TMG Forefront 2010 Features Confirmation

Currently I am using Untangle (lite version) and I don't have any problem except two features that two main features like Active Directory connector & Bandwidth monitor is a paid module and it is expensive than TMG Forefront licenses. So was wondering instead of going for Untangle and if I go for TMG 2010. Is it really worth. Because in Untangle I lack following features.

1. Live bandwidth monitoring (Which IP or User is consuming more bandwidth and on what URL)
2. No Https filtering, either I have to block 443 but can't because of accounts dept. using banking websites (or) use openDNS to do https filtering.
3. No PPTP VPN feature
4. Again, Branding logo is always way too expensive if such feature is available in Forefront where i can design my own block page according to companies logo.

One last question is that if I can install TMG Forefront on my one of the server which is a part of the domain and Server 2008 Standard 32bit (as a domain computer and not Domain controller) ?

Will list more in case if I remember but for now I want confirmation on above. Thank you.
LVL 12
ibrahim52Team LeaderAsked:
Who is Participating?
 
Suliman Abu KharroubConnect With a Mentor IT Consultant Commented:
1. is not available on TMG also, but the is a free add on for ISA/TMG which is bandwidth splitter.

2, Http filttering is available in TMG and it is enhanced by adding a new feature in TMG which is https inspection.

3. PPTP is available and also a new SSTP protocol is available.

4. yes you can customize the block screens , error screens or you can simply redirect the blocked site ( when user tries to access a blocked site, you can configure TMG to redirect the request to another website.
0
 
bergertimeCommented:
I would just like to add to Sulimanw

3.  PPTP is available and very easy to setup

Yes, you can install it on a domain computer, but never on a DC.  Mines on a 2008 R2 domain computer.
0
 
ibrahim52Team LeaderAuthor Commented:
Bandwidth monitoring is the main feature I am looking at more to meet my requirements. Do you have any screenshot or a any short clip how the interface looks like ?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
Suliman Abu KharroubIT Consultant Commented:
here is all you need: http://www.bsplitter.com/

correction: it is not free.
0
 
page1985Connect With a Mentor Commented:
When evaluating TMG, please keep in mind that Forefront TMG does not have a product roadmap anymore.  This means that there will be no future releases of the Forefront TMG product family.  Additionally, end of mainstream support (public patches, hotfixes, service packs, etc) is April 15th 2015 and end of extended support is April 15th 2020.
0
 
ibrahim52Team LeaderAuthor Commented:
berger, what about the installation. Like I said, I am currently having one server 2008 but it is only running as a port of a domain (just domain user and not as DC) so can I go ahead and install the TMG in it ?
0
 
Suliman Abu KharroubIT Consultant Commented:
Yes you can as long as its not a DC.
0
 
ibrahim52Team LeaderAuthor Commented:
and regarding bssplitter, I am not looking for allocating bandwidth to per user but only monitoring how much the bandwidth is being consumed through on each IP.
0
 
ibrahim52Team LeaderAuthor Commented:
but fastvue is an add on which is a paid version. I am looking to pay for only TMG and no additional headaches to my management, I am sure they won't be investing when it comes to IT but also don't miss any chance to keep nagging me till their request is fulfilled.
0
 
Suliman Abu KharroubConnect With a Mentor IT Consultant Commented:
TMG itself does not have a built in live bandwidth monitor but you can generate reports for past time (not live) ..
0
 
bergertimeConnect With a Mentor Commented:
It's reports are pretty good.  You can really see where the bandwidth goes.  Like Sulimanw said, it's not live.  But my mgmt was pretty happy with the reports for the first month, 2 years later thay haven't asked for any more.
0
 
ibrahim52Team LeaderAuthor Commented:
Yeah to be really honest I am not looking particularly for LIVE reports but at least in the end of the day I should be able to trace out the users or IP addresses which are consuming more bandwidth, watching online videos during working hours and block specific users with specific extension or url they visit to.

So I can have reports per "IP" traffic going on WAN interface. Right ?

I am sorry I am trying to clear my doubts because my management would make an investment and I am the responsible guy here.
0
 
ibrahim52Team LeaderAuthor Commented:
Thanks all for multiple advices and it really helped me implementing and testing the forefront.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.