Microsoft-certified Consultants
Microsoft Forefront Threat Management Gateway Expertise:
Consulting, Support, Migration
Overview of Microsoft Forefront Threat Management Gateway 2010
Microsoft offers a broad selection of security products and services within the Forefront family. Forefront Threat Management Gateway (TMG) 2010 builds on the proven security technologies of ISA Server 2006, which it is designed to replace and for which it includes downgrade rights. TMG 2010 runs on a 64-bit server and provides a centrally managed Internet gateway that offers a single-server solution for a variety of security functions including an application layer and network layer firewall, URL filtering, malware inspection, reputation services, intrusion protection (IP), application proxy, VPN management, and HTTP/HTTPS inspection. TMG provides comprehensive web security logging and reporting capabilities, allows custom reporting powered by Microsoft SQL Server, integrates with Active Directory to simplify authentication and policy enforcement, and can be deployed as a virtual machine to cut costs and improve availability.
Microsoft has discontinued Forefront TMG 2010. The firewall capabilities offered by the product are commonly handled by hardware appliances from providers like Cisco, Barracuda, Check Point and WatchGuard. (Visit Cisco ASA firewalls with Firepower Services consulting.) Progent's firewall integration consultants can help you maintain and troubleshoot your Forefront TMG 2010 environment or help migrate to a modern solution. If you decide to upgrade, Progent can help you design and implement an efficient migration, integrate your on-premises firewall solution with cloud-based resources, train your IT staff, and provide as-needed expertise.
Progent's Microsoft-certified consultants can help you evaluate the business case for TMG 2010 in your environment; plan and carry out test and production deployments; integrate Forefront TMG 2010 with Windows 2008, Active Directory, SQL Server, Exchange Server 2010, and SharePoint 2010; set up TMG 2010 to run on a virtual machine with Windows Hyper-V; assist you to create custom reports; train your IT management staff; and provide ongoing consulting and troubleshooting support. Progent can also help you migrate smoothly and economically to Forefront TMG 2010 from ISA Server 2006 or ISA Server 2004 so you maximize your return on investment in Microsoft's Forefront technology.
Enhancements of Forefront Threat Management Gateway over Microsoft ISA Server 2006
Forefront Threat Management Gateway 2010 builds on the protection technology incorporated in ISA Server 2006 and offers significant improvements over the platform it replaces. TMG 2010 provides a secure web gateway for protecting users within the security perimeter from web-based threats by integrating anti-virus, anti-phishing, and anti-malware technology with advanced URL filtering and by extending these protections to SSL-encrypted traffic through HTTPS inspection. The powerful Network Inspection System (NIS) integrated with Forefront TMG 2010 is a signature-based network Intrusion Prevention System (IPS) that can provide continually updated application-layer protection for vulnerabilities discovered in Microsoft products and protocols.
TMG 2010 offers improved connectivity through the ability designate email servers to be published on a 1-to-1 NAT basis. Through its new ability to recognize SIP traffic and provide a method to traverse the firewall, Forefront TMG 2010 simplifies the implementation of Voice-over-IP solutions within the network. Support for ISP redundancy enhances availability and facilitates disaster recovery. In the area of VPN connectivity, TMG 2010 can be configured for tunnel-mode IPsec for compatibility with third-party devices, provides termination of L2TP/IPsec and PPTP-VPN sessions using native Windows VPN services, and can be used to publish internal Windows Servers as VPN servers.
The Enterprise Edition of Forefront Threat Management Gateway 2010 delivers improved expandability, availability, speed, management, and virtualization. This high-end edition supports network load balancing and Cache Array Routing Protocol (CARP) to provide fail over and enhance performance, allows access to Microsoft's Enterprise Management Console for centralized administration, and accommodates unlimited virtual CPUs.
The SP1 version of Forefront Threat Management Gateway introduces additional features and enhancements including a new User Activity report that displays web surfing data over a specified period based on websites and URL categories users have requested, simplified deployment of BranchCache at a remote office by using Forefront TMG as the Hosted Cache server when installed on a computer running Windows Server 2008 R2, the ability to run Forefront TMG and a read-only domain controller on the same server to save on IT costs at a branch office, and support for the securely publishing SharePoint 2010.
