[isapros] Re: TMG - Separate Forest?
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Mon, 12 May 2008 09:26:56 -0500
Hi Jason,
I agree. I think that's warmed over offal from a previous version of the
ISA docs. Hoping that they will expunge it in the TMG docs in the
future.
I've been running the EBS version of the TMG since last December. Let's
just say there's a reason why I make it a point to tell people that they
shouldn't make any judgements about the product yet, and that it's a
work very early in development. :)
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
<http://blogs.isaserver.org/shinder/>
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- Microsoft Firewalls (ISA)
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Jason Jones
Sent: Monday, May 12, 2008 3:13 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] TMG - Separate Forest?
Just noticed this in the current TMG documentation...disappointed this
old school approach is still recommended L
"At the edge, you can install Forefront TMG as a domain member or in
workgroup mode. As a domain member, we recommend that you install
Forefront TMG in a separate forest (rather than in the internal forest
of your corporate network), with a one-way trust to the corporate
forest. This may help the internal forest from being compromised, even
if an attack is mounted on the forest of the Forefront TMG computer.
There are some limitations with this deployment. For example, you can
configure client certificate authentication only for users defined in
the Forefront TMG domain, and not for users in the corporate internal
domain or forest."
You guys spent much time looking at TMG yet?
JJ
________________________________
This email and any files transmitted with it are confidential and
intended solely for the use of the individual to whom it is addressed.
If you have received this email in error, or if you believe this email
is unsolicited and wish to be removed from any future mailings, please
contact our Support Desk immediately on 01202 360360 or email
helpdesk@xxxxxxxxxxxxxxxxx
If this email contains a quotation then unless otherwise stated it is
valid for 7 days and offered subject to Silversands Professional
Services Terms and Conditions, a copy of which is available on request.
Any pricing information, design information or information concerning
specific Silversands' staff contained in this email is considered
confidential or of commercial interest and exempt from the Freedom of
Information Act 2000.
Any view or opinions presented are solely those of the author and do not
necessarily represent those of Silversands
Silversands Limited, 3 Albany Park, Cabot Lane, Poole, BH17 7BX.
Company Registration Number : 2141393.
Other related posts:
