I first wanted to thank everyone who came to our session(s) – with Yigal and myself, we had a standing room only crowd and I apologize to those of you who were turned away since the room was over capacity. We hope to be announcing soon the availability of Beta 3 publicly, and I know everyone who saw our introduction of URL filtering integrated with the Microsoft Reputation Services wanted to get this tested and deployed in your environments now. Unfortunately, you will have to wait at least a few more weeks, but trust me when I say the wait will be worth it. As many of you were able to see, the URL filtering is fully integrated with our web policy rules and will part of the subscription services that we first introduced in TMG: Medium Business Edition. The best of all, as many of you explored is this still works over SSL/TLS (HTTPS) sessions and users cannot evade the policy by using an encrypted session. For more details on this, I highly recommend watching Bill Jensen and Thomas Schinder’s session if you have access to TechEd online.
Another common concern was the upgrade story from ISA 2004/2006 to TMG. We definitely will be providing a clear path for you. Obviously, TMG will only support Windows Server 2008 and Windows Server 2008 R2 64-bit as the operating system. With that said, you will be export your rules and configurations from ISA and then import them on a clean installation of TMG. I hope that alleviates any concerns you might have in the portability of the rules and policies you know and love in your environments today.
Some of you also had questions about how TMG and UAG support Windows Server 2008 R2 Direct Access. We will be discussing that more in the future as we get closer to the UAG Beta 2 release to provide more clarity on the scenarios and role that TMG plays in a Direct Access deployment environment.
The introduction of our IPS/IDS capabilities in Beta 2 were still a big surprise to many. If you have not checked out what we can do not only with our Network Inspection System for intrusion detection and prevention, you may also want to look at all the analytics we have added that are integrated with the Forefront codename “Stirling” Security Assessment Sharing Framework. They include all of the following which we have found in our internal deployments to be invaluable tools in monitoring and maintenance of our security environment:
• Honey pot
• GAPA Signature Hit
• Spam Detection
• Click Fraud
• Bot Access
• Horizontal Scan
• Vertical Scan
• Vulnerability Scan
• Outbound Bandwidth
• Failed HTTP Request
• Denied Connections
Last, but not least, many of you that I met asked when the overall product will be released and we are standing to our public date of Q4 of this calendar year. Thanks everyone for the positive feedback and we will be taking some of your suggestions back with us for consideration to improve the product based on your environments and deployment needs.
Stay tuned to this same channel for more updates and information as it becomes available!
David B. Cross
Product Unit Manager
PingBack from http://www.netdeluxo.com/blog/blogs/forefront-tmg-isa-server-product-team-blog-teched-2009-post/
Hi David - interesting stuff. Looking forward to Beta 3! Quick question, is the URL filtering feature just for sites with bad reputation scores, or does it also perform URL categorization like what is available through the SmartFilter or Web Washer plugins for ISA?
Does not look like anyone answered Scott.
Since SmartFilter does not appear to be supporting Forefront, does the URL filtering from Forefront replace SmartFilter?