Forefront Threat Management Gateway 2010 Release


It is our pleasure to announce that Forefront Threat Management Gateway (TMG) 2010 was released to manufacturing yesterday (Nov 16th, 2009) after completing 3 Beta releases and receiving extensive customer feedback. The trial version is available for download today, and the product will be widely available for purchase soon.

We encourage you to download the new release and evaluate it in your environment. Forefront TMG provides an unparalleled value to the network security marketplace by integrating multiple web security technologies into a single, comprehensive solution. Forefront TMG is also all about “the basics” to ensure that besides the breadth of new features, Forefront TMG also provides the best infrastructure to run those features: reliability, scalability, performance and security. I would also like to take this opportunity and personally thank the very active user community in providing feedback throughout the cycle. Your support in downloading, deploying early versions and providing feedback was essential for us in the process of creating this product. We have incorporated significant parts of this feedback into the product, which is important in the process of making a great product.

In the following sections I will list some of the new functionality that we have added into TMG and will cover some of our infrastructure investments.

Secure Web Gateway
Forefront TMG is a Secure Web Gateway (SWG) that improves security enforcement by integrating multiple detection technologies such as URL filtering, Anti Malware, and intrusion prevention into a single, easy-to-manage solution. We have seen a lot of interest in the features that comprise this solution, so here is some information on what they do and how:

URL Filtering: URL Filtering allows controlling end-user access to Web sites, protecting the organization by denying access to known malicious sites and to sites displaying inappropriate or nonproductive materials, based on URL categories. TMG features over 80 URL categories including security-oriented categories, productivity-oriented and liability-oriented categories. Forefront TMG uses Microsoft Reputation Services (MRS), a cloud-based categorization system hosted in Microsoft data center. To ensure the best bandwidth utilization and low latency, Forefront TMG has implemented a local URL cache. There is a lot more on URL Filtering available in an earlier URL Filtering post.

Anti Malware: Stopping malware on the edge significantly decreases the possibility that a virus will hit a computer with anti-virus signatures that are not up-to-date or a test computer without an anti-virus to protect it. TMG has integrated the Microsoft Anti Malware engine to provide world class scanning and blocking capability on the edge.

Network Inspection System (NIS): NIS is a generic application protocol decode-based traffic inspection system that uses signatures of known vulnerabilities, to detect and potentially block attacks on network resources. NIS provides comprehensive protection for Microsoft network vulnerabilities, researched and developed by the Microsoft Malware Protection Center – NIS Response Team, as well as an operational signature distribution channel which enables dynamic signature snapshot distribution. NIS closes the vulnerability window between vulnerability disclosures and patch deployment from weeks to few hours.

In addition, we have introduced HTTPS scanning to enable inspection of encrypted sessions, eased the deployment and management with a set of easy to use wizards and significantly improved logging and reporting to provide full visibility into how your organization is accessing the web and whether it’s compliant with your organization’s policy.

VPN, Firewall, Email Protection and Infrastructure.
We have also made significant investments to ensure that we keep delivering top notch VPN and Firewall functionality. We made quality improvements in Web Caching and made sure it works well with the new Windows 7 BranchCache feature. We have added several new features, among them: Email Protection, ISP redundancy, NAP integration with VPN role, SSTP, VoIP traversal (SIP support), Enhanced NAT, SQL logging and Updated TMG Client (previously known as the Firewall Client). In addition TMG was built as a native 64bit product that supports Windows Server 2008 R2, and Windows Server 2008 SP2, allowing better scalability and increased reliability.

These improvements are in direct response to your requests and protection needs. We firmly believe that listening to your voice makes our product better! We are looking forward to hearing what you think about TMG 2010 as you test and deploy in your own environment. So go ahead and download it today to try it out!

Yaron Zakai-Or

Group Program Manager, Forefront TMG


Comments (25)

  1. Anonymous says:

    Well, I have access to MSDN downloads, not Volume License downloads. So not good for me. Any other link out there?

  2. Anonymous says:

    Hi! Are there any plans to add this to the BizSpark subscription? It’s very annoying not being able to use ISA Server 2006 because it’s not compatible with Windows Server 2008.

    We desperately need this. Please tell me it’s on its way!

    Thanks.

  3. Anonymous says:

    Follow up re. MSDN availability.

    Could someone please advise when or if this product will be available on MSDN.

    I note that TMG 2010 for Exchange is currently avalable for download.

    Thanks.

