Essential Business Server and removing/disabling TMG

Discussion in 'Windows Small Business Server' started by Freaky, Dec 28, 2009.

  1. Freaky

    Freaky Guest

    Hi there,

    whilst I was on vacation my collegues did our first EBS install.
    According to them it's not possible to disable or remove the TMG server.

    Is this true? We use UTM appliances and therefore have no use for TMG.
    It just clutters the setup.

    Kind regards
     
    Freaky, Dec 28, 2009
    #1
    1. Advertisements

  2. TMG is an integral part of EBS and is installed on the Security or Edge
    server. You can set the rules for it to be minimally invasive, but removing
    it isn't an option.
     
    Charlie Russel - MVP, Dec 28, 2009
    #2
    1. Advertisements

  3. Hello Freaky,

    First, I want to point out that MS has an EBS newsgroup for EBS questions
    that you will probably want to add to your resources if you will be
    installing EBS regularly, as it sounds like you will be.

    Secondly, TMG is just one part of the larger security server installation in
    EBS. All three servers (management, messaging, and security) are required
    in EBS so TMG is indeed a part of that installation. With that said,
    however, EBS was designed to be very flexible. You can certainly deploy EBS
    behind UTM devices without a problem. The security server still fulfills
    other non-TMG aspects that still make EBS more efficient, such as splitting
    the exchange roles out as exchange 2007 was designed to do....just as an
    example.

    Here is a good article about deploying EBS behind existing hardware
    firewalls and explains a little about the EBS security settings and how they
    can be reduced and made more permissive (assuming the edge UTM is handling
    the firewall duties) but still keep the other aspects of the security server
    in play.

    http://blogs.technet.com/essentialb...all-in-windows-essential-business-server.aspx

    -Cliff
     
    Cliff Galiher, Dec 28, 2009
    #3
  4. Freaky

    Freaky Guest

    Thanks for the re's. I'll be digging into it and have a look at the
    other newsgroup.
     
    Freaky, Dec 29, 2009
    #4
  5. Freaky

    Freaky Guest

    Hi,

    mind telling me what newsgroup that is? Can't seem to find it on this
    server.

    Have reset all the firewall rules to default and can internet fine. Set
    the security level to medium-high, if I have to use it it might as well
    do something.

    Then disabled NAT, so it just does routing, much easier. All traffic,
    except HTTP, seems to come from normal client. I suspect HTTP gets some
    kind of proxy treatment as it appears to come from the TMG.

    Anyways have issues with mail going out. It seems that the exchange
    server has issues delivering it to the edge server as it remains in
    queue on the exchange server and never shows up on the edge server.

    Recipient filtering isn't working either. It's turned on, but if I
    telnet to the edge server and give

    rcpt to:

    It happily accepts. Relaying is disabled, is
    rejected with relaying denied, so that works ok.

    Any suggestions?

    Kind regards
     
    Freaky, Dec 29, 2009
    #5
  6. MS currently seems to be embracing the trend of private newsgroups to help
    reduce spam. So it isn't a usenet group. Go to connect.microsoft.com and
    you can sign up for the EBS newsgroup. The website also has instructions on
    how to access the newsgroup from an NNTP client.

    -Cliff
     
    Cliff Galiher, Dec 29, 2009
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.