This topic is designed to help you plan your Forefront TMG deployments according to your availability and scalability needs, by using a Forefront TMG array or number of arrays.
Forefront TMG arrays provide:
- High availability—To ensure operational
continuity of the Forefront TMG deployment, including during the
downtime of one or more of the Forefront TMG servers in the
deployment. Forefront TMG configuration settings across all servers
in the array are identical, thus providing uninterrupted service
during failover of one or more array members.
- Scalability—To meet increasing performance
demands. For example, with a growing number of users, or users
wishing to increase their Internet activities, additional network
bandwidth is required. When your organization’s needs grow, you can
easily upgrade from a deployment of a single Forefront TMG to a
Forefront TMG array, increase the number of members in an existing
array, or increase the numbers of arrays.
- Distributed, persistent caching—Keeps all
servers updated with the latest array manager configuration, thus
enabling users to designate a new array manager on demand. The
information is persistent, and is retained during the downtime of
one or more of the Forefront TMG servers in the deployment.
 Note: |
|---|
| Multiple-server arrays are only supported in Forefront TMG Enterprise. Forefront TMG Standard supports a single-server array only. For more information, see About the Forefront TMG Editions. |
The following sections describe:
About Forefront TMG arrays
A Forefront TMG array is a collection of Forefront TMG servers that are managed centrally, via a single management interface. When you create a Forefront TMG array, the following configuration settings are stored in a central location:
- Array configuration settings, which are
relevant for, and shared by, all members of the array.
- Server configuration settings, which are
relevant only for a specific array member, for each of the array
members.
Forefront TMG Enterprise supports two types of arrays:
- Standalone—Depending on the selected load
balancing method, a standalone array can have up to 50 Forefront
TMG servers managed by one of the array members that acts as the
array manager; for more information about load balancing, see
Load balancing Forefront TMG servers in
an array. Use this type of array if Forefront TMG is deployed
in a single logical location, and handles a medium traffic
load.
- EMS-managed—An EMS-managed array can have up
to 200 Forefront TMG arrays, each holding up to 50 Forefront TMG
servers, that are managed by an Enterprise Manager Server (EMS).
Once you have set up an EMS-managed array, you can replicate its
settings and manage up to 15 EMS-managed arrays using the same
settings, thus enabling central management of up to 150,000
Forefront TMG servers.
You can use an EMS-managed array in the following deployment scenarios:
- Forefront TMG is deployed in a single logical
location, and handles a high traffic load.
- Forefront TMG is deployed in multiple
locations. In this scenario, EMS is used for central management of
multiple locations, including locations with relatively low traffic
loads; for example, a branch office deployment.
- Forefront TMG is deployed in a single logical
location, and handles a high traffic load.
Load balancing Forefront TMG servers in an array
Load balancing serves to balance network traffic among array members, so that traffic is optimized across all available servers. You can use Network Load Balancing (NLB), or a third party hardware load balancer, to load balance traffic among Forefront TMG array members, as follows:
- NLB—This optional
Windows Server 2008 feature is integrated into Forefront
TMG. NLB tools are a prerequisite for the installation of Forefront
TMG (as described in System requirements for
Forefront TMG); you can configure NLB directly in the Forefront
TMG Management console. In a Forefront TMG array, NLB supports load
balancing across up to eight array members. This method for
implementing load balancing provides a number of advantages:
- Cost savings, as no hardware device needs to
be purchased.
- Simplified management and monitoring, as NLB
can be managed directly in the Forefront TMG Management console.
You can easily apply the NLB configuration to all array
members.
- Ease of node management as nodes can be
managed and drained via the Forefront TMG Management console.
- Firewall rules and settings are configured
automatically.
Note:Using integrated NLB is the recommended method for implementing NLB in Forefront TMG. It enables you to take advantage of the benefits of central management, configuration, maintenance, and troubleshooting, which are not available if you configure NLB directly via the Windows-based NLB tools. - Cost savings, as no hardware device needs to
be purchased.
- Third party hardware load balancer—The load
balancer you select must support IP affinity.