![]() ![]() ![]() ![]() |
|||||
|
|||||
¼Ó¥D ÅUªZ¶¯ ![]()
![]() |
§@ªÌ¡GÅUªZ¶¯¡A Microsoft MVP¡BMCITP»PMCTS»{ÃÒ±M®a¡B¥xÆW·L³nTechnet¡BTechEd¡BTechDay¡BWebcast¡BMVA¯S¬ù¸ê²`ÅU°ÝÁ¿®v¡C ¤Þ¨¥¡GMicrosoft³Ì·s±À¥Xªº¥þ·sForefront Threat Management Gateway¡]²ºÙTMG¡^¡A¥¦ªº«e¨´N¬O³\¦hºôºÞ¤Hû©Ò¼ô±xªºISA Server 2006¡]Internet Security and Acceleration¡^¡A¥Dn¾ã¦X¤FÀ³¥Î¼h»Pºô¸ô¼hªº¨¾¤õÀð§Þ³N¡A¥Î¥H«OÅ@¥ø·~û¤u¤Wºôªº¦w¥þ¡A´£¨Ñ¤F³\¦h¹³¬O´c·Nµ{¦¡ªº°»´ú»P«ÊÂê¡BE-mail¦w¥þ¨¾Å@¡Bºô§}¿z¿ï¾¹¡BWeb Proxy¥H¤Îºô¯¸§Ö¨úµ¥¥\¯à¡C ¥´±qMicrosoft ISA Server 2000ªº±À¥X¡Aµ§ªÌ«K¤w¥Xª©¤F²Ä¤@ª©¥»¹q¸£®ÑÄy¡A¤@ª½¨ì«e¤@ª©³\¦h¥ø·~¦b¨Ï¥ÎªºISA Server 2006¡C¦Ü©óªñ´Á³Ì·s±À¥Xªº¥þ·s§ïª©Forefront Threat Management Gateway¡]TMG¡^¡A¨Æ¹ê¤Wµ§ªÌ¦¦b¥h¦~´N¤w¸g¶}©lª`·N¥¦ªº°Ê¦V¡A¦Ó¦b°ê¥~ªº³\¦hBlog¤]¤w¸g¦³³\¦hIT¥ý¶i¦b¯É¯É°Q½×¤F¡C ¬Û¸û©óISA Server 2006¡ATMG¥Dn´£¨Ñ¤F¥|¤j·sªº¯S¦â¤À§O¤¶²Ð¦p¤U¡G ƒÞ ¦w¥þªººô¯¸¹h¹D¡GTMGÂǥѾã¦Xºô¯¸ªº¨¾¬r¥H¤ÎURL¿z¿ï¾¹¡A¥i¥HÅý¥ø·~¤º³¡ªºû¤u¦bÂsÄýºô»Úºô¸ôªº¹Lµ{¤¤¡A¥þ±¦Û°Ê°»´ú»P¨¾Å@¥i¯à¾D¨ü¨Ó¦Û´c·Nºô¯¸ªº§ðÀ»¡A¦]¬°¦b³o¤@¶µ¦w¥þ¾÷¨î¤¤TMG·|³z¹L©w´Áªº©w¸qÀɧó·s¥\¯à¡AÃѧO¥ô¦ó³Ì·sªººô¯¸´c·Nµ{¦¡¥H¤Îºô¯¸¶Â¦W³æ¨Ã¥B¥[¥H«ÊÂê¡C¦Ó¹ï©ó¥HHTTPS³s½uªººô¯¸TMG¤]·|¥[¥HÀˬd¨ä¬y¶q»Pºô¯¸¾ÌÃÒ¡C ƒÞ §ïµ½ªºÀ³¥Î¼h¨¾Å@¡G¦bTMG¤¤·s¼W¤F¤@¶µºô¸ôÀˬd¨t²Î¡]NIS¡ANetwork Inspection System¡^¡A³o¤@¶µ¦w¥þ±¹¬I¥i¥H¹ï©ó¥ô¦ó³Ì·s³Qµo²{¦³Ãö©óMicrosoft²£«~©Î³q°T¨ó©wªº¦w¥þº|¬}°ÝÃD¶i¦æ¦³®Ä«OÅ@±¹¬I¡AÅý³o¤@¨Ç°ÝÃD¦b§¹¦¨×¸É¤§«e¡A¤£·|»´©ö¾D¨ü¨ì§ðÀ»¦Ó²_³´¡C ƒÞ §ïµ½³s½uºÞ²z¡GTMG¼W±j¤F¦bNATºô¸ô¬[ºc¤Uªº¤ä´©¡A¥¦¯à°÷³]©wE-mail¦øªA¾¹¦b1¹ï1ªºNAT°ò¦¤U¡C¥t¥~¡ATMG¤]¤w¸g¯à°÷ÃѧOSIPªººô¸ô¬y¶q¡A¨Ã¥B´£¨Ñ¬Û¹ïÀ³ªº³]©w¤èªkÅý¥¦¥i¥H¶i¦æ¬ï¶V¨¾¤õÀ𪺳s½u¡C ƒÞ ²¤ÆºÞ²z¡G´£¨Ñ¤F§ó¦h²©öªººëÆF³]©w¤u¨ã¡AÅýIT¤Hû¶Èn³z¹L²³æªº´XÓ¨BÆJ¡A´N¥i¥H»´ÃP¬[³]¦n²Å¦X¥ø·~¸ê¦w»Ý¨Dªº¹h¹D¦w¥þ¨t²Î¡C ¦Ó¦bTMGªº°ò¦¬[ºc³]p³¡¥÷«h¥i¥H°Ñ¦Ò¦p¹Ï1©Ò¥Üªº©x¤è²³ø¡C¦b¦¹§ÚÌ¥i¥H¥Ñ¤U©¹¤W¨Ó¬Ý³o±i¹Ï¡Cº¥ý¥¦¬O«Øºc¦bWindows