In the past, ISA has had very limited or no support on Microsoft's virtualization platform. Now, ISA and Forefront Threat Management Gateway (TMG) is supported . I met up with Jim Harrison to get some guidance on what you need to think about when you virtualize your ISA/TMG servers. We quickly dive into a whiteboard session on the various ways you can configure Hyper-V / virtual server to work with ISA/TMG and dig into the advantages and disadvantages of each network configuration such as:
- Performance
- Management
- Administration
- Security
Some other things we talk about:
- [15:12] Why placing TMG on the parent is a bad idea and how you should configure the parent partition
- Configuration options of the actual ISA/TMG server
- [22:11] Failover, Clustering, and Quick Migration with ISA / TMG in a virtual environment
- [24:32] Configuration changes you should make for any host which faces the Internet
View the security considerations for virtualized ISA / TMG deployments guide / whitepaper Jim wrote.
See KB article 957006 which states ISA (and other) products are officially supported on Hyper-V.
Best practices for ISA server co-location with a DC