Configure Forefront TMG 2010 to receive definition update from Windows server update services (WSUS)

Forefront TMG maintains the definitions of known viruses, worms, and other malware. To keep these important definitions up to date, Forefront TMG has built in a centralized mechanism called the Update Centre that allows the administrator to configure the update frequency as well as the automatic update action. The Update Centre can be accessed from the Forefront TMG console.

The following features in TMG rely on signature updates:

clip_image001 Network Inspection System (NIS) Microsoft Update delivers signatures and protocols that help protect the network.

clip_image001[1] Malware Inspection Microsoft Update delivers Microsoft Antivirus definitions to filter virus-infected files that can be downloaded by the users from the Internet.

clip_image001[2] Exchange (Anti Spam) Microsoft Update delivers Anti Spam signatures to the

clip_image001[3] Exchange Anti Spam agent.

clip_image001[4] Forefront Security for Exchange (FSE) Recipient Update Services deliver definitions to multiple antivirus engines used in FSE.

clip_image001[5] URL Filtering Updates Microsoft Updates delivers new URL Filtering categories to filter out unwanted sites.

Configuring Windows Server Update Services (WSUS), follow the steps:

1. Log on to WSUS server.

2. Open WSUS Console. In the left hand pan Click Options.

3. Click on Products and Classifications, Products and Classification Window will appear

4. On the Products Tab, scroll down to Forefront. Check Forefront Threat Management Gateway Definition update for HTTP malware Inspection, check Forefront TMG MBE and Forefront TMG definition update for Network Inspection system.

5. Click on Apply and Ok. Close WSUS Console.

To configure Update Centre in Forefront TMG 2010, follow these steps:

1. In the left pane of the TMG management console, click Update Centre.
2. In the right pane, under Tasks, click Configure Settings

3. The Update Centre Properties setting appears, with the Definition Updates tab selected

4. Highlight Malware Inspection and click Configure Selected.
5. The Definition Update Configuration settings appear

6. The default automatic update action is Check For And Install Updates. The other two options available are Only Check For Updates and No Automatic Action. For this example we will leave this at its default and recommended setting.

7. The Automatic polling frequency is set to 15 minutes by default. This is the time
interval in which TMG will poll for new definition updates. This can be increased up to 4 hours.

8. You can also set an alert to be triggered in case no new updates are installed within
a certain number of days. The default value for that is set to 5 days.
9. Click OK to return to the Definition Updates tab under Update Centre Properties
10. Highlight Network Inspection Service (NIS) and click Configure Selected. Again the Definition Update Configuration settings for NIS appears, which is the same as what we saw for Malware Inspection except for the number of days to trigger an alert (45 days for NIS).
11. Click OK to return to the Definition Updates tab under Update Centre Properties
12. Click the Microsoft Update tab

13. TMG uses Microsoft Update services to deliver malware updates to TMG. For TMG to receive these updates make sure that the option Use The Microsoft Update Service To Check For Updates is selected.
14. Click Microsoft Update Service to configure the policy configuration for protection mechanism definition updates

15. The option selected by default is Use Machine Default Service But Fallback To Microsoft Update. Here, check use Windows Server Update Services (WSUS).

16. Click Apply and OK to return to the TMG console.

Relevant Articles

Forefront TMG 2010: Publishing Exchange server 2010

Forefront TMG 2010: How to install and configure Forefront TMG 2010 —-Step by step

Forefront TMG 2010: Publish Outlook Web Access and Exchange Servers using Forefront TMG 2010

Beer mugAdd to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

About Raihan Al-Beruni

My Name is Raihan Al-Beruni. I am working as an Infrastructure Architect in Data Center Technologies in Perth, Western Australia. I have been working on Microsoft technologies for more than 15 years. Other than Microsoft technologies I also work on Citrix validated solution and VMware data center virtualization technologies. I have a Masters degree in E-Commerce. I am certified in Microsoft, VMware, ITIL and EMC. My core focus is on cloud technologies. In my blog I share my knowledge and experience to enrich information technology community as a whole. I hope my contribution through this blog will help someone who wants more information on data center technologies.
This entry was posted in Windows Server and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s