Server 2008ªº§@·~¨t²Î¡]¥²¶·¬O64¦ì¤¸¡^¤W¡A¨ÓÀò±o¤ñ¥H©¹©Ò¦³ISA Serverª©¥»§ó¦hªºµwÅé¸ê·½¡]CPU¡BRAM¡BÀx¦sªÅ¶¡¡^¡C ±µµÛ¬O¦bTMG¤¤³Ì«nªº¨â¶µ·s¦w¥þ¨¾Å@¾ã¦X¾÷¨î¡A¤@Ó¬O¦s¨úºô¯¸ªº¨¾Å@¥\¯à¡A¥t¤@Ó«h¬O¾ã¦XExchange Server 2007©ÎExchange Server 2010ªº¶l¥ó°T®§¨¾Å@¾÷¨î¡C¨ä¤¤«eªÌ¬O±z¤@©w·|¨Ï¥Î¨ìªº·s¦w¥þ¥\¯à¡A¦]¬°¥¦¦³¨â¶µ·¥¬°«nªº«OÅ@±¹¬I¡A¤À§O¬O·í¥ø·~û¤u³s½uInternetºô¯¸®Éªº¯f¬r°»´ú¡A¥H¤Îºô¯¸¶Â¦W³æªº¸ê®Æ®w¤ñ¹ï»P«ÊÂê¾÷¨î¡A¦Ó³o¨â¶µ¥þ·sªº«OÅ@±¹¬I¡A¥i¥HÅýIT¤Hû¼u©Êªº¿ï¾Ü°t¸m¦b©Ò»Ýnªº¨¾¤õÀð³W«h¶µ¥Ø³]©w¤W¡C²¦³ºµL½×¦p¦ó¨¬°ITªº§Ú̳£«D±`²M·¡ª¾¹D¦b³o¦M¾÷¥|¥ñªºInternet»PIntranet³s±µ¤¤¡A³\¦hªº¸ê¦wº×·½³£¬O¨Ó¦Û¥Î¤áºÝ¨Ï¥ÎªÌ¡C °w¹ï«e±©Ò´£¨ìªººô¯¸¯f¬r¨¾¿m»Pºô§}¿z¿ï¥\¯à¡A®Ú¾Úµ§ªÌ¦bTMGªº´ú¸Õ¤¤¡A½T¹êµo²{¬O¤@¶µ¬Û·í´Îªº¦w¥þ±¹¬I¡]¥»¤å«á¥b¬q·|¦³Demo¡^¡A¥u¬O¥ý§O°ª¿³¤Ó¦¡A¦]¬°¥¦´N¦p¦PExchange Server 2007ªºForefront¨¾¬r³nÅé¤@¼Ë¡A·Qn«ùÄò«O«ù©w¸qÀÉ»P±½¬r¤ÞÀºªº§ó·s¡A´N¥²¶·¤ä¥Iq¾\ªA°Èªº¶O¥Î¡A¦Ü©óp¶Oªº¤è¦¡¥i¥H±Ä¥Î¨C¤@¦ì¨Ï¥ÎªÌ©Î¬O¨C¤@¦~ªº¤è¦¡¨Ó§¹¦¨¡C ¦Ó¦b§K¶Oq¾\ªº¶µ¥Ø³¡¥÷¡A«h¬O°w¹ï¤@¶µ¤]¬O·sªº¤J«I¨¾¿m¥\¯à¡A¥Dn¥Î³~¦b©ó¤U¸ü³Ì·sªº¨t²Î¦w¥þº|¬}©w¸qÀÉ¡A¨Ó¦Û°Ê¥[¥H«ÊÂê¥i¯à¦b¨t²Î§¹¦¨×¸É«eªº§ðÀ»¦æ¬°¡C ![]() ¹Ï1 TMG¬[ºc¾ã¦X³]p Forefront Threat Management Gateway ¤U¸üºô§}¡G http://technet.microsoft.com/zh-tw/evalcenter/ee423778.aspx ¥t¥~¦bTMG³¡¸pªºª©¥»¤W¦@¦³¤TºØª©¥»¡A¤À§O¬O¥ø·~ª©¡B¼Ð·Çª©¥H¤Î¥]§t¦bWindows Essential Business Server¤¤ªº¤¤«¬¥ø·~ª©¡]MBE¡AMedium Business Edition¡^¡A¨ä¤¤MBEªºª©¥»¥u´£¨Ñ¤F¥Dnªº´X¶µ¦w¥þºÞ²z¥\¯à¡A³o¤@¨Ç¥]¬A¤F¨¾¤õÀð¡BVPNºô¸ô«Ø¸m¡BWeb Proxy¡Bºô¯¸§Ö¨ú¡B¥H¤Îºô¯¸´c·Nµ{¦¡¨¾½d¾÷¨î¡C¦³Ãö©óTMG»PTMG MBE¥H¤ÎISA Server 2006ªº¤ñ¸û¡A¥i¥H°Ñ¦Òªí1»¡©ú§Y¥i¡C ªí1 TMG»PISA Server 2006ªº¥\¯à¤ñ¸û ![]() ³nµwÅé¨t²Î»Ý¨D ƒÞ ¡´¥²¶·±Ä¥Î64¦ì¤¸CPU¹q¸£¡B64¦ì¤¸ª©¥»ªºWindows Server 2008§@·~¨t²Î ƒÞ ¡´°O¾ÐÅ髨ij¦Ü¤Ö2GB¥H¤W ƒÞ ¡´¦Ü¤Ö2.5GB¥H¤WªºµwºÐªÅ¶¡¡A³o³¡¥÷ÁÙ¤£¥]¬AÃB¥~»Ýn¥Î¨ÓÀx¦sºô¯¸§Ö¨ú¸ê®Æ¡A¥H¤Î¥Î¨Ó¦s©ñ¦s·í¨t²Î¶i¦æ´c·Nµ{¦¡±½´y®Éªº¼È¦sÀɮסC ¦b¹w¥ý»Ýnªº³nÅ餸¥ó¦w¸Ë³¡¥÷¡A¥un¦p¹Ï2©Ò¥Ü³z¹LÂI¿ïTMG¦w¸Ë¥D¿ï³æ¤¤ªº[Run Preparation Tool]³sµ²¡A´N¥i¥H¦Û°ÊÀ°§Ú̧¹¦¨¦w¸Ë¡A³o¤@¨Ç¤¸¥ó¥]¬A¤F¥H¤U´XÓ¶µ¥Ø¡C „Ï ¡´Active Directory Lightweight Directory Services¦øªA¾¹¨¤¦â „Ï ¡´Network Policy and Access Services¦øªA¾¹¨¤¦â „Ï ¡´Message Queuing „Ï ¡´Windows PowerShell 1.0 „Ï ¡´Microsoft .Net Framework 3.5 SP1 „Ï ¡´Windows Web Services API „Ï ¡´Windows Installer 4.5 ±µµÛ¦b¹w¥ý»Ýnªº³nÅ餸¥ó¦w¸ËÃþ«¬³]©w¤¤¡A±z¥i¥H¿ï¾Ü¶È¦w¸ËTMGºÞ²z¤u¨ã¡AÁÙ¬On³s¦PTMGªA°È©Ò»Ýnªº¤¸¥ó¤@¨Ö¦w¸Ë¡C TMG§Ö³t¦w¸Ë«ü¤Þ ¦³Ãö©óForefront TMGªº¦w¸Ë¤è¦¡©M«e¤@ª©ªºISA Server´X¥G¬O¤@¼Ëªº«D±`®e©ö¡A¨Ã¥B¥¦¦b§¹¦¨¦w¸Ë¤§«á¡A´N¥i¥H¥ß§Y³z¹L¤T¶¥¬qªººëÆF¤¶±¡A²³æ¨³³tªº§¹¦¨²Å¦X¥ø·~TMG¨¾Å@»Ý¨Dªº²ÕºA°t¸m¡C±µ¤U¨Ó´NÅý§Ṳ́@¦P¨Ó¤F¸Ñ¤@¤U¾ãÓ§Ö³t³¡¸p¹Lµ{§a¡C º¥ý±z¥²¶·¦b«e±©Ò¤¶²Ð¹LªºTMG¦w¸Ë¥D¿ï³æ¤¤¡AÂI¿ï[Install Forefront TMG]³sµ²¡A°õ¦æ¤§«á¥¦¦P¼Ë·|¶i¦æ©Ò¦³¥²n¤¸¥óªºÀˬd¡AµM«á¦A¶i¤J¦w¸Ë³]©wµ{§Ç¡C ¦p¹Ï2©Ò¥Ü±µ¤U¨Ó«K¥i¥H¦b[Installation Path]¶±¤¤³]©w¦w¸Ë¸ô®|¡A±µµÛ·|¨Ó¨ì¦p¹Ï3©Ò¥Üªº[Internal Network]¶±¡A±z¥²¶·ÂI¿ï[Change]«ö¶s¨Ó³]©w¶i¤J³]©w¤º³¡ºô¸ô°Ï¬qªº¶±¡C ![]() ¹Ï2 ¦w¸Ë¸ô®|³]©w ![]() ¹Ï3 ³]©w¤º³¡ºô¬q ¦b¦¹µ§ªÌ¥H¿ï¨ú¦p¹Ï4©Ò¥ÜTMG¥»¾÷ºô¸ô¥dªº¤è¦¡¨Ó§Ö³t§¹¦¨³]©w¡A¿ï¨ú¤§«á¦b¤U¤è«K¥i¥H¸Óºô¸ô¥dªº¬ÛÃö¦ì§}¸ê°T¡C ![]() ¹Ï4 ¬D¿ï¤º³¡ºô¸ô¥d ±µ¤U¨Ó¦b¾ãÓ¦w¸Ë¶i¦æªº¹Lµ{·í¤¤¡A±N·|¦Û°Ê«·s±Ò°Ê¬ÛÃöºô¸ôªºªA°È¡A³o¥]¬A¤FSNMP Service¡BIIS Admin Service¡BWorld Wide Web Publishing Service¡BMicrosoft Operations Manager Service¡C³Ì«á·|¶}©l¶i¦æSQL Server 2008 Expressªº¦w¸Ë¡A³o¤@¶µ¦w¸Ë¥Dn¥Î¨ÓÀx¦sTMGªº°O¿ýÀɸê°T¡C §¹¦¨TMG¥Dµ{¦¡»PºÞ²z¤u¨ãªº¦w¸Ë¤§«á¡A±µ¤U¨Ó±N·|¶}±Ò¦p¹Ï5©Ò¥Üªº[Getting Started Wizard]¶±¡A§ÚÌ¥un¨Ì§Ç§¹¦¨³o¤T¶µªººëÆF²ÕºA³]©w¡A´N¥i¥HÅýTMG¦øªA¾¹¶}©l¶i¦æ°ò¥»ªº¹B§@¡Cº¥ý½ÐÂI¿ï[Configure