Threat Management Gateway (TMG 2010) replacement and Microsoft Exchange

SamT 6 Reputation points
2021-01-03T05:38:10.017+00:00

Hello,

Not sure where else to ask this and this seems like the appropriate place.

We would like to replace our ForeFront Threat Management Gateway with a supported firewall with similar capabilities as TMG. Criteria is a follows:

  • Primary inbound application is Exchange 2019 (ActiveSync, Outlook Anywhere, OWA) and Skype for Business
  • Looking for something that is easy to administer and preferably inexpensive
  • This is for a very small office
  • Preferable solution would be on-premises and inexpensive or free.

Thanks

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,682 questions
{count} votes

2 answers

Sort by: Most helpful
  1. JoyDutt 826 Reputation points
    2021-01-03T14:02:29.637+00:00

    Hi @SamT

    As you seem to be small office and wish less expensive option + your major products are MS Products - You can explore -- Azure Security Center (Most economical) -- -Works for both on Prem and Cloud
    This should be suitable for your environment. https://azure.microsoft.com/en-gb/pricing/details/security-center/

    Other Options (but adding some more IT OPEX)

    • watchguard
    • f5 Secure Web Gw
    • Zscaler
    • Sophos (expensive)

    ==

    (If this reply was helpful please don't forget to upvote and/or accept as an answer, Thank You)

    Regards,
    J.D.

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees, and confers no rights.

    0 comments No comments

  2. Jon Alfred Smith 541 Reputation points
    2021-01-03T15:04:12.46+00:00

    I have never done this with Exchange on-premises, but with several other local services and applications. Anyhow, my first choice would have been to look into Azure AD Application Proxy. You don't need to open any ports from the outside. The communication is handled by listening agents running inside. Another advantage is that this a step into the cloud. It might provide Azure AD Conditional Access and Hybrid Modern Authentication.

    Securing & using SSO for OWA & ECP with the Azure App Proxy
    https://www.patrickvanbemmelen.nl/securing-using-sso-for-owa-ecp-with-the-azure-app-proxy/

    How to secure Exchange 2016 with Azure AD – Part 1 – Authenticating OWA with Kerberos
    https://mikeparker365.co.uk/2018/09/17/how-to-secure-exchange-2016-with-azure-ad-part-1-authenticating-owa-with-kerberos/

    How to secure Exchange 2016 with Azure AD – Part 2 – Hybrid Modern Authentication
    https://mikeparker365.co.uk/2018/09/19/how-to-secure-exchange-2016-with-azure-ad-part-2-hybrid-modern-authentication/

    How to secure Exchange 2016 with Azure AD – Part 3 – Azure Application Proxy
    https://mikeparker365.co.uk/2018/09/25/how-to-secure-exchange-2016-with-azure-ad-part-3-azure-application-proxy/

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.