Contents tagged with ForeFront

  • Forefront Unified Access Gateway (UAG) Service Pack 2

    Posted by sumeethevans on August 8 2012, 3:11 PM. Posted in ForeFront.

    Forefront Unified Access Gateway (UAG) Service Pack Two (SP2) provides a number of new features, including support for more devices; AD FS 2.0 multi-namespace support; integration of Unified Access Gateway SP1 Update1 and Security Update for Unified Access Gateway 2010 Service Pack 1 Update 1.

    Here is a quick list of changes in SP2.
    • Improved SharePoint 2010 support
      Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
    • Improved Active Directory Federation Services (AD FS) 2.0 support
      You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.

      • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is and the FQDN of the second trunk is Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG.
      • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices.
      • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
    • Added client devices
      Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:

      • Windows Phone 7.5
      • iOS 5.x on iPad and iPhone
      • Android 4.x on tablets and phones
    • Updated support for UAG’s endpoint detection capabilities
    • Fixes included in UAG SP2
  • FEP, MSE and FCS - and Windows 7 SP1

    Posted by sumeethevans on March 9 2011, 12:57 AM. Posted in ForeFront.

    Did you know that Windows 7 SP1 is available for download? Windows 7 SP1 brings some great features to the platform, and everyone's pretty excited about it.

    We want to make absolutely clear that Windows 7 SP1 is supported by the following endpoint security products:

    If in doubt about what you have installed, view your version number, on the Help menu, click About. If your version is reported in the range of 2.0.1677 to 2.0.2530, then you should install one of the above, according to your organizational needs.

  • Forefront TMG Update 1 Rollup 3 is now Available

    Posted by sumeethevans on February 26 2011, 11:51 PM. Posted in ForeFront.

    The Update 1 Rollup 3 for Microsoft TMG 2010 is now available for you.

    As you can see there are a lot of fixes in this rollup, I particularly worked in many issues involving 2501650 and 2502686 while the hotfixes were not even ready. Due the nature of those issues I strong recommend you to download this update and plan the installation on your Forefront TMG. To install this update, you must have TMG 2010 SP1 and Update 1 already installed.

    Go get it at

    Download At Source


  • Problems when installing Exchange 2010 Service Pack 1 on a TMG configured for Mail protection

    Posted by sumeethevans on September 2 2010, 8:32 PM. Posted in Exchange, ISA, ForeFront.

    TMG can be configured in a Mail protection role. In such configurations Forefront Protection for Exchange and Exchange Server (edge transport role) are installed on the same machine as TMG.

    We have identified problems when installing Microsoft Exchange Server 2010 Service Pack 1 (SP1) that was released last week on such deployments.

    Root cause SP1 made some changes to the SDK including removing some of the existing cmdlets (see more information here).

    When Email protection is configured on TMG and Spam Filtering functionality is enabled, TMG uses one of the cmdlets that has been removed (get-antispamupdates) in SP1. As a result, Microsoft Forefront TMG Managed Control service fails to start and the event viewer will contain a message that the service terminated with the following error : %%-2146233088 : What we are doing to address this problem

    The TMG team is fully committed to addressing this problem and is working on a fix which will be publically available soon. We recommend refraining from installing Exchange 2010 SP1 on TMG machines until the fix is available. We will publish another blog post when the fix becomes available.

    If you are already affected by this problem and need urgent assistance, please contact Microsoft support (

    Source: ISABLOG

  • Forefront TMG 2010 documentation now available on TechNet

    Posted by RayC on December 29 2009, 10:29 PM. Posted in Security, ISA, ForeFront.

    Forefront TMG 2010 TechNet documentation is now live with Forefront TMG Release to Web content. This release of the documentation culminates a customer- and solutions-focused effort undertaken by the Forefront TMG User Assistance team since the release of ISA Server 2006, resulting in a new content structure, new content, and the streamlining of previously-available content.

    New structure

    The new content structure focuses on Forefront TMG’s core value to your business: protecting IT environments from Internet-based threats, while providing both internal and remote users fast and secure access to the Internet and to internal applications and data. The Planning and Design, Deployment, and Operations guides are synched to guide the Forefront TMG administrator through system deployment in various topologies, enabling access through Forefront TMG, and setting up the protection of organizational resources from Internet-based threats.

