Planning for routing client requests

  • Article

Microsoft Forefront Threat Management Gateway uses chaining to establish a hierarchical connection between individual Forefront TMG computers. Chaining is an effective means of distributing server load and creating fault tolerance. 

Chaining redirects client requests from downstream Forefront TMG computers (farther from the Internet) to upstream proxy servers that are located closer to the Internet. There are two types of chaining:

  • Web chaining rules specify how Web proxy requests to a downstream Forefront TMG computer are forwarded to an upstream proxy server. The downstream server acts as a Web Proxy client of the upstream server. You can configure a backup route for Web requests and a centralized Web access policy for requests redirected through upstream servers. You can configure Forefront TMG caching rules with Web chaining to deploy a hierarchical caching solution that helps reduce bandwidth requirements. For more information, see About Web proxy chaining.
  • Firewall chaining specifies how requests from Firewall clients and SecureNAT clients are routed to an upstream Forefront TMG computer. The downstream server acts as a Firewall client of the upstream server. For more information, see About firewall chaining.

Both Web chaining and Firewall chaining allow Forefront TMG to bypass default gateway settings for specific destination requests.

Both Web proxy chaining and firewall chaining supports the use of a dial-up connection. For more information, see About dial up connections for chaining.