Most of our customers using Microsoft ISA server are probably aware by now that Microsoft have released the new version of ISA server, which is now re-branded as Microsoft Forefront Threat Management Gateway (TMG). In addition to this, Microsoft has also re-branded its Internet Access Gateway (IAG) to Unified Access Gateway (UAG).
If you’re confused, Derek Seaman has a great blog post that clears up some of the confusion around ISA/TMG/IAG/UAG at http://derek858.blogspot.com/2009/05/isa-vs-tmg-vs-iag-vs-uag-are-you.html
TMG or UAG? What is the difference?
TMG is an outgoing proxy that protects your internal users from malware, viruses and the like. TMG generates some great web proxy log files to import into WebSpy Vantage allowing you to monitor where your users are going on the Internet, how much they’re downloading etc. TMG, unlike ISA, now has deep packet inspection for HTTPS traffic, plus a bunch of other new features.
UAG is an incoming proxy that provides employees, partners and vendors secure remote access to corporate resources such as Outlook Web Access (OWA) and Sharepoint (MOSS). It utilizes the TMG engine, but this is mainly just to protect the UAG server (more on this topic here http://technet.microsoft.com/en-us/library/ee522953.aspx).
TMG can also publish your OWA and MOSS sites, but this is no longer recommended by Microsoft. They recommend using a dedicated UAG server to perform this function.
Upgrading to TMG
If you’re thinking about migrating your ISA server (2004 or 2006) to TMG, you may like to check out this migration guidance video with Mohit Saxena (Senior Technical Lead) and Jim Harrison (Program Manager). http://edge.technet.com/Media/ISA-to-TMG-Migration-Guidance/
Reporting on TMG
If you’re using TMG at the moment, we invite you to analyze your web proxy and/or firewall logs using WebSpy Vantage and tell us what you think! Download your copy of WebSpy Vantage here, and import your logs using the Microsoft FTMG format: