cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
316
Views
3
Helpful
3
Replies

FTDv\FMCv to replace MS ForeFront TMG

sSiDiUSs
Level 1
Level 1

Good day team!

I was wondering, could FTD\FMC completely replace MS TMG2010...

What is interesting, is that TMG has Forms Based Authentication Templates to publish OWA.

I cannot find similar feature in FTDv\FMCv
or, may be I am looking for wrong Cisco product?

1 Accepted Solution

Accepted Solutions

As already mentioned, FTD is not a reverse-proxy. From a Security standpoint you could decrypt the traffic and inspect it with IPS. What I would prefer is to put a device like a KEMP Loadmaster into a DMZ and proxy the traffic from there to the Exchange server. But your mileage may vary.

View solution in original post

3 Replies 3

Forefront Threat Management Gateway (TMG) 2010 has reached end-of-life and there is no direct replacement from Microsoft. FMC built-in authentication mechanisms like Active Directory integration, LDAP, and RADIUS. While not identical to FBA templates, they might offer sufficient functionality for your OWA needs.FMC offers a powerful and comprehensive security platform.Cisco FTD and FMC do not have built-in Forms-Based Authentication (FBA) templates for publishing applications like OWA directly. Instead, Cisco's focus is more on threat defense and network security rather than application publishing with FBA.

FMC are not direct replacements for TMG 2010, especially when considering specific features like Forms-Based Authentication for publishing OWA. You might need to look at other Cisco products or third-party solutions that are better suited for application publishing and reverse proxy with FBA.

 

 

please do not forget to rate.

sSiDiUSs
Level 1
Level 1

Thank you for your reply!
So, there no custom web form in FTD\FMC to chage default web for to company customized...petty

Just can't find what product can do this)
don't wanna to keep TMG for FBA)

As already mentioned, FTD is not a reverse-proxy. From a Security standpoint you could decrypt the traffic and inspect it with IPS. What I would prefer is to put a device like a KEMP Loadmaster into a DMZ and proxy the traffic from there to the Exchange server. But your mileage may vary.

Review Cisco Networking for a $25 gift card