Tuesday, April 3, 2012

How to determine whether changes applied to Forefront Threat Management Gateway 2010 are active

I’m sure many experienced Forefront Threat Management Gateway 2010 administrators out there already knows about this but I haven’t really been working with TMG for a while and recently discovered that you can actually check when your changes are actually active after they have been successfully applied.

Rather than sit around and wait a minute before you proceed with testing out, say, a new firewall policy, you can perform the following actions to determine whether your changes are now active:

image

Navigate to the Monitoring node and then click on the Configuration tab.  Notice that the Configuration Status has a green checkbox and the status is labeled as Synced with the description:

Server configuration matches the stored configuration.

image

Proceed by clicking on the Refresh button on the right:

image

Notice that the server’s status is now labeled as Not Synced with the description:

Server configuration does not match the stored configuration.

image

Hitting the refresh button again a few times will show that the server’s status is now labeled as Updating with the description:

Server is updating configuration to match the stored configuration.

image

Hitting the refresh button again a few times will show that the server’s status is now labeled as Synced with the description back to:

Server configuration matches the stored configuration.

image

Using this method to determine when new configuration changes to the TMG are active is definitely better than waiting a predetermined amount of time.

No comments: