[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2913
  • Last Modified:

TMG Migration to F5

we are migrating our TMG infrastructure to F5. since F5 is still a bit new for us, i am tryin to collect as much info as i can:
does anyone have experience i that? are there any recommendations and best practices how to follow up? thx for help,
0
DukewillNukem
Asked:
DukewillNukem
1 Solution
 
btanExec ConsultantCommented:
TMG typically can be deployed for forward proxy having filter traffic going into the internet while F5 is normally a reverse proxy to balance and filter the internal server(s). Having said that, it is still possible for F5 (primarily LTM) to serves as forward proxy too, but need to check TMG rule of filtering and have it implemented in F5. IRule from F5 is the last resort if there is drilled down based on HTTP header or application content inspection etc. F5 has ASM too that is HTTP aware and acts as web application FW that is a good complement to F5 LTM...In short, the important thing is to ensure rules from TMg can be maintained w/o iRule where possible to maximise the buy and gain higher security protection with flexibility to add in modules such as ASM (web security checks) or APM (user access control)

There are quite a couple of collaterals to drill into but do consult the F5 principle and definitely this is not a new thing ...but maybe the below can kickstart some ideas

Overview - Securing MS appls
http://www.f5.com/pdf/white-papers/microsoft-threat-management-gateway-alternatives-white-paper.pdf

TMG2F5 Series: Publishing Microsoft Exchange Using F5
https://devcentral.f5.com/articles/tmg2f5-series-publishing-microsoft-exchange-using-f5

TMG2F5 Series: BIG-IP LTM as the Lync Reverse Proxy
https://devcentral.f5.com/articles/tmg2f5-series-big-ip-ltm-as-the-lync-reverse-proxy

Actually F5 also load balance TMG
http://www.f5.com/pdf/deployment-guides/microsoft-forefront-tmg-dg.pdf

However, if you still open to alternative as a whole...catch this
https://www.winsec.nl/2013/01/16/securing-edge-post-tmg-world/
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now