Operation Manual
99 Copyright © Acronis International GmbH, 2002-2014
5.4.2 Introduction
Acronis Access clients connect to the Acronis Access server running inside your firewall securely via
HTTPS and need to traverse your firewall via either VPN, HTTP reverse proxy or an open HTTPS port.
This article provides step by step instructions that enable connections by your user running the
Acronis Access desktop or mobile client from outside your network using the "reverse proxy"
functions of the Microsoft Forefront Threat Management Gateway (TMG) software, which is the
successor to ISA Server 2006.
Forefront Threat Management Gateway (TMG) is a secure web gateway that enables safe employee
web use through comprehensive protection against malware, malicious web sites and vulnerabilities.
Building on its predecessor, ISA Server 2006, TMG provides new URL filtering, anti-malware, and
intrusion-prevention technologies to protect businesses against the latest web-based threats. These
technologies are integrated with core network protection features such as firewall and VPN to create
a unified, easy-to-manage gateway.
The Forefront TMG solution includes two separately licensed components:
Forefront TMG server that provides URL filtering, antimalware inspection, intrusion prevention,
application- and network-layer firewall and HTTP/HTTPS inspection in a single solution.
Forefront TMG Web Protection Service that provides the continuous updates for malware
filtering and access to cloud-based URL filtering technologies aggregated from multiple Web
security vendors to protect against the latest Web-based threats.
In this section
Understanding Forefront Threat Management Gateway (TMG) Network Topology 99
Understanding Forefront Threat Management Gateway authentication 101
5.4.2.1 Understanding Forefront Threat Management Gateway (TMG)
Network Topology
Forefront TMG includes four different network templates, that can fit in your existing network
topology. It is important to choose the most appropriate for your organization option. After installing
TMG, the Getting Started Wizard will appear, where you need to make initial configuration to your
TMG. The first menu of the Getting Started Wizard is Configure Network Setting, where you need to
make your choice about what network template to use. See below the available options.
Edge Firewall - In this topology, Forefront TMG is located at the network edge, where it serves as
the organization’s edge firewall, and is connected to two networks: the internal network and the
external network (usually the Internet).