1. In the Forefront TMG Management console, in the tree, click the Firewall Policy node, and in the Tasks pane, click Create Access Rule.

2. Follow the instructions to complete the New Access Rule Wizard:

   • On the Rule Action page, specify whether the rule should allow or deny access.
     
     
   • On the Protocols page, to select the FTP, HTTP, or HTTPS protocols, leave the default setting Selected Protocols, and then click Add. In the Add Protocols dialog box, click to expand Web, and then select FTP, HTTP, or HTTPS. Do not select the protocols ending in "Server". These are used for non-Web server publishing rules, and not for outbound access.
     
     
   • On the Malware Inspection page, select whether to enable malware inspection for the rule. To enable this setting, malware inspection must be enabled globally. For more information, see Enabling malware inspection.
     
     
   • On the Access Rule Sources page, select the network objects from which requests will be received.
     
     
   • On the Access Rule Destinations page, select where to send the received requests. For Web access, select the External network (the Internet).
     
     
   • On the Users page, select whether requests for the rule must be authenticated. For anonymous access, leave the default All Users setting. To specify that the rule will only apply to a particular group of users, click Add, and then select either the predefined user sets or create a custom user set.
     
     

Concepts