(Simple high-level step-by-step for the admin that does not require screenshots. The process below is probably useful for building a lab, production deployments would require little more planning.)

Basic Info

TMG is basically an Outbound Proxy.

UAG is basically an Inbound Proxy.

TMG consists of 3 roles:

  • TMG Server (x64)
  • Enterprise Management Server (x64) – i.e. The old Configuration Storage Server (CSS)
  • Management Console (x86/x64)

E-mail protection must be installed separately. It is not installed by default!

High-level Forefront TMG Deployment Steps

  1. Run the Forefront Threat Management Gateway 2010 Capacity Planning Tool
  2. Review workgroup and domain considerations
  3. Review System requirements for Forefront TMG
  4. Install Operating System (Windows Server 2008 R2)
  5. Join Domain (or leave in Workgroup)
  6. Run Windows Update
  7. Activate Windows
  8. Configure NIC’s
    • Private
    • Public
  9. Install Forefront TMG
    • Run Preparation Tool (requires internet access)
    • Restart Computer
    • Run Installation Wizard
  10. Configure TMG
    • Allow Web Access (HTTP/HTTPs)

Install the Microsoft Forefront Threat Management Gateway (TMG) 2010 Management Pack for Operations Manager 2007

  1. Review the Management Pack Guide
  2. Install/Configure MP pre-requisites
    • Enable manual Agent Installation in the Operations Console
    • Create Access Rule in the TMG Management Console
    • Manually install the Agent on the TMG Server
    • Manually apply the latest CU to the Agent on the TMG Server
  3. Import MP