Story image

Replacing Microsoft’s TMG brings opportunities for NZ resellers

23 Feb 15

End of mainstream support for Microsoft’s Forefront Threat Management Gateway presents great opportunities for resellers, says Scott Cowen, Fortinet New Zealand and Pacific Islands channel director.

April 2015. Mark it on your calendar. That is when Microsoft will discontinue mainstream support for their Forefront Threat Management Gateway (TMG) solution. While an inconvenience for your clients, it is a great opportunity for you, the reseller, to replace all of the functionality of TMG and upgrade their application and network protection services with advanced security capabilities. 

When Microsoft released TMG 2010 in 2009, it was the culmination of more than 10 years development, starting with Microsoft Proxy Server (Catapult) in 1999. 

TMG bundled a suite of security services including firewall, antivirus, anti-malware, intrusion protection (IPS) and virtual private network (VPN) support. At the time it was an advanced security solution and optimised to work within the Microsoft environment, especially with 

Exchange, SharePoint, Lync, Outlook Web Access (OWA) and other Microsoft application services. 

However, time and technology marches on. 

While TMG was an acceptable secure gateway, many network managers morphed TMG into a tool for publishing applications onto the internet in a secure manner. TMG’s capabilities for single-sign on (SSO), authentication management and Layer 7 load balancing made deploying applications across the corporate LAN and beyond the firewall relatively easy for administrators and convenient for users. 

As a result, network managers have come to rely on TMG for specific web-based application services that are essential for securing today’s mobile workforce. But, unfortunately, TMG’s role as a secure, ‘universal threat management’ (UTM) gateway has been superseded as the threat landscape has evolved. 

So network managers are faced with a dilemma. They need to replicate the secure application publishing capabilities of TMG while upgrading the limited UTM capabilities of the Forefront TMG gateway itself.

Two replacement options 

There are two strategies your clients can adopt as they transition from TMG, and it depends on whether they have already replaced the UTM gateway functions of TMG or still rely on TMG for both UTM capabilities as well as secure application publishing. 

If they have upgraded their gateway, it is simply a matter of deploying a dedicated web application firewall (WAF). There are many solutions on the market with varying levels of WAF protection. These point solutions can provide a seamless transition and provide continuity as network managers publish Exchange, SharePoint, Lync and OWA for secure external access.

If they still rely on TMG as their UTM gateway, they will be perfectly positioned to combine advanced UTM and WAF capabilities with a single appliance. In addition, many of today’s UTM/WAF appliances are optimised to support up-and-coming applications such as BYOD and secure Wi-Fi.

So, while inconvenient, Microsoft’s decision to discontinue support for TMG is an opportunity: An opportunity for your clients to harden security across their entire operation and an opportunity for you to provide end-to-end, advanced threat protection in a scalable, integrated and extendable security-centric environment.  

Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.