An important new feature of Forefront TMG is HTTP malware inspection, which is enabled by default in Windows EBS. When the feature is left enabled, Forefront TMG performs malware inspection on all the HTTP traffic that is associated with Web requests originating from the clients on the Windows EBS network. Whenever a client on the Windows EBS network visits an external Web site, both the original HTTP request that leaves the network and the responding traffic that crosses back into the network are inspected for viruses and other malware infections.

When malware is detected on a file, Forefront TMG attempts to clean the file. Forefront TMG can send the cleaned file to the requesting client if configured to do ...