Configuring malware definition updates

Published: November 15, 2009

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

This topic describes how to configure automatic updates of malware definitions. Malware inspection uses definitions, developed by the Microsoft Malware Protection Center, to protect client computers from malicious content on the Internet and published servers from malicious content in uploaded files.

Malware inspection for published servers is available only in Forefront TMG Service Pack 2 (SP2)

To protect your systems from the latest malware threats, it is recommended that you verify that you have connectivity to the appropriate update source, and that you enable the automatic installation of the latest definitions.

For more information about configuring connectivity to Microsoft Update or Windows Server Update Services (WSUS), see Managing definition updates for Forefront TMG.

Before Forefront TMG can inspect traffic for malware, you must download the latest malware inspection engine and definitions.

The following procedures describe how to configure malware definition updates, and how to verify that the malware inspection update mechanism is working.

  1. In the Forefront TMG Management console, in the tree, click the Web Access Policy node.

  2. On the Tasks tab, click Configure Malware Inspection.

  3. Click the Definition Updates tab, and then under Select automatic definition update action, select one of the following configurations:

    • Check for and install definitions (recommended)—Automatically download and install the latest malware definition updates.

    • Only check for definitions—Notify about new definitions for download, but do not download the updates.

    • No automatic action—Disable automatic updating.

  4. Under Automatic polling frequency, select the polling frequency appropriate for your organization. The default frequency is Every 15 minutes.

  1. In the Forefront TMG Management console, in the tree, click the Update Center node.

  2. In the details pane, check to see if the Malware Inspection's last update succeeded.

  3. If the update failed, click Malware Inspection, and then in the Tasks pane, click Check for Definitions.

  4. If the system cannot download an update for malware inspection, check your network configuration.


Configuring malware inspection
Planning to protect against malicious web content

Other Resources

Configuring published server malware protection
Planning to protect published servers against malware