network settings]³sµ²Ä~Äò¡C ![]() ¹Ï5 §Ö³t²ÕºAºëÆF ±µ¤U¨Ó±z¥²¶·¦b¦p¹Ï6©Ò¥Üªº[Network Template Selection]¶±¤¤¡A¿ï¨ú¾A¥Î©ó¥Ø«e¤½¥qºô¸ôÀô¹ÒªºTMG¬[ºc½d¥»¡A¤@¯ë¦Ó¨¥³Ì±`¨£ªº³q±`¬OEdge firewall¡CÂI¿ï[Next]«ö¶sÄ~Äò¡C±µ¤U¨Ó¥²¶·¤À§O³]©w¤º³¡ºô¸ô¥d»P¥~³¡ºô¸ôªºTCP/IP²ÕºA¡A¨Ã¥BÃB¥~¹ï©ó¤º³¡ºô¸ô¥d¨Ó³]©w¨ä¥¦ªº¸ô¥Ñ³W«h¡A¦]¬°³\¦h¥ø·~ºô¸ô¤¤¥i¯à·|¦³«Ø¸mCore SwitchªººÞ²z¡C ![]() ¹Ï6 ºô¯¸½d¥»¿ï¨ú §¹¦¨¤F²Ä¤@¶¥¬qªººëÆF³]©w¤§«á¡A±µ¤U¨Ó½ÐÂI¿ï[Getting Started Wizard]¶±¤¤ªº[Configure System settings]³sµ²Ä~Äò¡C±µµÛ¦b¦p¹Ï7©Ò¥Üªº[Host Identification]¶±¤¤±z¥i¥H¨M©w¬O§_nÅܧó¹q¸£¦WºÙ¡Bºô°ì¦¨û³]©w¥H¤ÎDNS§À½X³]©w¡C ![]() ¹Ï7 ¥D¾÷ÃѧO³]©w ºò±µµÛ¤S·|¦^¨ì[Getting Started Wizard]¶±¤¤¡A½ÐÂI¿ï[Define deployment options]³sµ²Ä~Äò¡Cº¥ý¦b¦p¹Ï8©Ò¥Üªº[Microsoft Update Setup]¶±¤¤¡A½Ð¿ï¾Ün³z¹LMicrosoft Update¨Ó§ó·s´c·Nµ{¦¡©w¸qÀÉ¡CÂI¿ï[Next]«ö¶sÄ~Äò¡C ![]() ¹Ï8 §ó·s³]©w ±µµÛ±N·|¨Ó¨ì¦p¹Ï9©Ò¥Üªº[Forefront TMG Protect Feature Settings]¶±¡A¦b¦¹¥²¶·³]©wºô¸ôÀˬd¨t²Î¡]NIS¡^»Pºô¯¸«OÅ@¡]Web Protection¡^ªº±ÂÅv²ÕºA¡A¨ä¤¤ºô¯¸«OÅ@³¡¥÷¬O»ÝnÃB¥~¥I¶O±ÂÅv¡A¤£¹L¥i¥H¥ý¨Ï¥Îµû¦ôª©¥»ªº±ÂÅv¡C±µµÛ½Ð±N[Enable Malware Inspection]»P[Enable URL Filtering]³]©w¤Ä¿ï¡CÂI¿ï[Next]«ö¶sÄ~Äò¡C ![]() ¹Ï9 ¾ã¦X«Â¯Ù¶EÂ_ªA°È ±µ¤U¨Ó±N·|¨Ó¨ì¦p¹Ï10©Ò¥Üªº[NIS Signature Update Settings]¶±¡C¦b¦¹¥i¥H³]©wºô¸ôÀˬd¨t²Î¡]NIS¡^©w¸qÀɪºÀˬd§ó·sÀW²vµ¥³]©w¡]«ØÄ³±Ä¥Î¹w³]ȧY¥i¡^¡AÃö©ó³o¤@³¡¥÷ªº²ÕºA³]©w¤§«á¤´¥i¥H¶i¦æ×§ïªº¡CÂI¿ï[Next]«ö¶sÄ~Äò¡C ³Ì«á¦b[Microsoft Telemetry Services]¶±¤¤¡A¦p¹Ï11©Ò¥Ü¥i¥H¿ï¾Ü¬O§_n¥[¤JMicrosoft´c·Nµ{¦¡ªº¨¾Å@¦^³øpµe¡A¥H¨ó§U¶i¦æ¿ë§O§ó¦h¼ç¦bªº´c·Nµ{¦¡§ðÀ»¦æ¬°¡C¦b¦¹±z¥i¥H¿ï¾Ü¥[¤J°ò¥»©Î¶i¶¥ªº¦¨û¡C¨ä¤¤°ò¥»ªº¦¨û³]©w±N·|¦Û°Ê¦^³ø«Â¯ÙªºÃþ«¬¸ê°T¡A¦Ü©ó¶i¶¥ªº¦¨û«h±N·|¦Û°Ê¦^³ø¦UºØ¼ç¦bªº«Â¯Ùªº¸Ô²Ó¸ê°T¡B¥]§t¤F¬y¶q½d¨Ò¥H¤Î§¹¾ãªºURL¦r¦êµ¥¸ê°T¡C ![]() ¹Ï10 ©w¸qÀɧó·s³]©w ![]() ¹Ï11 ´c·Nµ{¦¡¨¾Å@¦^³øpµe ·í¦A¤@¦¸¦^¨ì[Getting Started Wizard]¶±¤¤®É¡A¦pªGª½±µÂI¿ï[Close]«ö¶s±N·|¶}±Òºô¯¸¦s¨úì«hªº³]©wºëÆF¡]Web Access Policy Wizard¡^¡C±µ¤U¨Óº¥ý¦b[Web Access Policy Rules]¶±¤¤¡A¦p¹Ï12©Ò¥Ü¥i¥H¿ï¾Ü¬O§_n«ÊÂê¥Ø«e¤wª¾ªººô§}Ãþ§O¡AÂI¿ï[¤U¤@¨B]Ä~Äò¡C ![]() ¹Ï12 ºô¯¸¦s¨ú³W«h ±µ¤U¨Ó¦b[Blocked Web Destinations]¶±¤¤¡A¥i¥H³]©w«ÊÂê¦s¨úªººô¯¸Ãþ§O²M³æ¡A¦p¹Ï13©Ò¥Ü¦b¦¹±z¥i¥H¶i¦æ·s¼W¡B½s¿è©Î¬O²¾°£¡C¦Ó°w¹ï³o¤@¨ÇÃþ§Oªº´c·Nºô¯¸¡ATMG³£±N·|³z¹LMicrosoft½u¤W«HÅAªA°È¨Ó¶i¦æ¬d¸ß¡A¨Ã¥B®Ú¾Ú³Ì·s¸ê°T¨Ó«ÊÂê¥Î¤áºÝ¨Ï¥ÎªÌªº³s½u¡CÂI¿ï[Next]«ö¶sÄ~Äò¡C ±µ¤U¨Ó¦b[Blocked Web Destinations Exceptions]¶±¤¤¡A¦p¹Ï14©Ò¥Ü±z¥i¥H³]©w§Æ±æ±Æ°£«ÊÂꪺºô¯¸²M³æ¡C±µµÛ¦b¦p¹Ï15©Ò¥Üªº[Malware Inspection Settings]¶±¤¤¡A¥i¥H¨M©w¬O§_n±qInternet¨ÓÀˬd¥Î¤áºÝ¹ï©óWeb¤º®eªº³s½u¦s¨ún¨D¡A¥H½T«O¨ä¦w¥þ©Ê¨S¦³°ÝÃD¡A³o¨ä¤¤ÁÙ¥]§t¤F¥i¥H³]©w«ÊÂê¸g¹L¥[±KªºÀ£ÁYÀɮס]¨Ò¦p¡GZIP¡BRAR¡^¡A¦]¬°¬Y¤@¨Ç¯f¬r¥i¯à·|ÂǦ¹±N¯f¬rµ{¦¡¼çÂæb¸ÌÀY¡C ![]() ¹Ï13 «ÊÂêºô¯¸³s½u³]©w ![]() ¹Ï14 ¨Ò¥~²M³æ³]©w ![]() ¹Ï15 ´c·Nµ{¦¡¶EÂ_³]©w ±µ¤U¨Ó¦b[HTTPS Inspection Settings]¶±¤¤¡A¦p¹Ï16©Ò¥Ü¥i¥H¨M©w¬O§_n°w¹ï¥Î¤áºÝ¦bHTTPS¦s¨ú³s½u¬y¶q¤W»P¾ÌÃÒ¶i¦æ¦w¥þ©ÊÀˬd¡A©Î¬O°®¯Ü³]©w¤£¤¹³\¥Î¤áºÝ«Ø¥ßHTTPSªººô¯¸³s½u¡Cºò±µµÛ¦b[HTTPS Inspection Preferences]¶±¤¤¡A¦p¹Ï17©Ò¥Ü¥i¥H³]©w¬O§_n³qª¾¨¾¤õÀð¥Î¤áºÝ¦³Ãö©óHTTPSªº¬y¶qÀˬd¡A¥H¤Î³]©w¦p¦ó²£¥ÍHTTPSÀˬdªº¾ÌÃÒ¡C ![]() ¹Ï16 HTTPS¦w¥þ³s½uÀˬd ![]() ¹Ï17 HTTPS¦w¥þÀˬd³qª¾ ±µµÛ¦b[Certificate Deployment Preferences]¶±¤¤¡A¦p¹Ï18©Ò¥Ü¥i¥H³]©w³¡¸pHTTPSÀˬd¾ÌÃÒªº¤è¦¡¡A±z¥i¥H¿ï¾Ü¸g¥ÑActive Directory¨Ó³¡¸p¡]¥²¶·³]©wºô°ìºÞ²zû±b¤á±K½X¡^¡A©Î¬O¥H¤â°Ê¤è¦¡¶×¥X¾ÌÃÒ¨Ó¶i¦æ³¡¸p¡C ![]() ¹Ï18 ¾ÌÃÒ³¡¸p³]©w ³Ì«á¦b[Web Cache Configuration]¶±¤¤¡A¦p¹Ï19©Ò¥Ü¥i¥H³]©w¬O§_n±Ò¥Îºô¯¸§Ö¨ú¥\¯à¡A¦pªG±Ò¥Î¦¹¥\¯à½Ð¥ý±N[Enable Web caching]¶µ¥Ø¤Ä¿ï¤§«á¡A¦AÂI¿ï[Cache Drives]«ö¶s¨Ó³]©w§Ö¨úÀɮתº¤j¤p¥H¤ÎÀx¦s¦ì¸m¡C ![]() ¹Ï19 ºô¯¸§Ö¨ú²ÕºA ¦b§¹¦¨¥H¤W©Ò¦³ªì¨BªººëÆF²ÕºA³]©w¤§«á¡A±N·|¶}±Ò¦p¹Ï20©Ò¥Üªº[Forefront TMG ]¥D±±¥x¡C¦b³oÓª½Ä±¤ÆªººÞ²z¤¶±¤¤¡A§ÚÌ¥i¥H«Ü²M·¡ªº±q¤£¦Pªº¶µ¥Ø¸`ÂI¤W¡A§ä¨ì§ÚÌ»ÝnÀ˵øªº¸ê°T©Î¬O¶i¦æ³]©w¡CÁ|¨Ò¨Ó»¡¡A¦pªG±z¶i¦æ¦³Ãö©óºô¯¸¦s¨úªºì«h³]©w¡A½ÐÂI¿ï¦Ü[Web Access Policy]¡A¦pªG·Q¶i¦æ¦³Ãö©óE-mail¦w¥þì«hªº³]©w½ÐÂI¿ï¦Ü[E-mail Policy]¡A¦pªG·Qn³]©w¦³Ãö©óºô¯¸´c·Nµ{¦¡»Pºô¯¸¶Â¦W³æ©w¸qÀɪº§ó·s²ÕºA¡A½ÐÂI¿ï¦Ü[Update Center]¶µ¥Ø¸`ÂI¨Ó³]©w§Y¥i¡C ![]() ¹Ï20 ¥þ·sForefront TMG¥D±±¥x ±µ¤U¨Ó§ÚÌ¥i¥H¥ý¨Ó¶i¦æ¤@¶µ¦³Ãö©óºô¯¸´c·Nµ{¦¡³s½u¦s¨úªº´ú¸Õ¡Cº¥ý½Ð¦bForefront TMG¥D±±¥x¤¤ªº[Logs & Reports]¶µ¥Ø¸`ÂI¤W¡A¥[¤J¤@¶µ¦³Ãö©ó´c·Nµ{¦¡ªº°O¿ý¬d¸ß¡Aºò±µµÛ½Ð¦b¥Î¤áºÝªºÂsÄý¾¹¤¤³s½u¦Ü¥ô·N¥i¥H¤U¸ü¯f¬r´ú¸Õµ{¦¡ªººô¯¸¡A¨Ã¥BÂI¿ï¤U¸ü´ú¸Õ¥Îªº´c·N´ú¸Õµ{¦¡¡A ³o®ÉÔ±z«K¥i¥H¦b¦p¹Ï21©Ò¥Üªº¶±¤¤¬Ý¨ì³o¤@¤ä´c·Nµ{¦¡³Q¤Î®É«ÊÂꪺ¬ÛÃö¸ê°T¡C ![]() ¹Ï21 §Y®É´c·Nµ{¦¡¶EÂ_°O¿ý ¦Ü©ó¦b¥Î¤áºÝªºÂsÄý¾¹³¡¥÷«h¥i¥H¬Ý¨ì¦p¹Ï22©Ò¥Üªº¦s¨ú«ÊÂê°T®§¡C¦p¦¹¤@¨Ó¥Î¤áºÝ«K¤£·|¤£¸g·Nªº¤U¸ü¨ì¤£©úªº´c·Nµ{¦¡¤F¡A·íµM°Õ¡I³o¥]¬A¤F¥Ø«e¦bºô»Úºô¸ô¤W³\¦h¤H³£·|¥h¨Ï¥Îªº§K¶Oºô¶«H½c¤¤ªºEmailªþ¥óÀɮפU¸ü¡A¤]¤@¼Ë·|¦Û°Ê¶i¦æ¦w¥þÀË´ú¡C ![]() ¹Ï22 «ÊÂê´c·Nµ{¦¡¤U¸ü ¦Ü©ó¦b¶Â¦W³æªººô¯¸³s½u¤W¡A¤@¥¹¥Î¤áºÝ¥D°Ê¶i¦æ³o¤@¨Çºô¯¸ªº³s½u¡A©Î¬O¸g¥Ñ§O¤H©Ò±H°eªºE-mail¤º®e¤¤ªº¶W³sµ²¨Ó¶i¦æ³s½u®É¡A³£·|¥X²{¦p¹Ï23©Ò¥Üªº©Úµ´¦s¨úªºÅã¥Ü¶±¡CµM¦Ó¦pªG¨Ï¥ÎªÌ©ÎIT¤Hû½T»{³oÓºô¯¸¥Ø«e¤w¸g¨S¦³°ÝÃD¡A«h¥i¥H±N³oÓºô§}¥[¤J¨ìTMGºÞ²z²ÕºA¤¤ªº¨Ò¥~²M³æ§Y¥i«ì´_¥¿±`³s½u¡C ![]() ¹Ï23 ©Úµ´¦s¨ú´c·Nºô¯¸ ¦Ü©ó¦b³ø§i¤u§@ªº²£¥Í³¡¥÷¡A¦p¹Ï24©Ò¥Ü§ÚÌ¥i¥H®Ú¾Ú¹ê»Ú»Ý¨D¤À§O¿ï¨úºô¯¸ªº¦s¨ú¤ÀªR¡BÀ³¥Îµ{¦¡ªº¨Ï¥Î¤ÀªR¡B¬y¶q»P¸ê·½¨Ï¥Î¤ÀªR¡B¦w¥þ¤ÀªR¡B´c·Nµ{¦¡«OÅ@¤ÀªR¡Bºô§}¿z¿ï¤ÀªR¥H¤Îºô¸ôÀË´ú¨t²Î¤ÀªR³ø§iµ¥µ¥¡C¦Ü©ó¦pªG·Qn§ó¶i¤@¨B³]©w¤£¦P³ø§i¶µ¥Øªº¶i¶¥§e²{³]©w¥i¥HÂI¿ï[Edit Report Details]Ä~Äò¡C ![]() ¹Ï24 ³ø§i¤º®e³]©w ¦p¹Ï25©Ò¥Ü¦b¦¹§ÚÌ¥H[Web Usage]³ø§i¶µ¥Ø¬°¨Ò¡A©Ò¯à°÷³]©wªº¶i¶¥²ÕºA¦³±Æ§Ç¤è¦¡»P¥]§tªº¨Ï¥ÎªÌ¼Æ¶q³]©w¡C ![]() ¹Ï25 ³ø§i¶i¶¥³]©w ¨ä¥¦TMGºÞ²z¤u¨ãªº¤U¸ü»P¨Ï¥Î ¦b¥Ø«eForefront TMGªº¤U¸ü¤¤¡A°£¤F¹w³]ªººÞ²z¥D±±¥x¥i¥H¨Ï¥Î¡Aµ§ªÌÁÙ¦³µo²{¨ä¥¦»²§UºÞ²zªº¤u¨ã¥i¥H¤U¸ü¡A½Ð°Ñ¦Ò¥H¤Uºô§}»P¤u¨ã¥Î³~»¡©ú¡C TMGªþÄݺ޲z¤u¨ã¤U¸üºô§}¡G http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=82027864-4abd-4896-8255-55f6ea775489 ƒÞ Cache Directory Tool for Forefront TMG¡]CacheDir.exe¡^ °õ¦æ³oÓ§Ö¨ú¥Ø¿ý¤u¨ã¥i¥H¥hÀ˵ø¨ìTMG¥D¾÷¤W§Y®Éªº§Ö¨ú¤º®e¡A¥H¤ÎÀx¦s§Ö¨ú¤º®e¸ê°T¨ì¤@ÓÀɮפ¤¡A¨Ã¥B¥i¥H¼Ð°O¹L®Éªº§Ö¨ú¶µ¥Ø¡A¦p¦¹¤@¨Ó³o¤@¨Ç¶µ¥Ø±N¤£·|Ä~Äò«O¦s¦b§Ö¨ú¤¤¡C ƒÞ DNS Cache Tool for Forefront TMG¡]Dnstools.exe¡^ ·í°õ¦æ¦¹DNS§Ö¨ú¤u¨ã¦bTMG¥D¾÷¤W®É¡A±N¥i¥HÅã¥Ü¥Ø«e¦bDNS¤¤ªº§Ö¨ú¤º®e¡A¨Ã¥B¥i¥H¶i¦æ¾ãÓDNS§Ö¨ú¤º®eªº²M°£¡C ƒÞ MSDEToText Tool for Forefront TMG¡]MSDEToText.exe¡^ °õ¦æ¦¹¤u¨ã¥i¥HÂà´«TMGªº°O¿ýÀɨì¤@Ó¤å¦rÀɮפ¤¡A©Î¬OÅã¥Ü¥¦Ìªº¤º®e¦b¿Ã¹õ¤W¡C ƒÞ Remote Access Quarantine Tool for Forefront TMG¡]RQSUtils.exe¡^ °õ¦æ¦¹¤u¨ã¥i¥HÅýTMG¨ã³Æ±µÅ¥RQS³s½uªº¯à¤O¡A¥Dn¬OÀ³¥Î¦b¹jÂ÷±±ºÞªº¾ã¦X³¡¥÷¡Aµ§ªÌ¦b¹L¥hªºISA Server 2004»PISA Server 2006¤¤´¿¦³³o³¡¥÷¹ê§@ªº±´°Q±MÄæ¡C ƒÞ RSA Test Authentication Utility for Forefront TMG¡]SdTestPack.exe¡^ ¨Ï¥Î³o¶µRSA´ú¸ÕÅçÃÒ¤u¨ã¡A¥i¥HÅýºÞ²z¤Hûª¾¹DTMG¦b¾ã¦X¥t¤@³¡°õ¦æRSAÅçÃÒºÞ²zû¥D¾÷ªº³s½u¹B§@¤W¬O§_¥¿±` ƒÞ Best Practices Analyzer Tool (BPA¡CIsaBPA.msi) ³z¹LBPA¤u¨ã¥i¥HÀ°±zÀˬd¥X¥Ø«eTMG¾ãÅé¹B§@ªº°·±dª¬ºA¡A¨Ã¥B·|À°±z¶EÂ_¥X¥Ø«e©Ò¾D¹Jªº°ÝÃD¡C¦¹¥~BPA¤u¨ã¤]·|±½´y¥Ø«eTMG¥»¾÷ªº²ÕºA³]©w¨Ã¥B³ø§i¬ÛÃö°ÝÃD¡C ƒÞ ADAM Sites Tool for Forefront TMG Enterprise Edition¡]AdamSites.exe¡^ °õ¦æ¦¹ADAM¯¸¥x¤u¨ã¥i¥H¥h³]©wTMG¥ø·~ª©¬[ºc¤¤¡A¨º¤@¨Ç¤w¨Ï¥ÎADAM¡]Active Directory Application Mode¡^ªº²ÕºAÀx¦s¦øªA¾¹¡]Configuration Storage¡^¡C ƒÞ Auto Discovery Configuration Tool for Forefront TMG¡]AdConfigPack.exe¡^ ¦¹¶µ¥þ·sªº¦Û°Ê±´¯Á³]©w¤u¨ã¡A¥i¥H¥h³]©w¦bActive