What Microsoft TMG services can a FortiGate replace?
Are you currently using Microsoft’s TMG (Threat Management Gateway) server for your network security needs? If so, you may be wondering what your options are now that TMG has reached end-of-life.
In this blog post from BALANCED+, we’ll explore how FortiGate appliances can be used to replace many of the services that TMG previously provided. From web proxy and terminal services to web access and Sharepoint publishing, the FortiGate offers a range of features to help you maintain your network security and protect your users from online threats. So let’s dive in and learn more about how the FortiGate can help you secure your network!
Replacing TMG with FortiGate: A Comprehensive Breakdown of Capabilities
Web Proxy and Single Sign-On
TMG is often used to proxy client connections to the internet. A FortiGate appliance can do the same thing, and includes the ability to have Single-Sign-On for the clients. An FSSO agent gets installed on a Windows server that provides the Fortigate with authentication information.
Terminal Services and Terminal Server Agent
If you have Terminal Services such as Microsoft or Citrix, the user doesn’t have an IP address, so this gets a little more interesting. There is a Terminal Server Agent that assists with identifying the user of the terminal services, and correctly controlling the internet traffic to/from that terminal user.
Web Access and Sharepoint Publishing
TMG was also used for Outlook Web Access and Sharepoint publishing. The FortiGate appliances can indeed provide these services as well. The Fortigate provides the translation of Public IP addresses, and certificate exchanges. The FortiGate then scans for attacks using IPS, scans for viruses, checks pathways, and monitors the protocols to make sure nothing sneaks through. The FortiGate can also block upon failed logins, or other attempted breaches. It can also do some basic load sharing across multiple application servers.
VPN Services and Firewall Capabilities
TMG is sometimes used to provide VPN services, which of course, FortiGates do very well. TMG sometimes is also used as a firewall, which again is handled by the Fortigates.
FortiGate appliances have the ability to control the applications that users are trying to access. For example, you can create policies which allow or deny access to web applications such as Facebook. The FortGates have granular controls, so that you could allow your users to view Facebook, but denying the ability to post to Facebook.
If you also have Lync in use, the FortiGate appliances can have a couple of extra settings enabled to allow the SIP and additional protocols used within Lync for communications. As always, the FortiGate is inspecting for attacks and viruses.
If you’re currently using Microsoft’s TMG server for your network security needs and wondering what to do now that it has reached end-of-life, FortiGate appliances can provide an excellent alternative with a wide range of features and capabilities. From web proxy and application control to VPN services and firewall capabilities, FortiGate appliances can do it all.
If you’re interested in learning more or need assistance with FortiGate implementation, BALANCED+ is a partner of Fortinet and can help guide you through the process. Don’t wait until it’s too late – contact BALANCED+ today to start securing your network with FortiGate appliances.