Forefront TMG builds on top of the core capabilities delivered in Microsoft Internet Security and Acceleration (ISA) Server in order to deliver a comprehensive and integrated network security gateway. The main investments made in Forefront TMG provide additional protection capabilities to help secure the corporate network from external, Internet-based threats.
The following new features are included:
- Web anti-malware is part of a Web
Protection subscription service for Forefront TMG. Web anti-malware
scans Web pages for viruses, malware, and other threats.
- URL filtering allows or denies access
to Web sites based on URL categories (such as pornography, drug,
hate, or shopping). Organizations can not only prevent employees
from visiting sites with known malware, but also protect business
productivity by limiting or blocking access to sites that are
considered productivity distractions. URL filtering is also part of
the Web Protection subscription service.
- E-mail protection subscription
service—Forefront TMG provides an e-mail protection
subscription service, based on technology integrated from Forefront
Protection 2010 for Exchange Server. Forefront TMG serves as a
relay for SMTP traffic, and scans e-mail for viruses, malware, spam
and content (such as executable or encrypted files) as it crosses
- HTTPS inspection enables
HTTPS-encrypted sessions to be inspected for malware or exploits.
Specific groups of sites, for example, banking sites, can be
excluded from inspection for privacy reasons. Users of the
Forefront TMG Client can be notified of the inspection.
- Network Inspection System (NIS)
enables traffic to be inspected for exploits of Microsoft
vulnerabilities. Based on protocol analysis, NIS can block classes
of attacks while minimizing false positives. Protections can be
updated as needed.
- Enhanced Network Address Translation
(NAT) enables you to specify individual e-mail servers that can
be published on a 1-to-1 NAT basis.
- Enhanced Voice over IP support
includes SIP traversal, enabling simpler deployment of Voice over
IP within the network.
- Windows Server 2008 with 64-bit
support—Forefront TMG is installed on Windows Server 2008 with
ConceptsForefront TMG Getting Started
Copyright © 2009 by Microsoft Corporation. All rights reserved.