Directoryºô°ì¤¤ªºTMG¦øªA¾¹³s½uªº¼Ð°O¡AÅýTMG¨¾¤õÀð¥Î¤áºÝ¥i¥H§ä¨ì³o³¡¦øªA¾¹ªº¦ì¸m¨Ã¥B¶i¦æ³s½u¡C ³]©wªº¤èªk«Ü²³æ¡A¥un¦b§¹¦¨¦¹¤u¨ãªº¦w¸Ë¨Ã¥B¦b©R¥O´£¥Ü¦C¤¤¤Á´«¨ì¦¹AdConfig¸ô®|¤U¤§«á¡A¦p¹Ï26©Ò¥Ü°õ¦æTmgAdConfig add -default -type winsock -url http://TMG¦øªA¾¹¦ì§}:8080/wspad.dat¡C¦Ü©ó§R°£¼Ð°Oªº¤èªk¡A¥un¤U¹FTmgAdConfig.exe del -default -type winsock§Y¥i¡A¦pªG·Qnª¾¹D¨ä¥¦§ó¸Ô²Óªº¥Îªk¥i¥H¿é¤JTmgAdConfig.exe /?¡C ºò±µµÛ±zÁÙ¥²¶·¦bTMGªº¥D±±¥x¤¤¡A¥ýÂI¿ï¦Ü[Web Access Policy]¶µ¥Ø¸`ÂI¡A±µµÛÂI¿ï¦ì¦b[Tasks]µ¡®æ¤¤ªº[Configure Web Proxy]³sµ²¡A¨Ó¶}±Ò[Internal Properties]¶±¤¤¡A¨Ã¥B¤Á´«¨ì[Auto Discovery]¶±¤¤±N[Publish automatic discovery information for this network]¶µ¥Ø¤Ä¿ï¡A¥H¤Î±N¹w³]ªº80³q°T°ðÅܧó¬°8080§Y¥i¡C ![]() ¹Ï26 TMG¥Î¤áºÝ³s½uµù°O³]©w ¥un§¹¦¨¤F¥H¤W³]©w¡A¨º»ò¥un¬O¦ì¦bActive Directoryºô°ì¤¤ªºTMG¨¾¤õÀð¥Î¤áºÝ¡A¹w³]«K·|¦Û°Ê±´¯Á¨ì¨Ã¥B»PTMG¥D¾÷¶i¦æ³s½u¡C¦p¹Ï27©Ò¥Ü«K¬OTMG¨¾¤õÀð¥Î¤áºÝ¦b¶i¶¥¦Û°Ê°»´úªº²ÕºA³]©w¡A¥i¥H¬Ý¨ì¹w³]ªº[Use Active Directory]³]©w¬O¦b¤Ä¿ïª¬ºAªº¡C ¥t¥~ȱoª`·Nªº¬O¹L¥hISA Serverª©¥»¤¤©Ò±Ä¥ÎDHCP»PDNSªº¦Û°Ê±´¾÷¨î¡A¦bTMGªº³¡¸p¬[ºc¤¤¤´µM¥i¥H¨Ï¥Î¡A¥u¬O¦b¦w¥þ©Êªº¹B§@¤W¨Ã¤£³Q«ØÄ³¨Ï¥Î¡A¤£¹L©O¡H¦pªG»¡¥ø·~¤º¦³¤@¨Ç¥Î¤áºÝ¹q¸£¨Ã¥¼¥[¤Jºô°ì¤¤¡A«h±Ä¥Î¦³DHCP»PDNSªº¦Û°Ê±´¾÷¨î¤´¬O¥²¶·ªº¡C ![]() ¹Ï27 ¨¾¤õÀð¥Î¤áºÝ¦Û°Ê°»´ú³]©w ƒÞ Forefront TMG SDK °w¹ï¦¹³nÅé¶}µo®M¥ó¡A¥¦¥]§t¤F¶}µoµ{¦¡®w¡B¤u¨ã¡B½d¨Òµ{¦¡½X¥H¤Î¬ÛÃö°Ñ¦Ò¤å¥ó¡A¥i¥H¨ó§U¬ãµo¤Hû¥H¤Î¨t²ÎºÞ²z¤Hû¡A¥h¶i¦æ¹ï©óTMG©µ¦ù¥\¯àªº³]p¡AÅýTMGªº¦w¥þ¨¾Å@¯à¤O§ó¥[±j¤j¡C µ² ½× ¹ï©ó¤w¸g¼ô±xISA Server 2004»PISA Server 2006ªººôºÞ¤Hû¨Ó»¡¡A¹ï©ó¥þ·sª©¥»ªºForefront TMGºÞ²z¨Ó»¡·Q¥²·|«D±`±o¤ßÀ³¤â¡A¦]¬°¾Þ§@¤¶±ªº³]p´X¥G¤@¼Ë¡A¨Ã¥B´£¨Ñ¤Fµ´¨Îªº´c·Nºô¯¸»P´c·Nµ{¦¡ªº¨¾Å@¥\¯à¡AÅý¦UºØ¨Ó¦ÛInternet¥@¬É¤¤ªº«Â¯Ù¦b²Ä¤@½uªº¹h¹DºÝ´N³Q«ÊÂê±¼¡A¦b¦¹±j¯P«ØÄ³©Ò¦³IT¥ý¶iÌ¡A¤£¥é¦b¥¦¥¿¬OÁcÅ餤¤åª©¤W¥«¤§«e¡A¥ý¦Û¦æ¤U¸üµû¦ô¸Õ¥Îª©¥»¨ÓÅéÅç¤@¤U¥þ·sTMGªº±j¤j¨¾Å@¾y¤O¡I |