    More information at source

  • Microsoft ForeFront Threat Management Gateway is RTM

    Posted by bink on November 12 2009, 5:06 PM. Posted in ISA, ForeFront.

    Eric Denekamp is at TechED 2009 Berlin and he just tweeted that Microsoft ForeFront Threat Management Gateway is RTM!

    Finally over 3 years after ISA 2006 release, finally 64 bits support.

    The TMG blog doesn’t mention anything yet and don’t bother to check Technet either.

    Will post more info when I have it.

  • Forefront(TM) Identity Manager 2010 RC1 Demo Virtual Hard Disk Image

    Posted by bink on November 10 2009, 3:04 PM. Posted in ForeFront.

    This package contains a Hyper-V-based demo of Microsoft® Forefront (TM) Identity Manager (FIM) 2010 RC1 (formerly code-named ILM "2").

    This download consists of a Hyper-V-based virtual hard disk image that contains a pre-installed demonstration version of Microsoft® Forefront (TM) Identity Manager (FIM) 2010 RC1. The image includes all components needed to experience the full integration of FIM 2010 with Active Directory, Microsoft Exchange Server 2007 and Microsoft Outlook 2007. The image uses evaluation software and will only continue to work as expected until March, 2010.

    Download details FIM 2010 RC1 Demo Hyper-V VHD

  • Schedule and Strategy Update for Forefront Endpoint Protection

    Posted by sumeethevans on October 12 2009, 10:17 PM. Posted in ForeFront.

    Today we are announcing a schedule and strategy update for Forefront Endpoint Protection 2010, a component of the upcoming Forefront Protection Suite (previously codenamed “Stirling.”)

    We are delaying the release Forefront Endpoint Protection 2010 - anti-malware for Windows desktops and servers - until the second half of 2010. Based on customer feedback and market trends, we have made the strategic decision to build Forefront Endpoint Protection (FEP) on System Center Configuration Manager, Microsoft’s solution to comprehensively assess, deploy, and update servers, clients, and devices. This approach better aligns our customers’ client management and security infrastructure, helping simplify deployment and reduce costs.

    We are on track to release all other Forefront products on schedule, as part of our Business Ready Security strategy:

    o Fourth quarter 2009: Forefront Protection 2010 for Exchange Server, Forefront Online Protection for Exchange, Forefront Threat Management Gateway 2010 and Forefront Unified Access Gateway 2010

    o First half 2010: Forefront Protection 2010 for SharePoint, Forefront Identity Manager 2010.

    Continue at Forefront Team Blog

  • Forefront Threat Management Gateway 2010 Release Candidate

    Posted by bink on October 12 2009, 4:20 AM. Posted in ISA, ForeFront.

    Forefront Threat Management Gateway 2010 allows employees to safely and productively use the Internet without worrying about malware and other threats. Forefront Threat Management Gateway 2010 is available for download in both Standard Edition and Enterprise Edition.
    It provides multiple protection capabilities including URL filtering*, antimalware inspection*, intrusion prevention, application- and network-layer firewall, and HTTP/HTTPS inspection – that are integrated into a unified, easy to manage gateway, reducing the cost and complexity of Web security 
    *Requires Forefront Threat Management Gateway Web Protection Service. 
    Register and Download At Source
  • Forefront Identity Manager 2010 Release Candidate 1

    Posted by bink on October 2 2009, 4:45 AM. Posted in ForeFront.

    This download contains the Microsoft® Forefront™ Identity Manager (FIM) 2010 RC1 client and server components, Group Policy templates and language packages. FIM 2010 offers a comprehensive solution for managing identities, credentials, and identity-based access policies across heterogeneous environments. Users can create their own security and email distribution groups and decide who to include in those groups. They can reset their passwords without calling their help desk. IT Pros can use FIM to manage certificates and smart cards. FIM embeds self-help tools in Outlook so users can manage routine aspects of identity and access. FIM also gives IT professionals rich administrative tools and enhanced automation, and delivers .NET and Web Services–based extensibility for developers.
     Download At Source