About Web filters

Web filters are run-time extensions of the Web proxy filter. By reacting to event notifications sent by the Web proxy filter, Web filters can intervene in the processing of HTTP requests and responses and invoke specific actions based on the information being passed. For example, Web filters can redirect requests according to information provided by the client (credentials, browser type, locale, etc.), and they can filter or modify Web content according to various criteria (offensive words etc.).

Web filters are installed in the form of dynamic-link libraries (DLLs) that are loaded when the Microsoft Firewall service is started and stay in memory until the service shuts down. Web filters can be configured to receive notifications for events that occur with each HTTP request that the Forefront TMG Web proxy receives and with each response returned through the Web proxy by an external Web server.

Web filters facilitate applications that perform a number of different tasks, including request scanning and modification, response scanning and modification, traffic analysis, logging, encryption, compression, and custom authentication schemes.

Forefront TMG provides the following predefined Web filters:

  • DiffServ filter. This filter enables DiffServ tagging of Web traffic according to URL, response and request sizes, and network. For more information, see Overview of traffic prioritization.
  • Web Publishing Load Balancing filter. The filter enables publishing of multiple Web servers in a server farm. For more information, see About server farms.
  • Compression filter. This filter enables compression of HTTP traffic. For more information, see Overview of HTTP compression.
  • Authentication delegation filter. This filter enables delegation of credentials to published Web servers. For more information, see About delegation of credentials.
  • Forms-Based Authentication filter. This filter enables forms-based cookie authentication and RSA SecurID authentication. For more information, see About authentication for published resources.
  • RADIUS Authentication filter. This filter enables client authentication using a RADIUS server. For more information, see About RADIUS authentication.
  • LDAP Authentication filter. This filter enables authentication of clients making requests to published Web servers. For more information, see About authentication for published resources.
  • Link Translation filter. This filter enables the link translation feature for published Web sites. For more information, see About link translation.
  • Malware Inspection filter. This filter enables malware inspection of HTTP content. For more information, see Overview of malware inspection.
  • Generic Web Protocol Analyzer filter. This filter prevents intrusion through HTTP-based protocols.
  • HTTP filter. This filter inspects and filters HTTP traffic. For more information, see Configuring HTTP filtering.
  • Caching Compressed Content filter. This filter enables caching of compressed HTTP content. For more information, see About caching compressed content.