Story image

Replacing Microsoft’s TMG brings opportunities for NZ resellers

23 Feb 15

End of mainstream support for Microsoft’s Forefront Threat Management Gateway presents great opportunities for resellers, says Scott Cowen, Fortinet New Zealand and Pacific Islands channel director.

April 2015. Mark it on your calendar. That is when Microsoft will discontinue mainstream support for their Forefront Threat Management Gateway (TMG) solution. While an inconvenience for your clients, it is a great opportunity for you, the reseller, to replace all of the functionality of TMG and upgrade their application and network protection services with advanced security capabilities. 

When Microsoft released TMG 2010 in 2009, it was the culmination of more than 10 years development, starting with Microsoft Proxy Server (Catapult) in 1999. 

TMG bundled a suite of security services including firewall, antivirus, anti-malware, intrusion protection (IPS) and virtual private network (VPN) support. At the time it was an advanced security solution and optimised to work within the Microsoft environment, especially with 

Exchange, SharePoint, Lync, Outlook Web Access (OWA) and other Microsoft application services. 

However, time and technology marches on. 

While TMG was an acceptable secure gateway, many network managers morphed TMG into a tool for publishing applications onto the internet in a secure manner. TMG’s capabilities for single-sign on (SSO), authentication management and Layer 7 load balancing made deploying applications across the corporate LAN and beyond the firewall relatively easy for administrators and convenient for users. 

As a result, network managers have come to rely on TMG for specific web-based application services that are essential for securing today’s mobile workforce. But, unfortunately, TMG’s role as a secure, ‘universal threat management’ (UTM) gateway has been superseded as the threat landscape has evolved. 

So network managers are faced with a dilemma. They need to replicate the secure application publishing capabilities of TMG while upgrading the limited UTM capabilities of the Forefront TMG gateway itself.

Two replacement options 

There are two strategies your clients can adopt as they transition from TMG, and it depends on whether they have already replaced the UTM gateway functions of TMG or still rely on TMG for both UTM capabilities as well as secure application publishing. 

If they have upgraded their gateway, it is simply a matter of deploying a dedicated web application firewall (WAF). There are many solutions on the market with varying levels of WAF protection. These point solutions can provide a seamless transition and provide continuity as network managers publish Exchange, SharePoint, Lync and OWA for secure external access.

If they still rely on TMG as their UTM gateway, they will be perfectly positioned to combine advanced UTM and WAF capabilities with a single appliance. In addition, many of today’s UTM/WAF appliances are optimised to support up-and-coming applications such as BYOD and secure Wi-Fi.

So, while inconvenient, Microsoft’s decision to discontinue support for TMG is an opportunity: An opportunity for your clients to harden security across their entire operation and an opportunity for you to provide end-to-end, advanced threat protection in a scalable, integrated and extendable security-centric environment.  

Company-X celebrates ranking on Deloitte's Fast 500 Asia Pacific
Hamilton-based software firm Company-X has landed a spot on Deloitte Technology’s Fast 500 Asia Pacific 2018 ranking - for the second year in a row.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Why the future of IT infrastructure is always on and always available
As more organisations embrace digital business, infrastructure and operations leaders will need to evolve their strategies and skills to keep up.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
IDC: Tablets stay dead, notebooks keep head above water
An IDC report predicts a soft personal PC market, slipping into further decline with the exception of notebooks, gaming PCs, and business PC upgrades.
The 2018 Canalys APAC Channels Forum keynote
There was a lot to unpack at the Canalys APAC Channels Forum keynote. This long-form piece tries to cover all the most relevant points for A/NZ.