How to get over your Microsoft Threat Management Gateway (TMG) obsession

how to get over microsoft tmg blog

Microsoft’s TMG product aka Threat Management Gateway is one of those old services that many businesses keep going as they can’t think of an obvious replacement. Now it is way past end-of-life, even ardent fans need to get a replacement lined up.

When the cloud was young and punky, there was a fast-growing range of security point solutions to help protect business operations and their data. One of those was Microsoft’s Forefront Threat Management Gateway (TMG) 2010 supporting large numbers of Windows 2000-based environments and endless gateway appliances.

It provided an integrated edge security gateway with (EAL4+) certification, providing URL filtering, virus scanning and intrusion detection among others. Acting as an enterprise-class application-layer firewall with support for proxy services, content caching and VPNs, even back then, that was a lot of power with its per-processor license.

Protecting the businesses as users increasingly relied on public resources, it helped secure remote access to Microsoft services like Exchange and SharePoint, with mail protection and VPN support rounding out a compelling offering. No wonder businesses are reluctant to put this powerhouse to bed.

However, Microsoft stopped supporting the product officially in April 2015, with the extended support date passing in April 2020, which means that it will become more vulnerable. This is usually the time when even the most recalcitrant users will consider moving on.

As part of its migration drive, Microsoft is pushing users toward various services with Exchange having a growing roster of its own security features, along with built-in elements in the likes of Azure Security Center, Active Directory and, of course, Microsoft is happy to recommend partner products.

Beyond the TMG universe

As of late last decade, according to Datanyze, TMG was listed as the no. 9 software solution in threat intelligence with a 2.44% market share and over 100 reporting companies using it.

Anyone still using TMG needs to deliver equivalent security from one or a series of products to protect the business. These can be from open source, vendor enterprise-class or other products to provide the various features that TMG covered. Microsoft forums were full of chat over possible workarounds like, “Is Server 2016 WAP a possible TMG replacement?”

Many vendors promote their own solution, naturally, and far be it from us to direct you toward Edgenexus . Our market-leading ADC/load balancers hit the sweet spot of being easy to use without the complexity of some services while offering the professional support you might not find going open source.

EdgeNEXUS’s load balancer and ADC products offer all the features a company needs to replace the defenses provided by TMG, with easy-to-use rule-based implementation and management.

Any business still using TMG really needs to be looking for a replacement with urgency. Anything is better than a badly outdated solution, but load balancers provide many of the required features without creating IT headaches.



About Jay Savoor