1. Nguyen An Que
Microsoft Vietnam
Email: Que.Nguyen@microsoft.com
Tech blog: http://blogs.technet.com/quenguyen
Microsoft Forefront TMG�(next version of ISA 2006)
2. Web surfing challenges
3. New Threat Management Gateway
4. Protect users from Web browsing threats �Secured Web Proxy Gateway
5. Malware inspection (1 of 2) Using desktop anti-virus software
Example: Microsoft ForeFront Client Security
Virus definition must be up-to-dates on all PCs
9. Malware inspection (2 of 2) Using TMG anti-malware feature �at gateway
Reducing risk of zero-day attack
16. URL Filtering
23. Outbound HTTPS inspection TMG can inspect HTTPS traffic for malware
TMG will perform man-in-the-middle-attack
2 separate SSL connections will be created
From client to TMG, using TMG generated certificate
Use AD group policy to ask client to trust this certificate
From TMG to external web sites, using external web site certificate
End users may not know their HTTPS requests are being inspected
Notification to end users is needed (displayed by TMG client)
Health care and banking sites must be exempted
30. Network Inspection System (NIS)
31. Using NIS for IPS
38. Dashboard
39. Email Policy Email Anti-spam & Anti-Virus
40. Email Policy Email Anti-spam & Anti-Virus
41. Email Policy Email Anti-spam & Anti-Virus
42. ISP redundancy
43. ISP redundancy
44. Update Center
45. Licensing Forefront TMG
46. Enterprise vs. Standard
47. Pricing Forefront TMG 2010 Standard Edition 1 Proc: $1,449
Forefront TMG 2010 Enterprise Edition 1 Proc: $6,367
Forefront TMG Web Protection Service subscription: $12/user/year
48. Microsoft
