System requirements

  • Article

[This topic is pre-release documentation and is subject to change in future releases. Blank topics are included as placeholders.]

To install Forefront TMG, you need:

  • A computer with a 64-bit processor.

  • Windows Server® 2008 64-bit operating system. You cannot install Forefront TMG on 32-bit versions of Windows Server 2008.

  • 2 gigabytes (GB) or more of memory

  • 2.5 GB of available hard disk space. This is exclusive of hard disk space that you want to use for caching or for temporarily storing files during malware inspection.

  • One network adapter that is compatible with the computer's operating system, for communication with the Internal network.

  • An additional network adapter for each network connected to the Forefront TMG computer.

  • One local hard disk partition that is formatted with the NTFS file system.

Points to note

  • Forefront TMG drops all IPv6 traffic. Following Forefront TMG installation note the following:

    • Forefront TMG denies all IPv6 traffic.

    • ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) is disabled.

    • The 6to4 interface is disabled. This mechanism allows IPv6 packets to be transmitted over an IPv4 network.

    • Whenever the Control service restarts the Forefront TMG server reregisters with DNS to ensure that there is only an A record registered for the server, and no AAAA (IPv6) record. It also clears the DNS, Address Resolution Protocol (ARP), and Neighborhood Discovery (IPv6 version of ARP) caches.

  • By default Forefront TMG is configured to log to a local SQL Server® Express database. installs a number of SQL Server Express components, including an instance for logging and an instance for reporting.

  • installs the Web Server (IIS) role. Note that this component is not removed if Forefront TMG is uninstalled.

  • Services and driver files installed by Forefront TMG are placed in the Forefront TMG installation folder.

  • You can use Forefront TMG on a computer that has only one network adapter. Typically, you will do so when another firewall is located on the edge of the network, connecting your corporate resources to the Internet. In this single-adapter scenario, Forefront TMG typically functions to provide an additional layer of application filtering protection to published servers or to cache content from the Internet. For more information, see About single network adapter limitations.

Copyright © 2009 by Microsoft Corporation. All rights reserved.