Configuring TMG for Exchange 2010

I wonder if I need Microsoft TMG forefront  installed on EDGE Server.
I mean TMG or similar solutions.

In the past I have used GFI and installed it in on SMTP server in the DMZ to scan email for viruses before it get forwarded to the mailbox. that was in Exchange 2003.

Exchange 2010 has Edge Server, I am sure I can install GFI on it, but I am thinking what TMG  forefront  can do if I install it on the EDGE server.? or it has to be installed on a separate box on the DMZ where the Edge is installed?

I believe TMG forefront has anti virus/spam/malware functionalities as well as proxying.

Thank you
Who is Participating?
jskfanConnect With a Mentor Author Commented:
If I install TMG in Edge server , the TMG will be good just for Exchange functionalities.
If I am right TMG is used for other applications too, such as web servers, etc...

So, Is it possible to install TMG in 2 spearate loadbalanced windows boxes( loadbalnce +   High availability)? and configure anti spam on both servers (TMG as well as on Edge servers).
I guess it will be better to have 2 Edge servers (loadbalanced and High Availabilty), as well.

Sumit GuptaConnect With a Mentor System and Virtualization EngineerCommented:
Forefront TMG enables you to protect your organization from spam, viruses and other e-mail-based threats. It does this by leveraging the mail protection provided by Forefront Protection 2010 for Exchange Server (FPES), and by utilizing the end-to-end mail relay service provided by Exchange Edge Transport server.

The steps needed to install Exchange 2010 and TMG on the same box:
Sumit GuptaConnect With a Mentor System and Virtualization EngineerCommented:
I used TMG in very simple scenarios but I found a similar question on the link:

But for load balanced yes it will be better to have 2 edge servers.
The answer from other expert for this is:
In addition to your options, you can now have TMG and Edge 2010 on the same server.

I don't think I'd deploy NLB, though I'd consider hardware load balancing.  I don't even know if it's supported with TMG.  If you put TMG in front of Edge (on separate servers) you'd want to use a server farm instead of NLB for the Edge servers, I think.

There is one more post on this question and here the link for that:
jskfanAuthor Commented:
I know that Exchange Hub Transport serve0rs load balance themselves , they do not need Load Balancer. I wonder if Edge servers can Load balance themselves.

Regarding the TMG Implementation, can you please explain the way you put your hardware in the network ? Example:

External Firewall

2 Load Balancer (for traffic coming inside)
2 TMGs ( Please tell me whether the Anti-Virus and Anti Spam should be set up here or on the Edge servers)
2 Exchange Edge Servers (Please tell me whether the Anti-Virus and Anti Spam should be set up here or on the TMG)
2 other Load Balancer(for traffic going out)

2 or more Hub/CAS servers

2 or more Mailbox Servers

Elaboration on this question will be very much appreciated
jskfanAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.