locked
TMG Edge and FPE on same box RRS feed

  • Question

  • Hi,

    So there is this new Secure Mail Relay solution from MS by installing TMG, Edge and FPE on same box.
    What if I want TMG to be in the domain?
    From what I understand, its completely configurable to have TMG & Edge in the domain (as I have done this) - but it is simply not recommended.

    Correct?

    So if you do not want Edge in the domain, but you want all the TMG & FPE features...you have to install all 3 components on the same box...which means I may land up with a TMG server in the workgorup (TMG, Edge & FPE) and then another TMG server as a domain member for publishing and access rules.

    Any comments?

    Thanks,
    T
    Wednesday, February 10, 2010 2:16 PM

Answers

  • Hi,

     

    Thank you for the post.

     

    When TMG, FPE and Edge on the same server, you will get benefit for e-mail protection.  And you should refer to the following recommended order of installing:

    1. Exchange Edge Transport

    2. Forefront Protection for Exchange

    3. TMG

     

    For more information, please refer to this article:

    http://technet.microsoft.com/nl-nl/library/ee207141(en-us).aspx

     

    Regards,


    Nick Gu - MSFT
    Monday, March 8, 2010 7:51 AM
    Moderator

All replies

  • Hi,

    it's no problem if TMG is member of the domain, this is a recommended installation. Due to the server is in the domain the Exchange Edge will be in the domain too. This is a supported configuration. And I see no problems in doing this.

    If you don't wan't to have the exchange edge in the domain you have to install TMG in a workgroup.

    At all I would recommend to install TMG in a domain. It doesn't matter if Exchange Edge is in the domain too.

    Greetings

    Christian
    Christian Groebner MVP Forefront
    Thursday, February 11, 2010 7:38 AM
  • Thanks,

    So what would I lose if I DO NOT run TMG, FPE and Edge on the same physical box?

    Also, there seems to be varied views on the 2 topics:
    - MS recommends that Edge not be part of the domain
    - TMG can be either, but a lot of the people (Shinder, Riley) etc discuss extensive domain membership benefits for TMG

    So now we have TMG and Edge on same box...domain it or not? That is the question ;-)

    Regards,
    T
    Monday, February 15, 2010 5:06 PM
  • Hi,

     

    Thank you for the post.

     

    When TMG, FPE and Edge on the same server, you will get benefit for e-mail protection.  And you should refer to the following recommended order of installing:

    1. Exchange Edge Transport

    2. Forefront Protection for Exchange

    3. TMG

     

    For more information, please refer to this article:

    http://technet.microsoft.com/nl-nl/library/ee207141(en-us).aspx

     

    Regards,


    Nick Gu - MSFT
    Monday, March 8, 2010 7:51 AM
    Moderator