Upload
bo-su
View
575
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Implementing Forefront Threat Management Gateway 2010 Course Introduction
IntroductionNameCompany affiliationTitle/functionJob responsibilityPrevious experience with Microsoft ISA ServerExpectations
FacilitiesClass hoursBuilding hoursParkingRestroomsMealsPhonesMessagesSmokingRecycling
About This CourseDescriptionLearning objectivesAudiencePrerequisites
Course DescriptionPrepares you to create security solutions based on Microsoft Forefront Threat Management Gateway 2010 (TMG)Covers the following usage scenarios:
Secure Web GatewayRemote Access GatewaySecure Mail Relay
Organized in 5 modulesDelivered in 16 hoursInstructor-led with 4 hands-on labs
Course ObjectivesThis course will enable you to:
Understand the new features and the value proposition for Forefront TMGExplain how Forefront TMG protects clients and servers from Web-based threatsDescribe how Forefront TMG enable outside systems to secure connect to internal services and applicationsDescribe how Forefront TMG integrates with Microsoft® Forefront™ Protection 2010 for Exchange Server and Microsoft® Exchange Server 2010 to protect an organization from mail-based threatsDesign an enterprise solution using Forefront TMG, considering availability, scalability, operations, and migration from an existing Microsoft® Internet Security and Acceleration Server (ISA) solution
Target AudienceSolution specialists and technical sales professionals with a focus on selling security solutionsArchitects and consultants involved in designing and deploying solutions based on Forefront TMGTechnical account managers and premier field engineers who want to acquire in-depth knowledge of the design and deployment of Forefront TMG solutions
PrerequisitesWorking knowledge of Active Directory® and Group Policy
No specific Windows Server® 2008 R2 knowledge is required
Good understanding of Windows® networking
Course Outline – Day 1Schedule Module or Activity Goals
9 :00 to 11:00 AM
Module 1: Forefront Threat Management Gateway 2010 Overview
Describe a brief history of the Microsoft edge security products.
Explain the current threat landscape and how this drove changes in the edge security strategy.
List the new features in Forefront TMG and their value propositions.
Describe the key scenarios for Forefront TMG and how it differentiates from Microsoft® IAG/UAG.
Describe the SKU differentiation and subscription model. Explain the installation requirements and install process for
Forefront TMG.11 :00 AM to noon
Lab 1: Installing Threat Management Gateway 2010
Install Forefront TMG to provide web and e-mail access between Contoso and the Internet.
Perform an initial configuration of Forefront TMG using the Getting Started wizards.
Noon to 1:00 PM
Lunch
1:00 to 3:00 PM
Module 1: Secure Web Gateway
Describe the threats affecting enterprise users browsing the Web.
Identify the key Forefront TMG features that address those threats (application proxy, granular access control, malware inspection, URL filtering, HTTPS inspection, NIS), and describe each of these features in detail.
3:00 to 5:00 PM
Lab 2: Configure Secure Web Gateway
Create web access policies for Contoso users, including inspection of HTTPS sessions.
Modify web access policy to include protection from malware.
Investigate the Network Inspection System (NIS).
Schedule Module or Activity
Goals
9:00 to 11:00 AM
Module 3: Remote Access Gateway
Understand how Forefront TMG can publish Web and non-Web services to external users.
Explain the security features and benefits added by Forefront TMG in each of these publishing scenarios.
Discuss the new Forefront TMG features for virtual private networking, such as Secure Socket Tunneling Protocol (SSTP) and Network Access Protection (NAP).
11:00 AM to Noon
Lab 3: Remote Access Gateway
Use Web Publishing to publish Exchange Web Services
Noon to 1 :00 PM
Lunch
1:00 to 2:00 PM
Module 4: Secure Mail Relay
Describe the mail threats facing organization, and explain what the key Forefront TMG features are that address these threats.
Explain how Forefront TMG and Forefront Protection 2010 for Exchange Server are deployed together for premium antispam and antimalware protection.
Describe in detail how Forefront TMG performs spam filtering, malware filtering, and content filtering.
Describe the implementation process for this scenario and how the solution is configured.
2:00 to 3:00 PM
Lab 4: Secure Mail Relay
Configure the Exchange Edge Transport role and Forefront Protection 2010 for Exchange Server on the Forefront TMG server to protect Internet e-mail.
Explore antispam and antimalware protection of Internet e-mail.3:00 to 4:00 PM
Module 5: Forefront TMG Design and Deployment Considerations
Review the network, scalability, availability and operational considerations and best practices when designing and deploying a solution based on Forefront TMG.
Identify the best practices when configuring clients to use Forefront TMG.
Describe migration procedures from ISA Server to Forefront TMG, and between the different versions of Forefront TMG.
Course Outline – Day 2
Classroom SetupEach student has their own virtualized lab environmentVirtual machines:
External Web serverFirewallDomain controllerMail serverCollaboration serverWindows clientForefront Protection Management server
8GB Systemw/ Microsoft Hyper-V
Questions
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Forefront, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.