  4. Anonymous says:

    Do we have a RTM for the MSDN downloads by any chance?

  5. Anonymous says:

    This is the most beautiful security product that Microsoft has ever released!

    It was nice to meet you in TechEd Berlin!

  6. Regan says:

    typical….. the blog post appeared just minutes after i completed my build with the RC version 🙂

  7. Anonymous says:

    Only took 3 weeks..but TMG 2010 is now available on MSDN….

  8. Lain says:

    Hiya,

    Firstly, as already implied by Alanplum, the media is not available yet to Technet subscribers (they were referring specifically to the key, but neither are present).

    Secondly, given URL filtering is license-based, will Technet users using the media provided (when it’s provided) be covered whilst evaluating TMG, or is this feature unavailable to us?

    Cheers,

    Lain

  9. Anonymous says:

    Forefront Threat Management Gateway 2010 ready for download from
    https://www.microsoft.com/licensing/

  10. Anonymous says:

    Excellent News.  Where do us partners and MSDN/Technet guys get the product key from?  Not on MSDN 🙁

  11. Anonymous says:

    …as per crand’s post – this is a little annoying…and on top of that they add a new article to the blog!

  12. Anonymous says:

    This is nuts!! How can you RTM this product and not give out Product Keys to MSDN/TECHNET/PARTNERS way after a week.  There isn’t even a nice way of upgrading from Evaluation to Standard edition, otherwise I’d put the eval into production in the hope the keys came out.  

    Here was me hoping to decommision a 2003 server to make way for 2008 R2.

  13. Anonymous says:

    Dear Johnny,

    thank you for your e-mail.

    We may kindly inform you that at the moment there are no plans to make "Forefront Threat Management Gateway 2010" available for BizSpark subscribers.

    If there should be any changes in the availability of software you will be informed on http://www.microsoft.com/bizspark/ .

    In the meantime, feel free to contact us for any further queries.

    Kind Regards,

    James Richardson

    MSDN Information Centre

  14. crand says:

    I can’t help but notice nobody has answered any of the questions on here.  Either answer the questions or deny commenting on your blog posts to save us all the trouble of your collective ignorance.

  15. Anonymous says:

    I guess they lied to me. Could have saved me a heck of a time if I’d known it was going to appear.

  16. khemarin Set says:

    Hi,

    I'm using Forefront Threat Management Gateway 2010 as my production environment. I was downloaded the trial software. Now it is expired date. I want to activation the key. It is required to reinstall TMG 2010. Do you have any solution without reinstall? I'm looking to hearing from you.

    BR,

    Khemarin Set

  17. Anonymous says:

    ..the betas were never available on MSDN either come to think of it….will TMG therefore get an MSDN release?

  18. Anonymous says:

    I administer a 500 user XP/ server 2008 system. I am a generalist. I recently looked at TMG 2010 sp1 (on a new server 2008 x64 box) and as well a Symantec Web Gateway appliance with a view towards protecting my users against web malware. The Symantec Web Gateway took me 4 hours to set up and understand to to my satisfaction. TMG 2010 has taken me 3 days and I still don't have a good grasp of it. The sole reason is MS's poor documentation. Blogs, forums, and on-line help are not a substitution for a solid manual.  A manual that lays out various scenarios and then walks you through a step by step installation process with full explanations. I am sorry TMG 2010 may be a good product but without the tools for me to install and understand it, it will have no place in my operation.

  19. Anonymous says:

    ..cool – as it happens i have VL access too 🙂

    Thanks MCleo! TMG 2010 rocks!!!

  20. M jasim AB says:

         How are you?

    I hope you will help me after reading this mail.

    My boss give me the assignment to install TMG forefront server with script or unattended installation of TMG. I have no idea of this installation.

    Please help me if u can.

    Please send me the answer file and the command for this task.

    abdulkarim041@yahoo.com

    BR

    M jasim AB

  21. tony says:

    Why should pay for license and updates ? i came across the website http://whiteway.in. They have product called NetCop UTM for hte internet security.

  22. Victor Romero says:

    Is there anyway to export a report of all VPN connection made in one day (by user)?

  23. ATTENTION PLEASE:

    I have a TMG server. my internal clients can easily access both HTTP and HTTPS sites.But my local machine(TMG server) is not able to access HTTPS.what should i do..???

  24. Tamatha Rather says:

    Invaluable comments . I was fascinated by the information , Does anyone know if my assistant would be able to find a blank a form form to fill in ?