Network Inspection System for Enhanced Application Layer Inspection
A key part of Forefront TMG's IPS architecture is the Network Inspection System (NIS), a traffic analysis solution based on protocol decoding that uses signatures of known vulnerabilities to detect and block attacks and exploits aimed at Microsoft operating systems and applications. NIS involves a combination of services and software designed to reduce the time gap between when a network-based vulnerability is first discovered by Microsoft and when protective patches are installed on customers' production systems. Ordinarily, this gap can be measured in weeks. NIS can often reduce it to hours, providing zero-day response.
The protection strategy of NIS is based on signatures, code that detects attempts embedded within various network protocols to carry out attacks, as opposed to file-based attacks. Protocols commonly used as attack vectors which NIS can intercept include HTTP, DNS, SMB, SMB2, NetBIOS, and MSRPC, as well as the common email protocols SMTP, POP3, IMAP and MIME. NIS security begins with the Microsoft Malware Protection Center (MMPC). This organization has research facilities in five countries on three continents and works 24 hours a day monitoring global malware trends by analyzing data collected from a broad array of sources, including 600 million Windows computers. The MMPC, which also publishes responses to file-based threats for use by the malware inspection feature of Forefront TMG, develops and distributes the signature definitions used by NIS to defend against network-based attacks.
When a new vulnerability or exploit surfaces, MMPC researchers develop and test a signature which the MMPC response team publishes for efficient distribution via Microsoft Update Service. Forefront TMG can be configured to download and install all new signatures automatically, or the signature library can be updated manually and selectively. You can also select which protocols you want TMG to monitor if, for example, you don't want to waste bandwidth testing for protocols that are already blocked. The NIS feature, including access to updates, is included with the basic Forefront TMG license.
How Progent Can Help You with Forefront Threat Management Gateway 2010
In the field of firewalls and IT security policy, there is always a tradeoff between protection and productivity. Progent's Microsoft engineers and certified security consultants can show you to find the appropriate balance for your environment and can help you configure Forefront Threat Management Gateway 2010 to maximize the business value of your security infrastructure.
Progent can help you design, test, and implement a first-time installation of Microsoft's firewall and IPS technology or upgrade cost-effectively to Forefront TMG 2010 from ISA Server 2006 or ISA Server 2004. Progent can help you interface TMG with Microsoft SQL Server for customized web security reporting, with Exchange Server for secure access via the full MAPI Outlook client without requiring VPN, with SharePoint 2010 for secure publishing, and with Active Directory for consistent authentication and policy enforcement. Progent's Windows Hyper-V experts can help you save money and increase reliability by deploying Forefront TMG 2010 as a virtual server, and Progent's disaster recovery engineers can show you how to take advantage of TMG's network load balancing support to maximize availability.
Progent's certified network security engineers can help you create a company-wide security solution that includes business continuity planning and network security vulnerability scanning. Progent's Microsoft System Center Operations Manager (SCOM) consultants can help you monitor your network proactively to spot and remediate issues before they grow into serious problems. Progent offers the services of one of the country's largest teams of Cisco CCIE network engineers who can provide affordable online expertise to help you build a secure and responsive network infrastructure and to troubleshoot complex problems with Cisco appliances or software. Progent can also provide webinar training to help your IT staff get up to speed quickly with Forefront TMG 2010. Because Progent specializes in delivering advanced consulting and troubleshooting services online, Progent can help you minimize support costs and speed up the completion of IT projects and repairs.
Contact Progent for Microsoft Forefront Threat Management Gateway 2010 Solutions
If you need help with Forefront TMG 2010, call
Progent's Support Services for Microsoft Server Products
For small companies anywhere in the United States, Progent's Microsoft-authorized experts can provide network help and professional consulting services for the whole family of Microsoft .NET servers and Windows Servers. Progent's planning, installation, update, and consulting services include network architecture, configuration, and management outsourcing for
project analysis and documentation, local and remote
IT help and network repair,
Standard Help Desk Call Center Support or Shared Help Desk Services, comprehensive
security consulting, full-service
outsourcing, and
ProSight Virtual Hosting services.
