| |
 |
|
|
|
|
Published |
: |
February 22, 2009 |
|
Last Updated |
: |
February 22, 2009 |
|
|
|
|
|
Introduction |
In a previous post, I have told
you that
|
|
|
I wanted to cover the installation
of Forefront TMG Beta 2, because I have seen many
administrators are having issues and errors while
installing TMG. This is because there are few things
that you have to take care before proceeding into
installing TMG.
To avoid having any issue while we are
installing Forefront TMG, and before we start, I want to grab your
attention to the following notes :
-
Forefront Threat Management
Gateway is native 64-bit. It can only be installed
on Windows Server 2008 64-bit.
-
One of the most important steps
before installing ISA/TMG, is to configure the network
interfaces settings on the server. please have a look at
this article so that you correctly configure the network
interfaces :
Configuring ISA Server
Interface Settings.
-
TMG BETA 2 server has to be a domain member. Join the TMG
server to a domain before installing Forefront TMG
software. Later on, with future builds of TMG,
Workgroup scenario
will be supported.
Forefront TMG has a hardware &
software requirements, as stated below :
Hardware Requirement:
-
A computer with a 64-bit
processor.
-
Windows Server® 2008 64-bit
operating system. You cannot install Forefront TMG
on 32-bit versions of Windows Server 2008.
-
2 gigabytes (GB) or more of
memory
-
2.5 GB of available hard disk
space. This is exclusive of hard disk space that you
want to use for caching or for temporarily storing
files during malware inspection.
-
One network adapter that is
compatible with the computer's operating system, for
communication with the Internal network.
-
An additional network adapter
for each network connected to the Forefront TMG
computer.
-
One local hard disk partition
that is formatted with the NTFS file system.
Software Prerequisites:
You must install the following programs on your server
before installing TMG
- Windows Powershell Feature
- Message Queuing Server and
Directory Service Integration Feature
Installing TMG Beta 2
- Double click on the setup file
that you have downloaded. On the Welcome screen,
click Next
- Select the path where the extracted files
will be stored, you can either keep the default path
or change it to a custom path by clicking on the
Change... button and browse to
another path. Then click Next
extracting the setup package will start
- Once extracting is completed, the Install Forefront TMG
page will open automatically,
click on Install Forefront TMG
- On the Welcome to the
installation wizard page, click Next
- On the License
Agreement page, accept the terms and click
Next
I just want to grab your attention to a
simple note in the terms:
INSTALLATION AND USE RIGHTS.
· You may install and use any number of copies of
the software on your premises to design, develop and
test your programs for use
with the software.
· You may not test the
software in a live operating environment unless
Microsoft permits you to do so under another
agreement.
- Type your info, and for the
product key it will be automatically filled, as this
is a Beta version. Click Next
- On the Setup Scenarios
page, choose the installation option
- Selecting scenario # 1 :
Install Forefront Threat management Gateway
services
This will install Forefront TMG services
plus its management console and the Configuration
storage server which stores the enterprise
configuration for forefront TMG arrays.
- Selecting scenario # 2 :
Install Forefront Threat Management Gateway
Management only
This will only installs the MMC part of
TMG, so that you can control remote Forefront TMG
servers. This for example can be installed on a
client machine, so that you can remotely connect to
your TMG server using this installed MMC snap-in.
- Selecting scenario # 3 :
Install Enterprise Management Server
This will install both the MMC part
of TMG and the Configuration Storage Server, which
stores the enterprise configuration for TMG arrays
I will be selecting scenario # 1
Install Forefront
Threat management Gateway services , click
Next.
If you want to change the
default installation path, then click on the
Change... and choose your installation
path, if you want to keep the default installation
path, simply click on Next
As you may have
noticed, the concept of Standard Edition
or Enterprise Edition is no more
available with Forefront TMG. There are new
terms that we will have to get used to them , such
as Standalone Server, Array Manager, Standalone
Array, Enterprise Management Server (EMS). You might
find it misleading at the current moment. Don't feel
that, later on we will get used to these terms, and
they will be covered in future articles. To give you
a brief illustration, at the moment I'll be
installing a Standalone Forefront
TMG server.
- On the Internal Network page, we need to
specify the address ranges that we want to include in the Internal Network .
Click on the Add button
To add the Internal Network range, you can either click on Add Adapter,
select the appropriate adapter representing the Internal Network ( in case you
have multiple adapters ), or you can simply click Add Private
and select from a list of predefined address ranges, or click on
Add Range and type the range manually, where you have to specify the
beginning and the ending IP address of the range.
Once you finish from defining the internal network range, click on the
OK button
You will be taken back to the Internal Network page, if you
want to edit the address range click on the Change... button,
else click on Next
- On the Services Warning page, you will be
notified that the following services will be restarted or disabled during
installation as seen in the below screen shot, click Next
- Ok, we are set for the installation, on the Ready
to Install page, click Install
Instantly you will receive a notification alert that if you plan to enable
E-mail policy protection, you must install Exchange Edge Transport role +
Service Pack One for Exchange Server 2007
before installing Forefront TMG, if you do not plan to use the E-mail
policy protection then click on the OK button so that
installation continues, else if you do plan to use the E-mail policy protection,
click on the Cancel button, install Exchange Edge and then run
the Forefront installation again.
Installation will proceed
- When installation completes, you can invoke TMG Management
when the wizard closes by enabling the checkbox available in the below
screenshot. Click on Finish
An html page will pop up after you click the Finish button, listing few
recommendations. Take a moment to read them.
- To open Forefront TMG Management Console, click on
Start > All Programs > Microsoft Forefront TMG,
click on Microsoft Forefront TMG Management
- Forefront TMG management console will open, and we will be
greeted with the
Getting Started Wizard page opened. This wizard is used to
configure or modify basic deployment settings. I believe I will be covering it
in my next article.
For the time being you can ignore this wizard and click on Close.
I did this because I want to show you the left pane multiple new nodes such as
Web Access Policy , E-mail Policy, Intrusion Prevention System , Logs & Reports
and Update Center.
One last reminder, this is a Beta version, do not use it
in a production environment. And if you were hoping to
have a specific feature and found out that it is not
there with this build, don't feel down, a lot of builds
yet to be released and a lot of current features are not
yet 100% polished.
Related Links
Configuring ISA Server
Interface Settings
Download Forefront Threat
Management Gateway Beta 2
Back to top
|
|
|
|
| |
|
|
|
