Comparing UAG and TMG arrays

If you’ve used IAG as your SSL VPN gateway, you’re probably aware that there really wasn’t a viable concept of gateway “array” or cluster”. It was pretty much configure one and then reconfigure the second box with the same settings. And forget about NLB.

The playing field changes with UAG. UAG is built on top of the TMG firewall, and partially leverages the array or cluster capabilities enabled by the TMG firewall infrastructure.

A TMG gateway supports two types of arrays:

  • Enterprise arrays
  • Standalone arrays

The key difference between the two is that the enterprise array requires that you use an Enterprise Management Server or EMS. When deploying Enterprise Arrays, all configuration settings are stored on the EMS server. In contrast, standalone arrays storage configuration information on one of the arrays members. The array member responsible for hosting the configuration information is the Array Manager.

Both Enterprise and Standalone Arrays store configuration information in Active Directory Lightweight Directory Services, or AD LDS.

While TMG arrays support both Enterprise and Standalone configuration, UAG Beta 2 supports only Standalone Arrays. For Beta 2, there is no Enterprise Array option.

That’ll get you started. If you want to know more about UAG array configuration, check out Rayne Wiselman’s post on the UAG Team Blog over at:



Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting

PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top