Solved

TMG Migration to F5

Posted on 2013-11-06
1
2,502 Views
Last Modified: 2013-11-22
we are migrating our TMG infrastructure to F5. since F5 is still a bit new for us, i am tryin to collect as much info as i can:
does anyone have experience i that? are there any recommendations and best practices how to follow up? thx for help,
0
Comment
Question by:DukewillNukem
1 Comment
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
ID: 39630106
TMG typically can be deployed for forward proxy having filter traffic going into the internet while F5 is normally a reverse proxy to balance and filter the internal server(s). Having said that, it is still possible for F5 (primarily LTM) to serves as forward proxy too, but need to check TMG rule of filtering and have it implemented in F5. IRule from F5 is the last resort if there is drilled down based on HTTP header or application content inspection etc. F5 has ASM too that is HTTP aware and acts as web application FW that is a good complement to F5 LTM...In short, the important thing is to ensure rules from TMg can be maintained w/o iRule where possible to maximise the buy and gain higher security protection with flexibility to add in modules such as ASM (web security checks) or APM (user access control)

There are quite a couple of collaterals to drill into but do consult the F5 principle and definitely this is not a new thing ...but maybe the below can kickstart some ideas

Overview - Securing MS appls
http://www.f5.com/pdf/white-papers/microsoft-threat-management-gateway-alternatives-white-paper.pdf

TMG2F5 Series: Publishing Microsoft Exchange Using F5
https://devcentral.f5.com/articles/tmg2f5-series-publishing-microsoft-exchange-using-f5

TMG2F5 Series: BIG-IP LTM as the Lync Reverse Proxy
https://devcentral.f5.com/articles/tmg2f5-series-big-ip-ltm-as-the-lync-reverse-proxy

Actually F5 also load balance TMG
http://www.f5.com/pdf/deployment-guides/microsoft-forefront-tmg-dg.pdf

However, if you still open to alternative as a whole...catch this
https://www.winsec.nl/2013/01/16/securing-edge-post-tmg-world/
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now