And so it comes to pass. TMG was canned by Microsoft in September 2012 yet it was the more popular, cheaper, and in the eyes of many, the better product. UAG was kept then but is now being discontinued. No tears are shed here as Microsoft continues to refine its on-premises security portfolio to concentrate its resources on the cloud.
The news (December 17) that Microsoft had decided to discontinue Forefront Unified Access Gateway (UAG) came as no shock. The writing was on the wall that UAG would follow TMG into product oblivion as soon as TMG was canned in September 2012 to allow Microsoft to focus on cloud-based security services that they need to support .
The announcement said:
“We will continue to provide maintenance and support for Forefront UAG through the standard Microsoft support lifecycle, with mainstream support continuing through April 14, 2015 and extended support continuing through April 14, 2020. “
I was always confused by the fact that Microsoft shipped both TMG and UAG to replace the much-used but often detested ISA Server. There didn’t seem to be a wide enough product space for the two to generate separate and obvious value. Despite the best efforts of Microsoft personnel to explain the difference (like this blog looking at how the two products dealt with different Internet publishing scenarios), I never felt that clarity existed.
UAG never had the same kind of contended following as TMG attracted, perhaps because TMG seized the close working relationship with products like Exchange Server that ISA Server once had, a relationship that persists for Exchange 2013 even after TMG was canned. UAG is universally deemed to be more complex, less flexible, and more expensive than TMG. UAG never created the same feeling of value and it was surprising that Microsoft choose TMG when the time came for engineering expenses to be reallocated. I would have cheerfully shot UAG and kept TMG, but now both are past their best-by date and the discussion is moot.
On-premises software products dubbed with the Forefront moniker seem to be unfortunate. It almost seems like the application of the family name is tantamount to condemnation at a later date. If this continues, then what future exists for Forefront Identity Manager (FIM)? Perhaps as the sole survivor FIM is the king of the heap and will continue to prosper. We shall see.
As to Microsoft’s overall security strategy, it seems that it is increasingly cloud-centric and that they are leaving the on-premises market to third party software vendors such as TrendMicro and Symantec. Customers who want to buy everything from the one vendor will be disappointed but at least you can justify Microsoft’s decision on the basis that they are facilitating choice, however unwelcome that choice might be.
Follow Tony @12Knocksinna