Over the past few months, Microsoft has upgraded much of its Forefront family of enterprise security products to the latest 2010 versions. These new products include Forefront Protection 2010 for Exchange Server, which shipped in November, and Forefront Threat Management Gateway (TMG) 2010 and Forefront Unified Access Gateway (UAG) 2010, which shipped in December.
In the first half of 2010, Microsoft will add Forefront Protection 2010 for SharePoint and Forefront Identity Manager 2010. Here's what you need to know about Microsoft Forefront 2010.
Forefront Protection 2010 for Exchange Server
As with previous versions of Forefront Security, Forefront 2010 Protection 2010 for Exchange Server provides multi-engine protection against malware like viruses, worms, spyware and spam. The difference this time around is performance: In previous Forefront versions, enabling too many anti-malware engines could bog down the server, and administrators were often forced to micromanage the server by proactively enabling different engines that they felt met their needs.
In Forefront Protection 2010 for Exchange Server, the server automatically picks the most effective anti-malware engine for the content in question. It does so based on three different algorithms that examine the size of each message instead of treating each message as a blob as in the past.
This way, admins can safely enable multiple engines and be sure that Forefront will use only the appropriate engines intelligently. For scripting gurus, Forefront Protection 2010 for Exchange Server also picks up full Windows PowerShell compatibility, so you can easily query and control the server from a command line or scripts.
Forefront Threat Management Gateway 2010
Microsoft Forefront Threat Management Gateway (TMG) 2010 is the company's premier endpoint security solution, protecting against viruses, malware, information loss, data theft, and other electronic attacks as well as against emerging threats. TMG 2010 builds on ISA Server 2006. But it provides new capabilities around web security, URL filtering, web antivirus and malware inspection, and even HTTPS inspection (where ISA could inspect only HTTP).
HTTPS inspection requires TMG 2010 to act as a certificate authority, decrypting HTTPS traffic, inspecting the contents, re-encrypting it, then passing it along. Microsoft says that there's enough latency in HTTPS traffic already that the addition of TMG 2010 is unnoticeable. (HTTPS causes a five to 10 percent performance hit over HTTP regardless.) TMG 2010 also provides a simplified management console with a rules- or scenario-based UI and wizards.
Forefront Unified Access Gateway 2010
Forefront Unified Access Gateway (UAG) 2010 (formerly Intelligent Application Gateway) provides secure remote access services for managed and unmanaged PCs and mobile devices. It's typically implemented as an appliance or server that sits in a network DMZ and publishes access to back-end resources such as files, for employees on the go, partners, and even customers.
Access occurs via web browser. UAG queries devices that are attempting to connect to the network and supplies a verdict about the system's health. For managed PCs, this can be quite granular, but even unmanaged systems—including web kiosks—can be granted different levels of policy-based access.
For example, if a user at a public web kiosk tries to access the corporate web mail or SharePoint site, you can choose to allow that access, but not allow the sending of attachments. These policies don't just apply to Microsoft servers, either: The company provides built-in policies for several known business solutions, including PeopleSoft and Oracle, and of course you can build your own.
UAG also integrates with new remote access solutions such as DirectAccess, which is part of Windows Server 2008 R2. But it also works with non-Server 2008 R2 servers as well as non-Windows 7 clients, the latter of which might be using some kind of VPN. This includes PCs running Windows XP or Windows Vista as well as PDAs and smart phones based on Windows Mobile.
Microsoft's Forefront family has always provided capable, end-to-end security solutions for enterprises.
With the 2010 editions of these products, Microsoft is taking a more holistic approach to security and anticipating the day-to-day scenarios that will become common as more employees work remotely and as companies seek ways in which to open up parts of their infrastructure to outside partners and customers. Other companies may offer compelling individual solutions, but none match the integrated functionality of Forefront.