Custom Search

Tuesday, February 8, 2011

Forefront Installation



You can download Forefront Threat Management Gateway Beta 3 from here
From the download page, you will notice that Forefront Threat Management Gateway Beta 3 is now available in two versions, Standard and Enterprise Edition. With TMG Beta 2, there was only one executable file. 
In this article, I will be installing Forefront TMG Standard Edition (TMGBETA3_EN_SE_AMD64.exe)
System Requirements:
  • A computer with a 64-bit processor.
  • Windows Server® 2008 64-bit operating system. You cannot install Forefront TMG on 32-bit versions of Windows Server 2008. Only Forefront TMG Management Console (MMC) can be installed on a 32bit machine, so that you can connect remotely using the MMC to the Forefront TMG Server.
  • 4 gigabytes (GB) or more of memory
  • One local hard disk partition that is formatted with the NTFS file system.
  • 2.5 GB of available hard disk space. This is exclusive of hard disk space that you want to use for caching or for temporarily storing files during malware inspection.
  • One network adapter that is compatible with the computer's operating system, for communication with the Internal network. An additional network adapter for each network connected to the Forefront TMG computer.

Before installing TMG Beta 3, make sure to read the Release Notes for Forefront Threat Management Gateway Beta 3.
Installing TMG Beta 3
I have already setup the server with two network cards. The first is called Internal NIC and is connected to the Internal Network, whereas the second network card is called External NIC and is connected to the ISP Router ( External Network ). Read this article to know more about how you can correctly configure your TMG Network cards : Configuring ISA Server Interface Settings
  1. I have downloaded Forefront Threat Management Gateway Standard Edition (TMGBETA3_EN_SE_AMD64.exe), and saved it on the Desktop.



    Double click on the setup file that you have downloaded, if you have User Account Control enabled, it will prompt you to take action, click onContinue


  2. On the Welcome to the Install Shield Wizard page, click on Next


  3. Select the path where the extracted files will be stored



    You can either keep the default path or change it to a custom path by clicking on the Change... button, browse and select another path. Then click Next



    extracting the setup package will start




  4. Once setup files extraction is completed, the main Forefront TMG menu page will open, where it is divided into three sections :
  • Before you Start : This section helps you in identifying the hardware and software requirements, reading the deployment guide and the release notes for TMG beta 3.
  • Prepare and Install : It allows you to run Windows Update and download/install Windows update. The Preparation Tool is a new tool introduced with Beta 3 and was not available with TMG Beta 2. It automatically checks what are all the required prerequisites/components and download/install them on your behalf. This is a great improvement to the installation wizard. Previously with Beta 2, you had to install all prerequisites manually and missing any of them would result in the failure of installing TMG Beta2. 
    The Install Forefront TMG option launches the preparation tools as well and then starts the installation of Forefront TMG.
  • Additional options : Includes a link to Forefront TMG website, and also an option to install Forefront Security for Exchange (Beta 2).

  1. From the Prepare and Install section, you can:

    Run Windows Update and install the latest Windows Updates. In this step, you can install .NET Framework 3.5 SP1 which is considered to be one of the prerequisites that the preparation tool will check for.

    Although its not recommended, you can skip running windows update and run the Preparation Tool, it will check if the required components are already installed, if not yet installed, the preparation tool will try to download and install them, these prerequisites/components are :
  • Windows Roles & Features
  • Microsoft .NET Framework 3.5 SP1
  • Microsoft Windows Installer 4.5
  • Windows Web Services API 


    Or directly click on Install Forefront TMG, which will also will run the preparation tool and then gives you the options to install Forefront TMG (if no reboot is required after installing the components required by the preparation tool)

    Click on Install Forefront TMG, If you have User Account Control enabled, then you might receive the below message box, click Continue

  1. The Welcome to the Preparation Tool wizard page will open , click Next


  2. Accept the terms of the License Agreement(s) and click Next


  3. Select the first installation option, Install Forefront Threat Management Gateway service, and then click NextYou can choose the second option, if you already have installed Forefront TMG on another server, and now you want to install Forefront TMG remote management console to connect to the server remotely. The third option, Install Enterprise management Server, is grayed out, because we are installing Forefront TMG Standard Edition. If you are installing Forefront TMG Enterprise Edition, then this option will not be grayed out.


