Microsoft Planning TMG and UAG Updates for Exchange 2013

Microsoft is working on issuing future update releases for its Forefront Threat Management Gateway (TMG) and Unified Access Gateway (UAG) products, mostly to help with publishing Exchange 2013.

Currently, it's not practical to use UAG to publish Exchange 2013, according to this Exchange team blog post by Greg Taylor, a principal program manager for the Exchange customer experience. Doing so requires that some of UAG's security features be disabled, he noted. The issue is tied to Microsoft's Outlook Web Apps (OWAs), which were rewritten to work with Exchange 2013, causing confusion for UAG. Taylor advises UAG users to just wait for the forthcoming update, which will add support for Exchange 2013.

It's not clear when those UAG and TMG updates will be available. While Microsoft is planning a "general availability" release of Exchange 2013 in the first quarter of next year, the product has been available earlier this month to Microsoft's volume licensing customers, as well as its TechNet and MSDN subscribers. So those early adopters may be all ready to go with Exchange 2013, but they'll face a bit of a snag with enabling remote e-mail access.

Exchange 2013 presently lacks its own publishing wizard and UAG can't be used. TMG can be used to publish Exchange 2013, but it involves making a few new settings changes compared with publishing Exchange 2010. The details on how to configure TMG to publish Exchange 2013 are described by Taylor in the blog post. For instance, the logoff parameter has changed and the delegation priorities for Outlook Web App authentication need to be modified.

Update for a Dying Product
Updating TMG to publish Exchange 2013 or tweaking it with a workaround may seem a bit odd as Microsoft plans to end the sales of its Forefront Threat Management Gateway 2010 products on Dec. 1, 2012, along with four other Forefront enterprise security products. In contrast, Microsoft plans to continue sales of its Forefront Unified Access Gateway 2010 SP2 and Forefront Identity Manager 2010 R2 products. TMG may not be a widely used product, but organizations may have it because it sometimes comes with licensing agreements, according to Rick Holland, a senior analyst at Forrester Research.

TMG 2010 will last almost eight more years, with extended support for the product ending on April 14, 2020. Still, UAG, a product that Microsoft will continue to sell, has some drawbacks as a replacement for TMG, according to Microsoft Exchange MVP Tony Redmond.

"It might be natural to suppose that Microsoft's Unified Access Gateway (UAG) might replace TMG, but that's not really the case," Redmond wrote in a September blog post. "First, UAG is more expensive than TMG. Depending on Microsoft pricing in the country where you reside, UAG might be twice as expensive as TMG, so the sheer cost of a transition will be painful. Second, TMG works with some Microsoft products to cover common scenarios very well. Exchange is one of these applications, and there are some functionality gaps that UAG will have to cover before it can be considered to be an adequate replacement. For example, two-factor authentication for ActiveSync devices or certificate-based authentication for OWA."

Redmond notes that some third-party vendors, such as Kemp with its LoadMaster product, are already stepping up to the plate to address Microsoft's TMG product fadeout. Another vendor that has promised to take up the slack is F5 Networks.

Exchange 2013 Perks
IT pros may have good reasons to want to publish Exchange 2013 and use OWA for remote e-mail connections. One of the more interesting reasons is offline access to OWA 2013 e-mail, contacts and calendars. This feature works with Internet Explorer 10, Google Chrome and Apple Safari 5 or greater browsers. E-mail is supported in offline folders, with users getting access to "three days of content or 150 items, whichever is greater," according to Microsoft's blog explanation.

Exchange 2013 also supports larger mailboxes and comes with basic antimalware protection, along with automatic traffic-surge protection and other management improvements.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • Microsoft Hires Movial To Build Android OS for Microsoft Devices

    Microsoft has hired the Romanian operations of software engineering and design services company Movial to develop an Android-based operating system solution for the Microsoft Devices business segment.

  • Microsoft Ending Workflows for SharePoint 2010 Online Next Month

    Microsoft on Monday gave notice that it will be ending support this year for the "workflows" component of SharePoint 2010 Online, as well as deprecating that component for SharePoint 2013 Online.

  • Why Windows Phone Is Dead, But Not Completely Gone

    Don't call it a comeback (because that's not likely). But as Brien explains, there are three ways that today's smartphone market leaves the door open for Microsoft to bring Windows back to smartphones.

  • Feature Update Deferral Mix-Up in Windows 10 Version 2004 Further Explained

    Microsoft last week described the confusion it is attempting to avoid by removing the client graphical user interface (GUI)-based controls to defer Windows 10 feature updates, starting with version 2004.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.