Microsoft released two new security solutions, Forefront Threat Management Gateway 2010 (TMG) and Forefront United Access Gateway 2010 (UAG), on Dec. 3.
TMG intends to give IT administrators the ability to granularly control which sites their employees can access, ostensibly to counter threats such as phishing. Microsoft’s Forefront Team Blog quotes a Microsoft Security Intelligence Report indicating that social networking sites “accounted for 76 percent of all phishing impressions,” which surely would be the only reason that an employer would want to block its staff from accessing Facebook.
To that end, TMG leverages URL filtering, anti-malware and intrusion-prevention technologies to construct a secure Web gateway. Once integrated with firewalls and Virtual Private Networks (VPNs), these TMG features can be applied contextually, allowing IT administrators to apply tighter or looser controls to various groups as the situation demands.
“This allow users to build policies that, say, don’t let certain employees access certain sites,” Joe Licari, director of product management for the Identity and Security Business Group at Microsoft, told eWEEK in an interview on Dec. 3, “while allowing other employees to access those same sites, if they need to.”
Part of Microsoft’s goal with the TMG and UAG releases, Licari suggested, was to bring disparate security applications within the borders of a unified solution.
“Security is a fragmented industry;” Licari said, with a multitude of companies offering a dizzying array of pinpoint solutions. Microsoft, he added, has decided to “pull its engineering teams together” to help consolidate all that security functionality currently drifting around the ecosystem.
UAG has been designed to give companies’ remotely-working employees and contractors the ability to access IT resources in a secure manner. The successor to Microsoft’s Intelligent Application Gateway, UAG “enables remote access via managed and unmanaged PCs and mobile devices,” and supports connectivity options ranging from SSL VPN tunnels and Web publishing.
In theory, UAG will also make it easier for IT administrators to deploy and scale Microsoft’s DirectAccess, which establishes bi-directional connectivity with employees’ enterprise networks.
TMG is available now, while UAG will release to manufacturing in mid-December, with general availability afterwards.
Microsoft’s next Patch Tuesday update will include the release of six security bulletins, including one that covers the zero-day vulnerability affecting Internet Explorer 6 and 7.