<div>
It isn't quite what I was after but it certainly gave me some good insights into how forefront handles traffic. Thanks.
</div>


It isn't quite what I was after but it certainly gave me some good insights into how forefront handles traffic. Thanks.

<div>
<div class="content wysiwyg-content">
Hi Everyone,<br />
<br />
I have a newly installed Windows 2008 R2 SP2 server running Microsoft Forefront TMG 2010 with all latest SPs and rollups. On the same machine I have version 5.0.1 of Mcafee ePO. I am using the TMG server primarily as a filtering web proxy as my central firewall function is being performed by another device. <br />
<br />
I am trying to configure ePO and during the configuration it contacts my AD and does a broadcast for all machines on my LAN. However it has been failing which I found is down to TMG blocking the broadcast (log screenshot attached). Now I have created rules in the firewall that allow NetBIOS sessions, names etc with no effect. I have tried enabling the configuration of the system policy and making sure the rule that allows NetBIOS from Local Host to the Internal network is set to allow but no effect. <br />
<br />
I have seen many articles related to NetBIOS being blocked due to spoofed addresses but these don't seem to address my problem.<br />
<br />
If I had any hair it would have fallen out by now so any help much appreciated.<br />
<br />
Steve<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/09_w39/678800/broadcast-blocked.png" target="_blank" class="file-inline" title="TMG Log File Screenshot (16 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>broadcast-blocked.png</a>
</div>
</div>


broadcast-blocked.png

Hi Everyone,

I have a newly installed Windows 2008 R2 SP2 server running Microsoft Forefront TMG 2010 with all latest SPs and rollups. On the same machine I have version 5.0.1 of Mcafee ePO. I am using the TMG server primarily as a filtering web proxy as my central firewall function is being performed by another device. 

I am trying to configure ePO and during the configuration it contacts my AD and does a broadcast for all machines on my LAN. However it has been failing which I found is down to TMG blocking the broadcast (log screenshot attached). Now I have created rules in the firewall that allow NetBIOS sessions, names etc with no effect. I have tried enabling the configuration of the system policy and making sure the rule that allows NetBIOS from Local Host to the Internal network is set to allow but no effect. 

I have seen many articles related to NetBIOS being blocked due to spoofed addresses but these don't seem to address my problem.

If I had any hair it would have fallen out by now so any help much appreciated.

Steve

ForeFront TMG Blocks Broadcast on port 137

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.