2 Day(s)


This two-day instructor-led course provides students with the knowledge and skills to envision, design, and deploy web access, remote access and mail protection solutions using Microsoft Forefront Threat Management Gateway 2010 (TMG), enabling them to identify the requirements and make the appropriate design decisions that will come up during the deployment process, and providing hands-on experience with the products.


This course is intended for Architects, Consultants, and Technical Sales Professionals involved in designing, deploying, or operating security solutions.


  • A good understanding of Active Directory and Group Policies.
  • A good understanding of Windows TCP/IP networking.
  • Delegates will learn how to
  • Understand the new features and the value proposition for Forefront TMG.
  • Explain how Forefront TMG protects clients and servers from Web-based threats.
  • Describe how Forefront TMG enable outside systems to secure connect to internal services and applications.
  • Describe how Forefront TMG integrates with Forefront Protection 2010 for Exchange and Microsoft Exchange Server 2010 to protect an organization from mail-based threats.
  • Design an enterprise solution using Forefront TMG considering availability, scalability, operations, and migration from an existing Microsoft Internet Security and Acceleration (ISA) solution.

Course Specifics

Course Outline

Module 1: Forefront Threat Management Gateway (TMG) 2010 Overview

This module explains the new features introduced in Forefront TMG 2010, the different deployment scenarios for the product, and introduces the basic concepts used in its configuration.

  • Lessons
  • Introduction to Forefront TMG
  • Installation and Initial Setup
  • Basic Configuration Concepts
  • Lab : Installing Forefront Threat Management Gateway 2010
  • Install Forefront TMG on a Windows Server 2008 R2 server
  • Perform an initial configuration of Forefront TMG using the Getting Started wizards
  • After completing this module, students will be able to:
  • Describe a brief history of the Microsoft edge security products.
  • Explain the current threat landscape and how this drove changes in the edge security strategy.
  • List the new features in Forefront TMG and their value propositions.
  • Describe the key scenarios for Forefront TMG and how it differentiates from Microsoft IAG/UAG.
  • Describe the SKU differentiation and subscription model.
  • Explain the installation requirements and install process for Forefront TMG.
Module 2: Secure Web Gateway

This module explains the new features introduced in Forefront TMG 2010, and how they can be used to enable users to securely and safely browse the Web.

  • Lessons
  • Secure Web Gateway Overview
  • HTTPS Inspection
  • URL Filtering
  • Malware Protection
  • Intrusion Prevention
  • Lab : Secure Web Gateway
  • Create web access policies for Contoso users, including inspection of HTTPS sessions
  • Modify web access policy to include protection from malware
  • Investigate the Network Inspection System (NIS)
  • After completing this module, students will be able to:
  • Describe the threats affecting enterprise users browsing the Web.
  • Identify the key Forefront TMG features that address those threats (application proxy, granular access control, malware inspection, URL filtering, HTTPS inspection, NIS), and describe each of these features in detail.
Module 3: Remote Access Gateway

This module explains the new features introduced in Forefront TMG 2010 can be used to enable users to securely access corporate network resources from anywhere.

  • Lessons
  • Remote Access Gateway Overview
  • Non-HTTP Server Publishing
  • Web Publishing
  • Virtual Private Networking (VPN) Connectivity
  • Lab : Remote Access Gateway
  • Use Web Publishing to publish Exchange Web Services
  • After completing this module, students will be able to:
  • Understand how Forefront TMG can publish Web and non-Web services to external users.
  • Explain the security features and benefits added by Forefront TMG in each of these publishing scenarios.
  • Discuss the new Forefront TMG features for virtual private networking, such as Secure Socket Tunneling Protocol (SSTP) and Network Access Protection (NAP).
Module 4: Secure Mail Relay

This module explains how Forefront TMG 2010 and Forefront Protection 2010 for Exchange Server can work together with Microsoft Exchange Server to provide premium protection from spam and malware.

  • Lessons
  • Secure Mail Relay Overview
  • Solution Components
  • Configuring SMTP Protection
  • Lab : Secure Mail Relay
  • Install Active Directory LDS and Exchange Edge Server
  • Install Forefront Protection 2010 for Exchange Server
  • Install Forefront Threat Management Gateway
  • Configure Exchange EdgeSync
  • Define an E-mail Policy
  • After completing this module, students will be able to:
  • Describe the mail threats facing organization, and explain what the key Forefront TMG features are that address these threats.
  • Explain how Forefront TMG and Forefront Protection 2010 for Exchange Server are deployed together for premium antispam and antimalware protection.
  • Describe in detail how Forefront TMG performs spam filtering, malware filtering, and content filtering.
  • Describe the implementation process for this scenario and how the solution is configured.
Module 5: Forefront TMG 2010 Design and Deployment Considerations

This module explains the common deployment scenarios for Forefront TMG 2010, and what to consider when designing Forefront TMG 2010 solutions.

  • Lessons
  • Logical Design Considerations
  • Scalability and Availability
  • Client Configuration
  • Migration Options
  • After completing this module, students will be able to:
  • Review the network, scalability, availability and operational considerations and best practices when designing and deploying a solution based on Forefront TMG.
  • Identify the best practices when configuring clients to use Forefront TMG.
  • Describe migration procedures from ISA Server to Forefront TMG, and between the different versions of Forefront TMG.

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

Course Location Days Cost Date
2 1000 £1000 2018-07-16
2 1000 £1000 2017-11-14
2 1000 £1000 2017-10-12
2 1000 £1000 2017-10-02
2 1000 £1000 2017-09-27
2 1000 £1000 2017-08-24
2 1000 £1000 2017-08-24
2 1000 £1000 2017-08-10
2 1000 £1000 2017-07-26