Solved

TMG Migration to F5

Posted on 2013-11-06
1
2,534 Views
Last Modified: 2013-11-22
we are migrating our TMG infrastructure to F5. since F5 is still a bit new for us, i am tryin to collect as much info as i can:
does anyone have experience i that? are there any recommendations and best practices how to follow up? thx for help,
0
Comment
Question by:DukewillNukem
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39630106
TMG typically can be deployed for forward proxy having filter traffic going into the internet while F5 is normally a reverse proxy to balance and filter the internal server(s). Having said that, it is still possible for F5 (primarily LTM) to serves as forward proxy too, but need to check TMG rule of filtering and have it implemented in F5. IRule from F5 is the last resort if there is drilled down based on HTTP header or application content inspection etc. F5 has ASM too that is HTTP aware and acts as web application FW that is a good complement to F5 LTM...In short, the important thing is to ensure rules from TMg can be maintained w/o iRule where possible to maximise the buy and gain higher security protection with flexibility to add in modules such as ASM (web security checks) or APM (user access control)

There are quite a couple of collaterals to drill into but do consult the F5 principle and definitely this is not a new thing ...but maybe the below can kickstart some ideas

Overview - Securing MS appls
http://www.f5.com/pdf/white-papers/microsoft-threat-management-gateway-alternatives-white-paper.pdf

TMG2F5 Series: Publishing Microsoft Exchange Using F5
https://devcentral.f5.com/articles/tmg2f5-series-publishing-microsoft-exchange-using-f5

TMG2F5 Series: BIG-IP LTM as the Lync Reverse Proxy
https://devcentral.f5.com/articles/tmg2f5-series-big-ip-ltm-as-the-lync-reverse-proxy

Actually F5 also load balance TMG
http://www.f5.com/pdf/deployment-guides/microsoft-forefront-tmg-dg.pdf

However, if you still open to alternative as a whole...catch this
https://www.winsec.nl/2013/01/16/securing-edge-post-tmg-world/
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Single domain/site being blocked.... but why and where? 10 63
Looking for a web usage history tracking tool. (budget) 3 87
Cisco USB Device Setup 8 66
ASA 5506-X 7 71
Forefront is the brand name for Microsoft's major security product. Forefront covers a number of specific security areas and has 'swallowed' a number of applications under this umbrella including Antigen, ISA Server, the Integrated Access Gateway (t…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now