Forefront TMG is a comprehensive secure web gateway solution that helps to protect employees from web-based threats. Forefront TMG also delivers simple, unified perimeter security, with integrated firewall, VPN, intrusion prevention, malware inspection and URL filtering.
Audience Profile
This course is intended for Architects, Consultants, and Technical Sales Professionals involved in designing, deploying, or operating security solutions.
At Course Completion
After completing this course, students will be able to:
• Understand the new features and the value proposition for Forefront TMG.
• Explain how Forefront TMG protects clients and servers from Web-based threats.
• Describe how Forefront TMG enable outside systems to secure connect to internal services and applications.
• Design an enterprise solution using Forefront TMG considering availability, scalability, operations, and migration from an existing Microsoft Internet Security and Acceleration (ISA) solution.
Pre-requisites
Before attending this course, students must have:
• A good understanding of Active Directory and Group Policies.
• A good understanding of Windows TCP/IP networking.
Course Outline
Forefront Threat Management Gateway (TMG) 2010 Overview
• Introduction to Forefront TMG
• Installation and Initial Setup
• Basic Configuration Concepts Lab: Installing Forefront Threat Management Gateway 2010
• Install Forefront TMG on a Windows Server 2008 R2 server
• Perform an initial configuration of Forefront TMG using the Getting Started wizards After completing this module, students will be able to:
• Describe a brief history of the Microsoft edge security products.
• Explain the current threat landscape and how this drove changes in the edge security strategy.
• List the new features in Forefront TMG and their value propositions.
• Describe the key scenarios for Forefront TMG and how it differentiates from Microsoft IAG/UAG.
• Describe the SKU differentiation and subscription model.
• Explain the installation requirements and install process for Forefront TMG.
• Secure Web Gateway Overview
• HTTPS Inspection
• URL Filtering
• Malware Protection
• Intrusion Prevention
• Create web access policies, including inspection of HTTPS sessions
• Modify web access policy to include protection from malware
• Investigate the Network Inspection System (NIS)
• Describe the threats affecting enterprise users browsing the Web.
• Identify the key Forefront TMG features that address those threats (application proxy, granular access control, malware inspection, URL filtering, HTTPS inspection, NIS), and describe each of these features in detail.
• Logical Design Considerations
• Scalability and Availability
• Client Configuration
• Review the network, scalability, availability and operational considerations and best practices when designing and deploying a solution based on Forefront TMG.
• Identify the best practices when configuring clients to use Forefront TMG.
• Describe migration procedures from ISA Server to Forefront TMG, and between the different versions of Forefront TMG.