Migrating to a new version of the firewall always stirs up stress and strain. For the experienced ISA firewall admin, you might have suffered through the migration from ISA 2000 to ISA 2004, and then from ISA 2004 to ISA 2006. The most problematic migration was probably from ISA 2000 to ISA 2004, since the entire networking and security models changed between ISA 2000 and ISA 2004. Migration from ISA 2004 to ISA 2006 wasn’t too difficult, since ISA 2006 was more a less a robust service pack release instead of a major revamp or improvement of the product.
Things change up again when it comes to migrating from ISA 2006 to the TMG firewall. While the networking and security model of the TMG firewall is pretty much the same as it was for the ISA 2006 firewall, there is one major difference – the TMG firewall is a 64bit only application and therefore you can’t do an in-place upgrade. That means moving your current configuration to a new box and trying to apply that configuration not only to new version of the firewall, but an entirely new OS with a new architecture.
How do you do it? Richard Hicks, TMG firewall MVP comes to the rescue with a nice description of how to carry out the migration process.
Check out Richard’s article on how to do the migration from ISA 2004/2006 to the TMG firewall over at:
DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)