What's new in Forefront TMG 2010 RTM

Published: November 15, 2009

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

Forefront TMG builds on top of the core capabilities delivered in Microsoft Internet Security and Acceleration (ISA) Server in order to deliver a comprehensive and integrated network security gateway. The main investments made in Forefront TMG provide additional protection capabilities to help secure the corporate network from external, Internet-based threats.

The following new features are included:

  • Web anti-malware is part of a Web Protection subscription service for Forefront TMG. Web anti-malware scans Web pages for viruses, malware, and other threats.

  • URL filtering allows or denies access to Web sites based on URL categories (such as pornography, drug, hate, or shopping). Organizations can not only prevent employees from visiting sites with known malware, but also protect business productivity by limiting or blocking access to sites that are considered productivity distractions. URL filtering is also part of the Web Protection subscription service.

  • E-mail protection subscription service—Forefront TMG provides an e-mail protection subscription service, based on technology integrated from Forefront Protection 2010 for Exchange Server. Forefront TMG serves as a relay for SMTP traffic, and scans e-mail for viruses, malware, spam and content (such as executable or encrypted files) as it crosses the network.

  • HTTPS inspection enables HTTPS-encrypted sessions to be inspected for malware or exploits. Specific groups of sites, for example, banking sites, can be excluded from inspection for privacy reasons. Users of the Forefront TMG Client can be notified of the inspection.

  • Network Inspection System (NIS) enables traffic to be inspected for exploits of Microsoft vulnerabilities. Based on protocol analysis, NIS can block classes of attacks while minimizing false positives. Protections can be updated as needed.

  • Enhanced Network Address Translation (NAT) enables you to specify individual e-mail servers that can be published on a 1-to-1 NAT basis.

  • Enhanced Voice over IP support includes SIP traversal, enabling simpler deployment of Voice over IP within the network.

  • Windows Server 2008 with 64-bit support—Forefront TMG is installed on Windows Server 2008 with 64-bit support.

Related Topics