Managing definition updates for malware inspection and NIS

  • Article

Applies To: Forefront Threat Management Gateway (TMG)

Malware inspection and Network Inspection System (NIS) use Microsoft product updates to keep protection definitions constantly updated.

This topic describes the prerequisites and configuration steps that are required to update the protection definitions on Forefront TMG.

For information on how to plan for protection definition updates, see Planning for updates of protection definitions.

Prerequisites

Updated definition files are provided by Microsoft Update and are subject to licensing. To activate protection mechanism licenses, you must opt in to Microsoft Update. This is necessary even if you intend to use Windows Server Update Services (WSUS).

For licensing information, see How to Buy (https://go.microsoft.com/fwlink/?LinkId=179848).

Configuration steps

Updating the protection definitions includes the following procedures:

  • Enabling Microsoft Update and activating licenses

  • Modifying Microsoft Update definitions for a feature

Enabling Microsoft Update and activating licenses

  1. In the Forefront TMG Management console, in the tree, click the server name node.

  2. On the Tasks tab, click Launch Getting Started Wizard, and then click Define deployment options.

  3. On the Microsoft Update Setup page, click Use the Microsoft Update service to check for updates (recommended).

    Note

    If the Forefront TMG server is configured to receive updates from WSUS, it will ignore the settings on the Microsoft Update Setup page.

  4. On the Forefront TMG Protection Features Settings page, activate licenses for the protection features you want to enable. You can only download and install updated definitions for features that you have enabled.

  5. If you activate the NIS license, on the NIS Signature Update Settings page, select the automatic update action you require.

  6. Complete the wizard, and then click Finish. On the Apply Changes bar, click Apply.

Modifying Microsoft Update definitions for a feature

  1. In the Forefront TMG Management console, in the tree, click Update Center.

  2. In the Tasks pane, click Configure Settings, and then review the settings for each protection mechanism on the Definition Updates tab.

  3. Click the protection mechanism that you want to edit, and then click Configure Selected.

  4. On the Update Configuration window, change the automatic update action or automatic polling frequency setting as required, and then click OK.

  5. On the Apply Changes bar, click Apply.

Concepts

Configuring Forefront TMG secure Web gateway
Configuring malware inspection in Forefront TMG secure Web gateway
Configuring NIS in Forefront TMG secure Web gateway