Deconstructing Forefront TMG 2010 Firewall Client Operation and Communication

The Firewall Client, an optional client-side component that can be deployed with Forefront TMG 2010, is arguably the most powerful tool a security administrator can use to control network traffic destined for the public Internet in their organization. The Firewall Client provides seamless and transparent proxy services for all Winsock TCP and UDP communication. More importantly, all Firewall Client communication is authenticated, allowing TMG administrators to enforce strong user and group based access control on traffic using the Firewall Client. In this month’s article on I provide detailed information about how the Firewall Client works. I also break down how communication takes place at the network level, providing deep insight as to how the Firewall Client communicates with the TMG firewall.

Microsoft Forefront TMG 2010