The TMG reporting interface sees a modest redesign and the latest SP1 update brings in user activity reports so you can see what individuals have been up to and those that have used the rule override option. The reports can be very detailed and can be used to view traffic patterns, cache, protocol and application usage plus security alerts.
Basic real time monitoring is provided but we found it really annoying that no report on the current activity could be raised until the following day. TMG still uses the Dailysum utility from ISA Server which can only query the reporting database once a day.
Email security can begin once you've typed your Exchange servers and mail domains in to TMG and wizards are provided to create basic policies. This component snaps neatly into the TMG console and assigns SCL (spam confidence level) scores to suspect email.
Based on their SCL score, spam messages can be deleted, rejected or quarantined but no options are provided for tagging subjects and letting them through. TMG provides tough anti-virus measures as it uses scanning engines from Kaspersky, Authentium, Norman, VirusBuster and Microsoft.
Forefront TMG 2010 is a vast improvement over ISA Server as it provides a wealth of new features including web filtering, anti-malware, anti-virus and HTTPS inspection. Existing users of ISA Server would do well to upgrade but the change to a 64-bit operating system means they must do a clean install and migrate their settings to TMG.
The Celestix MSA 3200i looks a much more sensible choice as it has everything preinstalled and ready to run. It's also unlikely you'd save much cash by doing it yourself as you'll need to factor in TMG licensing costs plus the dedicated server hardware and underlying Server 2008 64-bit OS and, of course, your valuable time.
Verdict
It makes sense for existing users of ISA Server to move up to Forefront TMG 2010 as it has a wealth of new security measures. Our main issues are that TMG’s optional messaging security only supports Exchange and the separately licensed web filtering and anti-virus features will push the price up. Even so, the MSA 3200i takes all the hard work out of deploying TMG and will probably work out better value than trying to do it all yourself.
Chassis: 1U rack Processor: Intel Core 2 Duo Memory: 4GB DDR2 RAM Network: 6 x Gigabit Ethernet Storage: 1 x 320GB SATA hard disk Ports: VGA, 2 x USB2 Software: Windows Server 2008 Standard 64-bit, Microsoft Forefront TMG 2010 and Celestix Comet preloaded Options: Annual support from Wick Hill, from £419 ex VAT
Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.
Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.