locked
Total amount of TMG F/W policy RRS feed

  • Question

  • Hi, all,

    I met a customer to plan TMG. For some reason, they might need to add about 800 more policies in TMG to control each user HTTP/HTTPS browse traffic.

    I know more F/W policy will effect perfermance of TMG. But is there any suggestion about limitation of amount of F/W policy?


    邁格行動 技術顧問 George 小顧 部落格: http://www.magg.com.tw/blog/
    Tuesday, September 14, 2010 10:17 AM

Answers

  • Hi,

     

    Thank you for the post.

     

    As far as I know, there is no limitation of amount of  F/W policy. But the order of the rules affects not only the effective policy for your organization, but the efficiency with the rules are evaluated. For more information, please refer to:  http://technet.microsoft.com/en-us/library/cc302539.aspx

     

    Regards,


    Nick Gu - MSFT
    Wednesday, September 15, 2010 9:04 AM
    Moderator

All replies

  • Never seen anything about limits like this; I believe firewall processing should be fine, but you may find amending rules and applying changes will be quite slow via the GUI...

    Do they really need that level of granularity? Can they not use groups or something?

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Tuesday, September 14, 2010 9:25 PM
  • I already suggest them to use Ad groups, not directly Ad users.

    But they still want to know if they really decide to implement such amount of F/W policies, how the TMG perfermance will impect.

    Thanks for your reply.


    邁格行動 技術顧問 George 小顧 部落格: http://www.magg.com.tw/blog/
    Wednesday, September 15, 2010 12:55 AM
  • Hi,

     

    Thank you for the post.

     

    As far as I know, there is no limitation of amount of  F/W policy. But the order of the rules affects not only the effective policy for your organization, but the efficiency with the rules are evaluated. For more information, please refer to:  http://technet.microsoft.com/en-us/library/cc302539.aspx

     

    Regards,


    Nick Gu - MSFT
    Wednesday, September 15, 2010 9:04 AM
    Moderator