M50357: Implementing Forefront Threat Management Gateway 2010 Version: A Length: 2 Days Published: June 15, 2010 Language(s): English Audience(s): IT Professionals Level: 300 Technology: Microsoft Forefront Threat Management Gateway Type: Course Delivery Method: Instructor-led (classroom) About this Course This two-day instructor-led course provides students with the knowledge and skills to envision, design, and deploy web access, remote access and mail protection solutions using Microsoft Forefront Threat Management Gateway 2010 (TMG), enabling them to identify the requirements and make the appropriate design decisions that will come up during the deployment process, and providing hands-on experience with the products. Audience Profile This course is intended for Architects, Consultants, and Technical Sales Professionals involved in designing, deploying, or operating security solutions. At Course Completion After completing this course, students will be able to: oUnderstand the new features and the value proposition for Forefront TMG. oExplain how Forefront TMG protects clients and servers from Web-based threats. oDescribe how Forefront TMG enable outside systems to secure connect to internal services and applications. oDescribe how Forefront TMG integrates with Forefront Protection 2010 for Exchange and Microsoft Exchange Server 2010 to protect an organization from mail-based threats. oDesign an enterprise solution using Forefront TMG considering availability, scalability, operations, and migration from an existing Microsoft Internet Security and Acceleration (ISA) solution. Before attending this course, students must have: oA good understanding of Active Directory and Group Policies. oA good understanding of Windows TCP/IP networking. Course Outline Module 1: Forefront Threat Management Gateway (TMG) 2010 Overview This module explains the new features introduced in Forefront TMG 2010, the different deployment scenarios for the product, and introduces the basic concepts used in its configuration. Lessons oIntroduction to Forefront TMG oInstallation and Initial Setup oBasic Configuration Concepts Lab : Installing Forefront Threat Management Gateway 2010 oInstall Forefront TMG on a Windows Server 2008 R2 server oPerform an initial configuration of Forefront TMG using the Getting Started wizards After completing this module, students will be able to: oDescribe a brief history of the Microsoft edge security products. oExplain the current threat landscape and how this drove changes in the edge security strategy. oList the new features in Forefront TMG and their value propositions. oDescribe the key scenarios for Forefront TMG and how it differentiates from Microsoft IAG/UAG. oDescribe the SKU differentiation and subscription model. oExplain the installation requirements and install process for Forefront TMG. Module 2: Secure Web Gateway This module explains the new features introduced in Forefront TMG 2010, and how they can be used to enable users to securely and safely browse the Web. Lessons oSecure Web Gateway Overview oHTTPS Inspection oURL Filtering oMalware Protection oIntrusion Prevention Lab : Secure Web Gateway oCreate web access policies for Contoso users, including inspection of HTTPS sessions oModify web access policy to include protection from malware oInvestigate the Network Inspection System (NIS) After completing this module, students will be able to: oDescribe the threats affecting enterprise users browsing the Web. oIdentify the key Forefront TMG features that address those threats (application proxy, granular access control, malware inspection, URL filtering, HTTPS inspection, NIS), and describe each of these features in detail. Module 3: Remote Access Gateway This module explains the new features introduced in Forefront TMG 2010 can be used to enable users to securely access corporate network resources from anywhere. Lessons oRemote Access Gateway Overview oNon-HTTP Server Publishing oWeb Publishing oVirtual Private Networking (VPN) Connectivity Lab : Remote Access Gateway oUse Web Publishing to publish Exchange Web Services After completing this module, students will be able to: oUnderstand how Forefront TMG can publish Web and non-Web services to external users. oExplain the security features and benefits added by Forefront TMG in each of these publishing scenarios. oDiscuss the new Forefront TMG features for virtual private networking, such as Secure Socket Tunneling Protocol (SSTP) and Network Access Protection (NAP). Module 4: Secure Mail Relay This module explains how Forefront TMG 2010 and Forefront Protection 2010 for Exchange Server can work together with Microsoft Exchange Server to provide premium protection from spam and malware. Lessons oSecure Mail Relay Overview oSolution Components oConfiguring SMTP Protection Lab : Secure Mail Relay oInstall Active Directory LDS and Exchange Edge Server oInstall Forefront Protection 2010 for Exchange Server oInstall Forefront Threat Management Gateway oConfigure Exchange EdgeSync oDefine an E-mail Policy After completing this module, students will be able to: oDescribe the mail threats facing organization, and explain what the key Forefront TMG features are that address these threats. oExplain how Forefront TMG and Forefront Protection 2010 for Exchange Server are deployed together for premium antispam and antimalware protection. oDescribe in detail how Forefront TMG performs spam filtering, malware filtering, and content filtering. oDescribe the implementation process for this scenario and how the solution is configured. Module 5: Forefront TMG 2010 Design and Deployment Considerations This module explains the common deployment scenarios for Forefront TMG 2010, and what to consider when designing Forefront TMG 2010 solutions. Lessons oLogical Design Considerations oScalability and Availability oClient Configuration oMigration Options After completing this module, students will be able to: oReview the network, scalability, availability and operational considerations and best practices when designing and deploying a solution based on Forefront TMG. oIdentify the best practices when configuring clients to use Forefront TMG. oDescribe migration procedures from ISA Server to Forefront TMG, and between the different versions of Forefront TMG.