Microsoft's TMG adds antimalware, SSL inspection

The beta 2 version of the company's Forefront Threat Management Gateway beta 2 is its first edge protection service to work on 64-bit servers.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Feb. 6, 2009 12:27 p.m. PT

2 min read

Microsoft made its Forefront Threat Management Gateway (TMG) beta 2 version available on Friday, adding antimalware and Secure Sockets Layer inspection but also offering an edge protection service to its latest operating-system platform.

TMG beta 2 is designed to provide a safe Web surfing environment for employees, said Bill Jensen, senior product manager for TMG, which used to be called ISA Server.

Microsoft has added built-in antimalware that detects and blocks infected files from entering the network and a network inspection service, or intrusion prevention, that blocks viruses and other malicious code based on their signature and their behavior, he said.

TMG Beta 2 also allows corporations to monitor SSL traffic. It decrypts the traffic, inspects it for malware, and then re-encrypts it. However, exceptions can be made on an individual basis if, for instance, an executive does not want the SSL traffic between her bank Web site and the office network to be inspected, according to Jensen.

In the future, TMG also will include URL filtering so administrators can block employee access to sites hosting malware and porn, and other undesirable content.

Beyond the new technology features, the big change from TMG's predecessor ISA Server is that it works on 64-bit servers, said Don Retallack, research vice president for systems management and security at Directions on Microsoft.

"ISA Server 2006 won't run on Windows Server 2008 or on 64-bit servers, so this is a migration of one of their edge protection packages to run on their most modern operating system," he said.

Targeting the 64-bit platform enabled Microsoft to really stretch the software, Jensen said.

"Security is a performance-greedy application," he said. "We made the decision to focus on the 64-bit version of Windows Server 2008 because it allows us to provide scalability up to the largest environments, allows us to provide more memory and more processors, and to do deep levels of inspection into this traffic without sacrificing performance."

General availability of the product is slated for the second half of the year. TMG also is integrated with its Stirling security suite.

Microsoft has more information on a blog post.