Getting Started with Forefront Threat Management Gateway 2010, Part 1: Introduction

Introduction to TMG 2010

Microsoft Forefront Threat Management Gateway 2010 (Forefront TMG 2010) is the latest security software from Microsoft. It help protecting your organization from malicious threats with firewall feature, enable users to communicate through the Internet by acting itself as an Internet gateway, and also improve your network performance using web caching. These are also features of Microsoft ISA Server which is the previous version of Forefront TMG 2010. However, there are lots of useful additional features in Forefront TMG 2010, such as, URL Filtering, HTTPS Inspection, ISP Redundancy, etc, which will be described below.

History of Forefront TMG 2010

The history of ISA Server starts from Microsoft Proxy Server 1.0 and Microsoft Proxy Server 2.0 which both were released in 1997. They were merely designed to provide internet access (Internet Sharing) and came in only one edition of each version. Microsoft Proxy Server 1.0 only has basic functionality and many limitations. The second version improves many features from the previous version. It supports Windows NT account integration, many more protocols, packet filtering capability.

Then, ISA Server 2000 was released in 2001. And in 2004 for ISA Server 2004 and ISA Server 2006 in 2006. Each product has two editions: Standard and Enterprise. ISA Server 2004 introduced multi-networking support, integrated virtual private networking (VPN) configuration, Application-Layer Firewall support, support for the H.323 protocol, Active Directory Integration, SecureNAT, Secure Server Publishing, and improved reporting and management features. The rules based configuration was also considerably simplified on ISA Server 2000. ISA Server 2004 Enterprise Edition included array support, integrated Network Load Balancing (NLB), and Cache Array Routing Protocol (CARP). One of the core capabilities of ISA Server 2004 was its ability to securely publish Web servers. ISA Server 2006 is an updated version of ISA Server 2004. It doesn’t has major difference compare to ISA Server 2004. Most features and interface of both versions are quite similar.

On 2009, Forefront Threat Management Gateway 2010 was released with additional security features compared with ISA Server 2006 as you will see in the section below. Forefront TMG 2010 also has two edition: Standard and Enterprise as ISA Server 2006. It only runs on the 64-bit edition of Windows Server 2008 and Windows Server 2008 R2.

Features of Forefront TMG 2010

Here are summary of major features of Forefront TMG 2010:

• Multi-layer firewall. Provides three types of firewall functionality: packet filtering, stateful filtering, and application layer filtering.
• Application layer filtering. Provides deep content filtering through built-in application filters.
• Virtual private networking capability. Enables quick connectivity between sites via wizard-based approach.
• Intrusion detection capability. Flood protection such as denial of service (DoS) and distributed denial of service (DDoS) attacks, IP spoofing protection, etc.
• Supports various authentication. Authenticate users with built-in Windows, LDAP, RADIUS, or RSA SecurID authentication.
• URL Filtering. Destination URLs are examined for compliance with corporate policy and for malicious potential of destination Web site.
• HTTPS Inspection. Inspect inside SSL-encrypted traffic for malware or exploits. Sensitive sites, such as banking sites, can be excluded from inspection.
• Web antivirus/anti-malware protection. Inbound and outbound network traffic is inspected for viruses and malware, including archived folders. Encrypted folders can be blocked. For large files, users are trickled the file to assure them the file is being downloaded.
• ISP Redundancy. Allows you to configure in 2 modes: ISP Load Balancing which balance network traffic between two different ISPs and ISP Failover which provides a second ISP as a backup link for a connection to the Internet if the primary ISP link is down due to problems or maintenance reasons.
• Ease management. Most configurations can be done using wizards, provides real-time monitoring and reporting, support external logging.

If you want to read more details about features of Forefront TMG 2010, visit Microsoft Threat Management Gateway (TMG) 2010 – Key Features & Capabilities

What’s Next?

Now you have some background knowledge about Forefront TMG 2010, next we can make a plan for installation and configuration Forfront TMG 2010.