By virtue of being a domain member, the TMG firewall participates natively in domain communication, providing the ability to enforce strong user and group-based authentication and to authenticate users in a seamless and transparent manner using secure protocols such as NTLM and Kerberos. The TMG firewall is still the only Windows-based edge security and remote access solution available. Even today, no solution provides the high level of protection and ease of configuration that TMG does. Historically, TMG and its predecessors were the solution of choice to provide critical network protection, aggregate Internet connectivity, and provide secure remote access to networks and applications such as Exchange Outlook Web App (OWA), SharePoint, and many others. One of the hallmarks of the TMG solution is its tight integration with Microsoft-based network infrastructures and workloads. Over the years there has been a lot of innovation for the product, with features being introduced that even today have yet to be replicated by any competitor. Although initially a dedicated web proxy, the release of Microsoft Internet Security and Acceleration (ISA) Server in 2000 was the first to include firewall and VPN services. TMG’s roots extend all the way back to Microsoft Proxy Server 1.0, first released in 1997. It can be deployed in all of these roles, or any subset of them to provide essential protection for both inbound and outbound network communication from a variety of clients.
Microsoft Forefront Threat Management Gateway (TMG) 2010 is an integrated edge security solution that can serve as a firewall, forward and reverse proxy server, web content cache, and Virtual Private Network (VPN) for both client-based remote access and site-to-site.