Forefront Threat Management Gateway (TMG) has been released for a while now and you might be considering upgrading your current ISA 2004 or ISA 2006 server to TMG.
TMG MBE builds on top of existing ISA Server functionality and delivers a 64-bit Windows Server 2008 compatible product with new protection capabilities, including optional Web antimalware, as well as enhancements to the UI, management, and reporting. TMG plays a critical role in the overall Forefront vision of providing protection across client, server, and edge.
The key thing to pick up from that quote as it relates to this article is “64-bit Windows Server 2008 compatible”. Since it is 64-bit there are no upgrade paths available. Thankfully there is a great migration path. Step one of the migration path is to export our network configuration and we can do this with the Netsh command:
netsh –c interface dump > C:\ISA_Net_Config.txt
Exporting the network configuration will make it easier to ensure the network configuration on the new TMG server will be the same. The next step is to export the current ISA Server configuration. Open up the ISA Management Console and select the ISA server. Right click and choose Export (Back Up) to launch the Export Wizard.
Click Next to start the wizard
Select both checkboxes and enter a password to encrypt the confidential information.
Next specify a path to save the export file (XML) to.
Once the process is finished the settings will be exported into an XML file and be ready for importing.
You are now ready install Windows 2008 64-bit (or R2) and Forefront TMG 2010.
- Exported network configuration – in our example it was saved as ISA_Net_Config.txt
- Exported ISA configuration – in our example it was saved as export.xml
The first step is to import the network configuration. Before I do this one thing I’ll do is rename all the network adapters on the new server to match the old server. With that done we can import the ISA_Net_Config.txt with the following command:
netsh –f C:\ISA_Net_Config.txt
Once that process completes open the TMG Management Console, select the server and right-click. Select Import (Restore) to start the Import Wizard.
Once the Import Wizard has opened up click Next to start the process.
Enter or browse to the path where the file (export.xml) is located.
Enter the password you used to encrypt the confidential information.
Click Next and then click Finish to import your configuration. TMG will convert any settings it needs to so that they are applicable to the TMG server.
Once complete you will need to apply the changes. Simply click Apply and wait for the changes to be applied.
You can download trials of Windows Server 2008 R2 and Forefront Threat Management Gateway 2010 at these locations:
No comments:
Post a Comment