{"id":3745,"date":"2012-12-09T17:10:14","date_gmt":"2012-12-10T01:10:14","guid":{"rendered":"https:\/\/www.zubairalexander.com\/stage\/?p=3745"},"modified":"2012-12-10T16:45:32","modified_gmt":"2012-12-11T00:45:32","slug":"whats-the-difference-between-unified-access-gateway-uag-and-threat-management-gateway-tmg","status":"publish","type":"post","link":"https:\/\/www.zubairalexander.com\/blog\/whats-the-difference-between-unified-access-gateway-uag-and-threat-management-gateway-tmg\/","title":{"rendered":"What&#8217;s the Difference Between Unified Access Gateway (UAG) and Threat Management Gateway (TMG)?"},"content":{"rendered":"<p>There are some major differences between Microsoft Threat Management Gateway (TMG) and Microsoft Unified Access Gateway (UAG). The two products are completely distinct and do not share any code. However, if you install UAG, it will automatically install TMG and if you remove UAG it will automatically uninstall TMG. So they are definitely linked in certain ways. TMG can be installed on Standard, Enterprise or Datacenter editions of Windows Server 2008 SP2 or R2. UAG can be installed on Windows Server 2008 R2 (Standard or Enterprise).<\/p>\n<p>TMG is a software firewall. Unfortunately, it will go away in future as Microsoft doesn\u2019t seem to have any plans for its renewal. However, it will be supported until April 14, 2015 and won\u2019t completely disappear from the scene until April 14, 2020. UAG is also going to be a dead duck. I would love to see Microsoft sell these Forefront products to another company that can turn them into a more useful solution, rather than making them disappear altogether.<\/p>\n<p>The following are some highlights to give you some insight on both these products. This is not a comprehensive list by any means. It&#8217;s just something to help you figure out which product might be the right choice for you.<\/p>\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td width=\"319\" valign=\"top\">\n<p style=\"text-align: center;\"><strong>TMG (Threat Management Gateway)<\/strong><\/p>\n<\/td>\n<td width=\"319\" valign=\"top\">\n<p style=\"text-align: center;\"><strong>UAG (Unified Access   Gateway)<\/strong><\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Replacement for ISA (Internet   Security and Acceleration) Server 2006 that serves as a firewall<\/td>\n<td width=\"319\" valign=\"top\">Replacement for IAG   (Intelligent Application Gateway) that serves as a remote access solution for   applications<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Primarily meant to be a firewall solution   for internal network<\/td>\n<td width=\"319\" valign=\"top\">Does not   offer a firewall solution but installs TMG, which is used as a firewall for   UAG local host (not for internal network) and allows you to only publish SMTP   server<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Supports inbound and outbound access   (firewall or forward proxy)<\/td>\n<td width=\"319\" valign=\"top\">Does not support outbound access<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Supports forward-proxy<\/td>\n<td width=\"319\" valign=\"top\">Does not support forward-proxy<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Supports reverse-proxy<\/td>\n<td width=\"319\" valign=\"top\">Supports reverse-proxy but because of   some limitations TMG is considered a better reverse-proxy solution for   certain situations<strong> <\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Can be used to publish internal   resources to the outside world<\/td>\n<td width=\"319\" valign=\"top\">Better for publishing internal resources   than TMG because it can publish multiple applications on a single IP address   using the UAG portal, which is essentially one URL that gives users access to   all published applications on internal network<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Can be used for VPN connections<\/td>\n<td width=\"319\" valign=\"top\">Can be used for VPN connections<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Supports PPTP and L2TP VPNs<\/td>\n<td width=\"319\" valign=\"top\">Does not support PPTP and L2TP VPNs<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Much simpler to configure than UAG   (keep in mind they serve different purposes), especially if upgrading from   ISA Server 2006 because it may take just a few minutes to configure by simply   exporting ISA Server 2006 configuration and importing it in TMG<\/td>\n<td width=\"319\" valign=\"top\">Complicated to configure than TMG   (keep in mind they serve different purposes) because it can possibly take   months to configure UAG properly<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Does not include an advanced end-point mechanism similar to Network Access   Protection (NAP)<\/td>\n<td width=\"319\" valign=\"top\">Includes an   advanced end-point mechanism which is similar to Network Access Protection   (NAP) where you can control access to your network by setting rules, such as   restricting connections only to clients that have a certain operating system and   anti-virus software installed<\/td>\n<\/tr>\n<tr>\n<td width=\"319\" valign=\"top\">Licensing is per processor<\/td>\n<td width=\"319\" valign=\"top\">Licensing is per   Client Access License (CAL)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>For more information check out this article on <a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/ee522953.aspx\">TechNet<\/a>.<\/p>\n<hr \/>\n<p><span style=\"font-size: xx-small; font-family: Verdana;\">Copyright \u00a92012 Zubair Alexander. All rights reserved.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There are some major differences between Microsoft Threat Management Gateway (TMG) and Microsoft Unified Access Gateway (UAG). The two products are completely distinct and do not share any code. However, if you install UAG, it will automatically install TMG and if you remove UAG it will automatically uninstall TMG. So they are definitely linked in [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[43,24,30],"tags":[],"class_list":["post-3745","post","type-post","status-publish","format-standard","hentry","category-articles","category-security","category-longhorn-server"],"aioseo_notices":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts\/3745","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/comments?post=3745"}],"version-history":[{"count":0,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts\/3745\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/media?parent=3745"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/categories?post=3745"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/tags?post=3745"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}