In the next couple of posts, I will explain you how to install Microsoft TMG beta 2 into your network. For the ones who have no idea what Microsoft TMG is… it’s the next version of the Microsoft Internet and Security Acceleration Server, or ISA 2006 in short. For more detailed information on the product itself, have a look at the Microsoft product website :
As a prerequisite, these are the system requirements for a TMG server, of which the important changes to the ISA 2006 version are hightlighted:
PC with a 64-bit processor.
Windows Server 2008 64-bit operating system. Forefront TMG will not install or work on 32-bit versions of Windows Server 2008.
1 gigabyte (GB) of RAM or more is recommended.
150 MB of available hard disk space. This is exclusive of hard disk space that you want to use for caching or for temporarily storing files during malware inspection.
Network adapter that is compatible with the computer's operating system for communication with the internal network; one additional network adapter, modem, or ISDN adapter for each additional network connected to the Forefront TMG computer.
Your Microsoft Windows Server 2008 should have the following components installed and updated as well:
· .net framework 3.5 sp1
· windows powershell
· message queuing directory services
Once these prerequisite steps are behind you, you can continue installing the TMG beta software on the box. Start the setup from the DVD or ISO medium:
Choose Install Forefront TMG
Choose “install forefront Threat Management gateway services”, which installs both the “application” and the management console.
Since I’m installing it on a single box, no Array configuration needs to be stored (Enterprise Edition for failover/load balancing)
Select the Add Range… button
Enter the IP-range of your internal “local area network” IP-segment(s)
This is an interesting remark !! Email security as back on the ISA solution (it was in the ISA 2000 version), but now makes use of the Exchange Server 2007 Edge role. If you should be interested, make sure this component is installed and configured before installing TMG.
!! Remember that this feature requires a separate Exchange 2007 server license + CALs !!
For the moment, I run the setup without the Email security features of Exchange 2007.
Up to this stage, the TMG application files and services are installed on the server. In the next article, I will continue the setup stage, as Microsoft has built a nice Getting Started Wizard for easy initial configuration settings of our security box.
Stay tuned for the next part…
jun 25 2009, 11:04
Peter De Tender