One of the more common questions I have heard recently from customers is: “Do I need to deploy the new TMG Firewall Client (FWC) to interoperate with TMG on down-level clients?” The very simple answer is no. The previous versions of the (ISA) firewall client work just fine with TMG and accordingly, the TMG FWC will interoperate with ISA Server.
So why does a customer choose to deploy the FWC in the first place? First of all, the FWC is an optional desktop software component that basically provides enhanced security and application support. Most specifically, the FWC supports the following:
· Strong user authentication for all Winsock applications using the TCP and UDP protocols
· Enables user identification and application information to be logged in the ISA/TMG logs and reports
· Supports per-user based policies and rules
· Enables applications that require secondary network connections to access the Internet through the proxy
So what is new with the TMG firewall client? What are the benefits over the previous version? There are really two key updates that will be available with our upcoming Beta 3 release:
1. Secure auto-discovery using Active Directory – improved discovery of the approved proxies in your enterprise
2. HTTPS inspection notification – enabling end users to control the notification of when their Internet traffic and browsing will be monitored and controlled by policy through the TMG proxy
Watch for more updates and information as we are getting ready to announce the availability of Beta 3 publicly.
David B. Cross
Product Unit Manager
Previous versions of the firewall client intercepted off-network traffic by default. Applications could be disabled via Disable=0.
Does the updated version allow you to define which applications are redirected to the TMG server instead of which are not able to be redirected to the TMG server??