[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

TMG Forefront 2010 Features Confirmation

Posted on 2012-08-29
14
Medium Priority
?
1,256 Views
Last Modified: 2012-09-19
Currently I am using Untangle (lite version) and I don't have any problem except two features that two main features like Active Directory connector & Bandwidth monitor is a paid module and it is expensive than TMG Forefront licenses. So was wondering instead of going for Untangle and if I go for TMG 2010. Is it really worth. Because in Untangle I lack following features.

1. Live bandwidth monitoring (Which IP or User is consuming more bandwidth and on what URL)
2. No Https filtering, either I have to block 443 but can't because of accounts dept. using banking websites (or) use openDNS to do https filtering.
3. No PPTP VPN feature
4. Again, Branding logo is always way too expensive if such feature is available in Forefront where i can design my own block page according to companies logo.

One last question is that if I can install TMG Forefront on my one of the server which is a part of the domain and Server 2008 Standard 32bit (as a domain computer and not Domain controller) ?

Will list more in case if I remember but for now I want confirmation on above. Thank you.
0
Comment
Question by:ibrahim52
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 1200 total points
ID: 38347679
1. is not available on TMG also, but the is a free add on for ISA/TMG which is bandwidth splitter.

2, Http filttering is available in TMG and it is enhanced by adding a new feature in TMG which is https inspection.

3. PPTP is available and also a new SSTP protocol is available.

4. yes you can customize the block screens , error screens or you can simply redirect the blocked site ( when user tries to access a blocked site, you can configure TMG to redirect the request to another website.
0
 
LVL 2

Expert Comment

by:bergertime
ID: 38347761
I would just like to add to Sulimanw

3.  PPTP is available and very easy to setup

Yes, you can install it on a domain computer, but never on a DC.  Mines on a 2008 R2 domain computer.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 38347764
Bandwidth monitoring is the main feature I am looking at more to meet my requirements. Do you have any screenshot or a any short clip how the interface looks like ?
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 38347788
here is all you need: http://www.bsplitter.com/

correction: it is not free.
0
 
LVL 6

Assisted Solution

by:page1985
page1985 earned 400 total points
ID: 38348032
When evaluating TMG, please keep in mind that Forefront TMG does not have a product roadmap anymore.  This means that there will be no future releases of the Forefront TMG product family.  Additionally, end of mainstream support (public patches, hotfixes, service packs, etc) is April 15th 2015 and end of extended support is April 15th 2020.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 38349146
berger, what about the installation. Like I said, I am currently having one server 2008 but it is only running as a port of a domain (just domain user and not as DC) so can I go ahead and install the TMG in it ?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 38349323
Yes you can as long as its not a DC.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 38349792
and regarding bssplitter, I am not looking for allocating bandwidth to per user but only monitoring how much the bandwidth is being consumed through on each IP.
0
 
LVL 23

Assisted Solution

by:Suliman Abu Kharroub
Suliman Abu Kharroub earned 1200 total points
ID: 38349854
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 38353316
but fastvue is an add on which is a paid version. I am looking to pay for only TMG and no additional headaches to my management, I am sure they won't be investing when it comes to IT but also don't miss any chance to keep nagging me till their request is fulfilled.
0
 
LVL 23

Assisted Solution

by:Suliman Abu Kharroub
Suliman Abu Kharroub earned 1200 total points
ID: 38354334
TMG itself does not have a built in live bandwidth monitor but you can generate reports for past time (not live) ..
0
 
LVL 2

Assisted Solution

by:bergertime
bergertime earned 400 total points
ID: 38354381
It's reports are pretty good.  You can really see where the bandwidth goes.  Like Sulimanw said, it's not live.  But my mgmt was pretty happy with the reports for the first month, 2 years later thay haven't asked for any more.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 38356063
Yeah to be really honest I am not looking particularly for LIVE reports but at least in the end of the day I should be able to trace out the users or IP addresses which are consuming more bandwidth, watching online videos during working hours and block specific users with specific extension or url they visit to.

So I can have reports per "IP" traffic going on WAN interface. Right ?

I am sorry I am trying to clear my doubts because my management would make an investment and I am the responsible guy here.
0
 
LVL 12

Author Closing Comment

by:ibrahim52
ID: 38412817
Thanks all for multiple advices and it really helped me implementing and testing the forefront.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question