As Forefront TMG Beta 2 starts to really make its rounds, we hear from many of the community: “What about virtualization? Will TMG be virtualization ready? Can we run as a VHD now? Can TMG be used as a virtual security solution in my data center?” My answer to all of those questions: “You bet it can!” We specifically knew the trends of our customers, data center consolidation and also branch office deployments are looking at virtualization as not only a cost savings for their environments, but also a step towards what we call dynamic computing. TMG is not only tested to be run in a virtual environment, but we believe it is an optimum solution for IT professionals and architects looking to provide a defense in depth solution in their virtual environments where the threats are unknown and the workloads dynamic.
What makes using TMG in dynamic environments so compelling is that you can very easily deploy your protection workload dynamically as the load increases or your workforce shifts to various geographical locations. In addition, workload redundancy becomes simple with the ability to add an additional instance of a workload while you perform maintenance or changes to your environment. Last, but not least, it provides very flexible deployments of different roles with the same base configuration. We internally have found enormous benefits in using virtualization not only for our demonstrations and testing, but also for providing a very dynamic environment for taking snapshots of configurations and analyzing them for the best possible solutions. You can expect to see more details and information as we get closer to release of TMG, but to get you started, we do have a number of considerations and best practices available now that can be applied to both ISA and TMG beta deployments: http://technet.microsoft.com/en-us/library/cc891502.aspx.
We look forward to your feedback and hearing how you plan to deploy or use virtualization in your environments.
David B. Cross
Product Unit Manager
Über die Virtualisierung von Forefront Threat Management Gateway (TMG) ist schon einiges geschrieben