Life in a Post TMG World – Is It As Scary As You Think?

Excellent article and a great way to tell people how network security is shifting from just closing the front door to secure software. However, I do think the article should have been named “Exchange in a post tmg world, is it as scary as you think” because in many mid-size environments there is still plenty of poorly written code that suffers from SQL injections and other badly written code. In this case TMG is not so much making things more complex, it’s a way to be sure that all published applications use your predefined way of authentication or at least use SSL. And in that way, its making our lives more simple.

CRM, document management, financial and other LOB applications are not always written by Microsoft and are not always updated by the vendor that much.

Same counts for SSL offloading, SSO and other usefull things we use TMG for, I do think it’s still far from obsolete.

Eventually, when moving to IPv6, maybe we will go back to the beginnings when all computers where using public ip’s without using NAT or a central firewall. If computers and software become intrincically secure, that will be the time when network architecture will become simple.

So having exchange secure enough to make this step is a very good and important one indeed, but it is only a small part of the software that companies need to manage and secure.