Configuring definition updates for malware inspection

  • Article

Applies To: Forefront Threat Management Gateway (TMG)

This topic describes how to configure automatic updates of malware definitions. Malware inspection uses definitions, developed by the Microsoft Malware Protection Center, to protect client computers from malicious content on the Web.

To protect your systems from the latest malware threats, it is recommended that you verify that you have connectivity to the appropriate update source, and that you enable the automatic installation of the latest definitions.

For more information about configuring connectivity to Microsoft Update or Windows Server Update Services (WSUS), see Managing definition updates for malware inspection and NIS.

Before Forefront TMG can inspect traffic for malware, you must download the latest malware inspection engine and definitions.

The following procedures describe how to configure and verify malware definition updates:

  • Configuring malware definition updates

  • Verifying that the malware inspection update mechanism is working

Configuring malware definition updates

  1. In the Forefront TMG Management console, in the tree, click the Web Access Policy node.

  2. On the Tasks tab, under Web Protection Tasks, click Configure Malware Inspection.

  3. On the Malware Inspection dialog box, click the Definition Updates tab, and then under Select automatic definition update action, select one of the following configurations:

    • Check for and install definitions (recommended)—Select this configuration to automatically download and install the latest malware definition updates.

    • Only check for definitions—Select this configuration if you want to be notified about new definitions for download.

    • No automatic action—Select this configuration to disable automatic update actions.

  4. Under Automatic polling frequency, select the polling frequency appropriate for your organization; the default frequency is Every 15 minutes.

Verifying that the malware inspection update mechanism is working

  1. In the Forefront TMG Management console, in the tree, click the Update Center node.

  2. In the details pane, under Update Information, check to see if the most recent malware inspection update succeeded.

  3. If the update failed, under Protection Mechanism, click Malware Inspection, and then in the Tasks pane, click Check for Definitions.

  4. If the system cannot download an update for malware inspection, check your network configuration.

Concepts

Configuring malware inspection in Forefront TMG secure Web gateway