  4. The preparation tool will start checking what prerequisites are already installed on your machine, it will also try to download and then install/configure the required components.


  5. The preparation tool will start with the Windows Roles and Features, if any of these roles or features were installed previously then the preparation tool will start checking for next required components. My server has nothing installed on it except windows updates. The preparation tool will install and configure the following Windows Role and Features:

    Two Windows Roles:



    Six Windows Features:     





  6. The next required component is .NET Framework 3.5 SP1, but as I have already run Windows Update and installed the listed available Windows Updates ( one of these updates were .NET Framework 2.5 SP1 ), then .NET Framework 3.5 SP1 was found by the preparation tool to be already installed.

    Be informed that if .NET Framework 3.5 SP1 is not installed, the preparation tool will try to download it and then install it, so make sure that your machine is able to connect to the internet. 



    If TMG machine is not connected to the internet at the time of installing TMG Beta 3, and .NET Framework 3.5 SP1 was not installed previously, you will receive an error illustrating to you that the preparation tool was not able to download .NET Framework 3.5 SP1 and to check your internet connection as shown below



    If your server is not connected to the internet at the time of installing TMG Beta 3, then make sure to download .NET Framework 3.5 SP1 from another machine, and then install it on the TMG Beta 3 server. You can download it from here.
  7. Then Windows Web Services API will be installed


  8. Then the preparation tool will check for Windows Installer 4.5, if it was not found to be installed, the preparation tool will download it from the internet and then start to install it





    Reminder : The Same error page you will receive if your server is not connected to the internet at the time of installation and you do not have Microsoft Windows Installer 4.5 installed. You can download it from here.

  9. Once the preparation tools finishes downloading and installing the required components, you might need to restart your machine to complete the installation. Click Restart to reboot your machine. Once the server is rebooted, resume TMG installation by running autorun.hta again and then click on Install Forefront TMG



    If you already had some or all of the required components and your server didn't require a reboot, then the preparation tool will display the completion result of checking all components, it will give you also the option to launch TMG setup. Click on Finish



    If you have User Account Control enabled, click on Continue


  10. Microsoft Forefront TMG Installer will start



    On the Welcome to the Installation Wizard page, click Next


  11. On the License Agreement page, accept the terms in the license agreement, and then click Next


  12. On the Customer Information page, enter your details , username and organization name, and as you notice, the product serial number is already filled as this is a beta build of the product. Then click Next


  13. On the Installation Path  page, as you will notice, the path is C:\Program Files\Microsoft ISA Server\ , I believe this will be changed to refer to Forefront TMG once the product is RTM. You can either keep the default installation path, or change it by clicking on the Change... button and browse to the custom path. then Click Next


  14. On the Internal Network page, specify the address range(s) you want to include in TMG Internal Network, click on the Add... button



    Click on Add Range, type the address range then click OK

      

    If you have another Internal Network Address range, then click on Add Range again and repeat the above steps, else click on OK



    You will return back to the Internal Network page, if you need to change anything click on Change.., else click on Next to proceed with the installation wizard


  15. Few services will be restarted or stopped as shown on the Services Warning page, click Next


  16. On the Ready to Install page, click Install 



    Installing TMG will begin











    Eventually, Forefront TMG installation will be completed, you can enable the checkbox at the bottom of the page to invoke Forefront TMG management when the wizard closes. Click Finish



    Once you click Finish, a webpage will open, that includes some recommendations and information that you can follow.


  17. To Open Forefront TMG , click Start > All Programs > Microsoft Forefront TMG > Forefront TMG Management


    If you have User Account Control enabled, then click on Continue


  18. Forefront TMG management console will open, and the first thing that you will notice is the Getting Started Wizard, which I would like to cover in a future article.




    Start exploring Forefront TMG Beta 3 and enjoy it.... 

    One last reminder is that although Forefront TMG Beta 3 is feature complete, it is still a Beta version, so do not install it in a production environment.

Summary
Forefront Threat Management Gateway Beta 3 installation is much easier than previous Beta versions. The Preparation Tool is a new tool included in the installation wizard that will automatically downloads and install any required component. Its is recommended to run the Windows Update option first before installing TMG, so that you install all critical required updates for your Windows, then either click on run the preparation tool or Install Forefront TMG option, which will also run the preparation tool to check for all required components, and will try to download and install any required component.
Posted by Irsath Nokia at 12:59 AM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)