We are happy to announce the availability of Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1). The service pack is available for download from the Microsoft Download Center.
Our focus with Forefront TMG SP1 was to address common customer requests on the new features presented in TMG 2010. Here are some of the new features we are introducing to address these:
We have added the ability to configure web access rules to allow users to override block decisions (if blocked due to URL filtering):
When a user is blocked by a rule allowing override, there will be an “Override access restriction” button in the error page:
This will allow evaluation of the rules to continue and if allowed, the user will be able to continue to the site, despite the deny rule.
Access to denied sites will appear in the logs with the “Overridden rule” field indicating which rule the user has chosen to manually override:
We have changed the whole look and feel of our reports to match that of other Forefront products:
We have enhanced our reports to include the new user override and BranchCache integration features.
We have added the ability to generate a report for a specific user (or users, separated by semi-colons):
This will generate a report showing the categories and sites the user has been surfing to:
In the original release version of Forefront TMG, overriding URL categorization was done on the array level only. We have added the ability to generate an override list at the enterprise level, which will affect all joined arrays.
When redirecting an error page to a web server, the following tokens will be replaced by the appropriate values:
[DESTINATIONURL] – Displays the denied URL.
[URLCATEGORYNAME] – Displays the denied URL Category name (localized to TMG language);
[URLCATEGORYID] – Displays a number representing the denied URL Category Id.
[OVERRIDEGUID] – Displays the array GUID, necessary if you want to create a user override button similar to the one in the default notification page.
These tokens may be used in the redirection URL (in a Forefront TMG access rule). For example:
http://192.168.1.3/Default.aspx?OrigUrl=[DESTINATIONURL]&Category=[URLCATEGORYNAME]&CategoryId=[URLCATEGORYID]
With SP1, if installed on Windows Server 2008 R2 Enterprise, you can configure BranchCache in hosted cache mode through the Forefront TMG Management console:
You can also see the benefits of BranchCache WAN savings in dedicated dashboard counters and in Forefront TMG reports:
Forefront TMG can now be installed on a read-only domain controller in order to realize WAN optimization benefits related to local authentication in branch office scenarios.
The service pack adds support for publishing SharePoint 2010.
More information is available in the following links:
· What's new in Forefront TMG 2010 SP1
· Installing Forefront TMG SP1
· Release Notes for Forefront TMG 2010 SP1
Written by Gabriel Koren
Hi guys! Great job for this SP1, but I don't understand why URL filtering user override it's only applicable to HTTP rules and not also for HTTPS rules.
I'm having trouble getting SP1 TMG 2010 STD in Portuguese language.
Could you help me?
Hi, I’m unable to view traffic information reports after TMG SP1 installation,
SQL Express has already information logged , but the reports don’t show any information
Any issues with that???
Thanks
After install TMG SP1, it need about 10 minutes to logon the windows.