Last updated on 11/18/2016
Dr.Web for Microsoft ISA Server and Forefront TMG (hereinafter- Dr.Web) is an application that protects enterprise networks against virus threats and spam. It integrates with the system in order to search and neutralize all types of threats in the stream of data going through (hereinafter – Microsoft ISA Server) and (hereinafter – Microsoft Forefront TMG) via HTTP, FTP, SMTP and POP3 protocols. The application checks the incoming Internet traffic for viruses, dialers, adware, hacktools, jokes and riskware.
The application builds in its filters into Microsoft Firewall Service and Microsoft Forefront TMG Firewall. This allows Dr.Web anti-virus engine receive and process data. Dr.Web operates on a platform that features its own password-protected web interface and an additional web console for advanced configuration.
Dr.Web for Microsoft ISA Server and Forefront TMG allows joining the servers, where the Microsoft firewalls reside, into a cluster (hierarchic tree of main server and sub-servers) to replicate the application parameters from the main server to the sub-servers and thus, manage the whole protection system from only one server.
Dr.Web performs the following functions:
•Scans all Microsoft ISA Server and Microsoft Forefront TMG traffic transferred over HTTP, FTP (including FTP over HTTP), SMTP and POP3 protocols;
•Blocks access to infected objects for users within the network protected by Microsoft ISA Server or Microsoft Forefront TMG firewall;
•Isolates infected and suspicious objects
•Registers incidents in Windows Event log and in the internal event database
•Filters suspected spam email messages sent via SMTP protocol;
•Adds notifications to email messages containing security threats;
•Restricts access to specific web resources;
•Automatically updates virus databases and components;
Dr.Web virus databases are constantly updated with new records to provide system protection. The application features a heuristic analyzer that ensures additional protection against viruses and threats that are not yet included into virus databases.
New Features in Version 11.00.0
•FTP traffic scanning setup has been changed. When a file is being transferred to a user, a part of this file (0.5 Mbyte by default) is held down. If the application detects a threat in this file, it will corrupt its part. After that, the entire file will be transferred to the user.
•Support has been added for HTTPS traffic in the component. If the component gets triggered, it will return a connection error.
•New categories have been introduced. There are two new categories — and .
•Parameters and in the component settings have been joined in one parameter named .
•Dr.Web Administrator Web Console interface has been localized into French.
•Advanced settings for selecting types of damaged objects have been introduced.
•A warning about unsaved changes in Dr.Web Administrator Web Console has been implemented. Now if you try to switch to another section without saving the changes, the application will ask for confirmation.
•New filtering parameters have been implemented — and .
•Installation folder structure has been changed.
•Address of web interfaces have been changed:
▫Dr.Web Administrator Web Console new address: https://<ISA Server address>:2080/admin.
▫Dr.Web CMS Web Console new address: https://<ISA Server address>:2080/root.
•A possibility to manage access privileges has been implemented for web interfaces. A user with restricted access privileges cannot modify settings in Dr.Web Administrator Web Console and cannot access Dr.Web CMS Web Console.
•A number of error messages registered in the application event log and in Windows Event Log has been increased.
Resolved Issues and Improvements
Overall operation of the application is improved.
•Support for Mozilla Firefox has been removed.
•Dr.Web HTTP Filter has been removed. Dr.Web for Microsoft ISA Server and Forefront TMG operates only together with a configured proxy server.
A computer you are going to install Dr.Web for Microsoft ISA Server and Forefront TMG 11.00.0 on, must meet the following basic requirements:
Operating system and software requirements
To install Dr.Web of the version 11.00.0:
1.Stop the Microsoft ISA Server/Microsoft Forefront TMG firewall service.
2.Before installation, make sure, that the built-in administrator account is enabled.
3.Run the installation file. The window with a list of installation languages will open. Select Russian or English as the installation language. Click
4.A window with the text of the License Agreement will open. To continue installation you should read and accept the license by selecting . Click .
5.If the firewall service is still running, you will be prompted to stop it.
6.Select a licensing option.
7.On the page, click to begin installation of Dr.Web on your computer.
8.Further actions of the Installation wizard do not require user actions. Once the installation is complete, you will be prompted to restart your computer.
If you encounter any issues installing or using company products, before requesting for the assistance of the technical support, take advantage of the following options:
•Download and review the latest manuals and guides at .
•Read the frequently asked questions at .
•Browse the Dr.Web official forum at .
If you have not found solution for the problem, you can request direct assistance from Doctor Web technical support in one of the following ways:
•Fill in the web from in the corresponding section at .
•Email to .
•Call by phone in Moscow: +7 (495) 789-45-86.
Refer to the official website at for regional and international office information of Doctor Web company.
All rights reserved. This document is a property of Doctor Web. No part of this document may be reproduced, published or transmitted in any form or by any means for any other purpose than the purchaser’s personal use without proper attribution.
Dr.Web, SpIDer Mail, SpIDer Guard, CureIt!, CureNet!, AV-Desk and the Dr.WEB logo are trademarks and registered trademarks of Doctor Web in Russia and/or other countries. Other trademarks, registered trademarks and company names used in this document are property of their respective owners.
In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions, or any loss of profit or any other damage caused or alleged to be caused directly or indirectly by this document, the use of or inability to use information contained in this document.
© Doctor Web, 2016
Russia, Moscow — Saint Petersburg