- Installation of forefront tmg is only supported in standard, enterprise and datacenter edition and is not supported on windows server core!

i am now reading 'url':

-http://www.isaserver.org/tutorials/Microsoft-Forefront-TMG-UAG-feature-comparison.html

question 1.  am i understanding below correct that i should do the following:

- 'export' my isa 2006/standard and save
- complete fresh install of - TMG_ENU_Management_x86
- lastly 'import' - saved isa 2006/standard configurations

"In-place upgrade from ISA Server 2004/2006 to Forefront TMG is not supported
- You have to export the ISA Server configuration and to import this configuration on a fresh TMG installation"  - ?

question 2.

what is the difference between isa 2006 & forefront tmg ?

question 3.

as i have downloaded both 'evaluation copies' im trying to understand when i should use:

- isa 2006 enterprise - ?
or
- TMG_ENU_Management_x86 - ?

it would be appreciated if i could get a specific answer to each of the 3 questions above so will have some direction as i have chosen to learn step by step and eventually evolve across to 'tmg 2012' when i have 64 bit machines!! :)
0
Comment
Question by:mikey250
  • 7
  • 5
12 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 37829004
ISA is for 32-bit environments up to and including 2003, TMG is 64-bit from Windows Server 2008 onwards. Whilst there was an early beta version of TMG for 32-bit windows server 2008 this should not be used - would be like comparing a Model T ford and a ferrarri and saying they are the same because both are cars.

ISA should not be used for ANY new installation really as is now out of mainstream support. The tmg_enu_management_x86 is NOT FTMG, it is the management system.

The fundamentals between isa and TMG are not huge but how they do 'under the covers' is significant. TMG gives you all the url categories that you can allow/deny built in to the solution rather than having to create them all manually. Still does proxy, stateful inspection/firewall and application gateway/publishing. Still is VPN solution etc but the GUI has been updated by a lot. Also - as mentioned - it only runs on a 64-bit OS (and cannot be installed on a normal DC).

TMG/UAG are COMPLETELY different products within the Forefront family product. UAG is the enterprise product for remote access and publishing (protecting the internal networks from 'things' that are allowed IN access the internal networks/services); TMG is the Enterprise product for Proxy etc (protecting internal users and services when they go OUT to the untrusted environments such as the Internet etc).
0
 

Author Comment

by:mikey250
ID: 37829077
hi keith again!!!:)  ok!

when you say:  "The tmg_enu_management_x86 is NOT FTMG, it is the management system". - what should i do with it although old as you say (dont forget only learning curve for me in the visual sense also as never clapped eyes on isa products at all until you've assisted me ?

until i can evolve/afford 64 bit!!

also this comment below is stated in the 'url' in my main thread above:

"In-place upgrade from ISA Server 2004/2006 to Forefront TMG is not supported
- You have to export the ISA Server configuration and to import this configuration on a fresh TMG installation"
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 500 total points
ID: 37829095
If you have a spare server - and can get hold of the Windows server 2008 32-bit edition to put on the said server - then you can try and install it. If you have not got one/can not get the OS then it is useless to you - and can be junked.
0
 

Author Comment

by:mikey250
ID: 37829212
yes i do have a win 2008 32bit as i already at the end of last year configured it as 'dc/dns/dhcp', with gpmc/software installed automatically onto a client machine just to test and that was it just to get familiar with the 'os'!  it is not installed now though!!

i have no spare 'server' yet until ive finished with isa 2006 standard
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37829427
OK - the 32-bit beta copy of TMG was three years ago now but I am pretty sure that was the name of it. The size of the x86 file might help to point it out whether this is just the management part (whiis lterally just the management piece or the full beta version before it went to 64-bit only.
0
 

Author Comment

by:mikey250
ID: 37829725
ok.  thanks for that!!

i will now look into 'site-to-site vpn' and 'branch office' or whatever with isa 2006 standard.  once done can you tell me what i should be doing with isa 2006 enterprise although other than linking multiple sites to do what isa 2006 standard does, im not sure ?

im gonna call it a night now until tomorrow!!

thanks for replying!!:)
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 500 total points
ID: 37830351
The only purpose of ISA Enterprise against ISA standard is if you want to use the NLB function within ISA or you want to have two ISA nodes in an array for resilience/failover.
0
 

Author Comment

by:mikey250
ID: 37831817
hi keith, i did an isa 2006 fundamental video course over a week in between my other stuff at home online the other week but it only touched upon the 'enterprise' but yes i remember them stating what you have just said.

all good so i can leave that for the time being really!!

appreciated!!:)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37831931
Yep :)
0
 

Author Comment

by:mikey250
ID: 37831947
tar!:)
0
 

Author Comment

by:mikey250
ID: 37831954
i have a 'dns server publishing' thread out there!! dont suppose you can look at it for me!!

ignore my comments above ive just had a good response so will not configure it unless i look at 'split dns'.  will go on to do list for another day!!
0
 

Author Closing Comment

by:mikey250
ID: 37831986
sound advice!!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
A short film showing how OnPage and Connectwise integration works.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now