Microsoft Forefront

Microsoft Forefront is a comprehensive set of products for security of your business increasing security and control thanks to integration with the existing IT infrastructure, to simplification of deployment, management and the analysis. The products Forefront help to protect: client and server operating systems (Client Security), application servers (Server Security) and perimeter of network (Edge Security).

Microsoft Forefront Threat Management Gateway 2010 (TMG) allows to use safely and effectively the Internet for work, without worrying about malware and other threats.

It provides access to several levels of constantly updated means of protecting, including filtering of the URL addresses, search of malware, an intrusion prevention, the firewall at the level of applications and network and check of HTTP/HTTPS, which are integrated into the uniform and simple gateway in management that reduces costs for the system of web security and also does it less difficult.

Some opportunities of Microsoft Forefront Threat Management Gateway

• Support of 64-bit architecture;
• Support of IPv6:
• Web Access Policy:

In Forefront TMG there was a new node of a configuration which is referred to as Web Access Policy. In this node all settings of service of a web proxy, parameters of access for users to Internet resources under the protocols HTTP, HTTPS, FTP-over-HTTP (the tunnelled FTP) and also configuration settings of the module of check of the user traffic on existence of a malicious code – Malware Inspection are located.

• Malware Content Inspection:

Forefront TMG has in the arsenal the module of check of web traffic on existence of a malicious code. This module uses the Microsoft Antimalware Engine engine and allows to inspect HTTP and the tunnelled FTP traffic of clients of a web proxy. Moreover, it is possible to check traffic proceeding HTTPS connections. At the same time the user whose SSL session is checked by the module Malware Inspection, receives the notification on this process. Also there is an opportunity to exclude certain websites from check. The module of check gives flexible opportunities of setup. When loading files of large volume information on verification process of the loaded files on existence of a malicious code can be shown to the user.

• Network Inspection System:

Forefront TMG will include the intrusion detection system of level of network (Network based Intrusion Detection System, N-IDS) developed by Microsoft Research and which is referred to as GAPA. Unlike partial implementation of functionality of the mechanism of the detection of network invasions used in ISA Server, GAPA represents the full N-IDS system. Microsoft stated that signatures of network attacks for expansion of functionality of GAPA will be periodically delivered in the form of service packs through service Microsoft Update.

• Support of SIP:

In Forefront TMG support of the SIP protocol and also the VoIP function (Voice over IP) NAT Traversal allowing this type of traffic to pass through gateways with service of network address translation (NAT) is implemented.

• Support of SSTP:

In Forefront TMG support of the SSTP protocol (Secure Socket Tunneling Protocol) allowing to tunnel VPN session traffic in the normal HTTP protocol within the SSL session is implemented. This mechanism allows to set without problems VPN connections regardless of a configuration of the firewall, a web proxy of the server or service of broadcast of the network addresses. At the moment this technology is supported only by Windows Vista SP1 and Windows Server 2008 OS.

• HTTPS Inspection:

Inspection of HTTP/HTTPS traffic on existence of the virus and espionage code and also the analysis of web content on compliance to corporate politicians (filtering of resources on the basis of classification).

• ISP Link Redundancy:

Support of several Internet channels. ISP Link Redundancy allows to organize failsafe connection to the Internet by means of at once two ISP channels. And it is possible both hot sparing of an Internet channel, and balancing of a network load between Internet channels.

• Enhanced NAT:

Possibility of broadcast of the addresses per scheme 1-to-1 NAT. It will allow to publish for external access, for example, your mail server on specially selected address.

• VoIP Traversal:

Full support of the SIP protocol. And Forefront TMG is not limited to support of the SIP protocol. There was a special master allowing to configure Forefront TMG for work with IP as the PBX system using SIP.

• Email Protection:

Ability to integrate with a role of Microsoft Exchange Server 2007 Edge Transport Server of the mail Microsoft Exchange Server 2007 system for protection of e-mail against the malware and spam at the level of network perimeter. The management console of Forefront TMG has all necessary for setup of this functionality.

• Work in an array (Arrays):

There was an opportunity to create an array from standard editions Forefront TMG Standard Edition! Early it was possible to add to an array only edition ISA Server Enterprise Edition.

• Ability to integrate with Forefront Security Suite (codename Stirling):

Forefront TMG can communicate about a protection status with other security systems by means of the Security Assessment Sharing mechanism. It allows to integrate Forefront TMG into the complete system of protection of all types of data assets of the company.