What's New in Forefront TMG Software Development Kit

Microsoft Forefront Threat Management Gateway (TMG) introduces numerous new features and functionalities. Some of the most notable advancements are described on this page.

New Administration COM Elements

For links to the new administration COM elements introduced in Forefront TMG to support the features described on this page, see New COM Elements in Forefront TMG.

Malware Inspection

Web traffic may contain malware (such as viruses, worms, and spyware). Forefront TMG introduces a Web filter named Malware Inspection Filter for scanning, cleaning, and blocking harmful content and files. When malware inspection is enabled, HTTP content (Web content) allowed by access rules is inspected for malware.

Malware inspection applies only to traffic that uses the HTTP protocol and does not involve the Firewall Client software. The body of all HTTP requests and responses is inspected, regardless of the HTTP verb in the header and the encoding scheme used to compress the body. If the encoding scheme is not recognized, Forefront TMG blocks the content. HTTP content compressed with gzip encoding can be decoded and encoded in both directions.

When a virus is detected in a file or an archive (for example, a .zip, .tar, or .cab file), Forefront TMG attempts to clean the file, rebuild the archive, and send a cleaned file to the client instead of the infected one. In cases where cleaning is not possible, the infected file is replaced with a text file containing a notification.

Because malware inspection may cause some delay in the delivery of content from the server to the client, Forefront TMG trickles portions of the content as files are inspected to improve the user experience during malware inspection. As an alternative, Forefront TMG can send progress notifications for specified types of files to reassure the user during this delay.

Definition Updates for Protection Mechanisms

Forefront TMG uses definitions of known viruses, worms, and other malware for malware inspection. These definitions can be downloaded from the Microsoft Update over the Internet. Forefront TMG automatically checks for and downloads new and updated definitions for malware inspection according to a user-defined updating schedule.

Support for Large Files

Forefront TMG now includes support for large files (files larger than 4GB, aka 4GB support). Web Proxy filters that want to handle large files must declare themselves as "large size aware". Filters that do not do this are considered legacy filters that don't support large files. If such a filter is registered a warning alert is raised during configuration reload and large files are blocked by the proxy. All Forefront TMG built-in filters are large size aware.

Improved Custom Report Design

Forefront TMG adds built-in support for SQL Reporting Services and enables you to use the Report Definition Language (RDL) to define custom reports when logs are recorded to a local Microsoft SQL Server Express 2008 database.

Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.