If your organization is looking for immediate remote support from a certified network expert, visit Progent's Emergency Remote Network Support.
Learn additional details about Progent's Support Services for Microsoft Server Technology.
An index of content::
Blackberry Consulting Services
BlackBerry Exchange Technical Consultant
Progent can provide the expertise of BlackBerry-premier engineers who can help small companies to design, manage, and troubleshoot BlackBerry solutions economically and successfully, doing away with the need for an in-house BlackBerry specialist and reducing the expense and distraction of supporting a mobile wireless workgroup. Progent's BlackBerry engineers have in-depth experience working with Progent's Microsoft-certified experts, Cisco CCIE-certified network engineers, and CISSP and CISM-certified security engineers. This breadth of knowledge, combined with Progent's efficient remote support model, offers small companies a cost-effective solution for integrating BlackBerry devices and software seamlessly into their IT network.
ISSAP Certified Security Architecture Engineer
Consultant CISSP-ISSAP Cybersecurity Architecture
Progent's ISSAP Premier security experts, or Information Systems Security Architecture Professionals, are experts who have earned ISSAP status as a result of thorough testing and significant experience with information security architecture. ISSAP security experts have comprehensive knowledge of access control systems and methodologies, phone system and network infrastructure security, cryptography, requirements analysis, BCP and DRP, and physical security integration. Progent's ISSAP-certified security consultants can assist your company with all aspects of architecture security.
Microsoft Skype for Business 2019 Consult
Engineers Skype for Business Edge Server Pool
Microsoft Lync 2010 provides IM, Presence, voice/video conferencing, desktop collaboration, as well as VoIP and public switched telephone network voice communication. Microsoft Lync 2010 can extend the functionality of Exchange Server, SharePoint and Office desktop or cloud-based Microsoft 365 and streamlines administration via integration with Windows AD. Lync 2010 can also reduce capital and operational costs by eliminating Voice-over-IP hardware and subscription services, PBX gear, or conventional teleconferencing solutions. Progent's certified unified communications consultants offer online and on-premises support services to assist you to manage and repair your existing Lync 2010 environment or assess the benefits of migrating from Lync Server 2010 to Skype for Business, which is the new release of the product family. Progent can also help you to design and carry out a smooth Skype for Business upgrade or a migration to Microsoft Teams.
After Hours Deduplication Engineers
Specialist Symantec Backup Exec
Progent can provide affordable online access to engineers with expertise in a wide array of utilities and technologies that deliver solutions for backing up Microsoft Windows, Apple Mac, and Linux/UNIX servers and workstations as well as laptops and handhelds. Progent offers help for all major backup products such as Acronis Backup and Recovery, Barracuda Backup, Altaro VM Backup, Symantec Backup Exec, BackupAssist Software, CrashPlan, Double-Take Backup, Mozy, Retrospect for Macintosh, Apple Time Machine, VMware Data Recovery (VDR), and FLARs. Progent's consultants can help you to deploy, upgrade, or troubleshoot backup/restore solutions for a range of architectures including on-premises, remote, cloud, or a mix.
Tandberg Telepresence Professional
Remote Immersive Telepresence Remote Troubleshooting
Progent offers the services of a certified consultant with an extensive background integrating products from the leading video conferencing/telepresence providers including Cisco, Polycom, and LifeSize and can help you to plan, configure, upgrade, or maintain a video conferencing environment that preserves your current investment and maximizes the strategic value of your IT system. Progent also offers the expertise of infrastructure consultants able to assist companies of any size to build and maintain a communications network that delivers the performance, dependability, security, and expandability you need to accommodate your telepresence environment.
Microsoft Certified Expert .NET IoT Programming Firm
Development Companies .NET F#
Progent's software experts have worked for 20 years with .NET technologies and the Visual Studio development system and are able to build or enhance .NET apps quickly and affordably.
Select Topic: