access control list (ACL)
A level of permission that can be set on a file or a directory allowing specified users access within an NTFS directory. An access control entry (ACE) is an entry in the list.
See access control list (ACL).
A mechanism used to automatically initiate new requests to update cached file objects without user intervention. Requests can be activated based on the length of time an object has been cached or was last retrieved from the source location of the object. This type of caching can be used to ensure the freshness of specified data within the cache. See also passive caching.
Advanced Digest authentication
An improved version of Digest authentication that is provided for user accounts stored in Active Directory in a Windows Server 2003 domain. With this method, user credentials are stored on domain controllers as an MD5 hash, rather than in a reversibly encrypted form, and cannot feasibly be recovered by anyone with access to a domain controller. See also Basic authentication and Integrated authentication.
A feature that notifies administrators about suspicious network events, such as rejected packets, protocol violations, and a full hard disk. Alerts can log events to the system event log, run a specified command line, send an SMTP e-mail message to specified recipients, and stop or start specified Forefront TMG services.
See application programming interface (API).
A firewall extension that registers for and processes events related to connection with another network. Application filters are typically designed to enhance the security provided by a firewall by excluding or modifying data that approaches the network.
Computer software intended to maintain security on a secluded network yet allow certain traffic to go between the private network and the outside world. See also firewall.
application programming interface (API)
A set of routines used by an application to direct the performance of procedures by a computer's operating system.
An administrative unit that provides access to Forefront TMG configuration settings that are contained in the hierarchy of administration COM objects. Each Forefront TMG computer is associated with a single array. When two or more Forefront TMG computers are associated with the same array, the array members can be managed as a single, logical entity and can provide distributed caching, load balancing, and fault tolerance. In Forefront TMG Standard Edition, only one Forefront TMG computer is associated with the array.
A Forefront TMG server that is designated as the only array member for maintaining the array-level configuration and distributing updates to all the other array members in a standalone array containing multiple Forefront TMG servers. An array manager is a Configuration Storage server and maintains the configuration for the entire array using Active Directory Lightweight Directory Services (AD LDS), the ISASTGCTRL service, and the Microsoft Forefront TMG Storage (ISASTG) service.
A Forefront TMG server that is joined to an array.
A feature that allows some input/output (I/O) functions to return immediately, even though an I/O request is still pending. Asynchronous I/O enables an application to continue with other processing and wait for the I/O to be completed at a later time. Asynchronous I/O is also called overlapped I/O.
Verification of the identity of a user or system entity to determine permission to access a resource or perform an operation. See also Basic authentication, Integrated authentication, Digest authentication, Advanced Digest authentication, and Microsoft Challenge Handshake Authentication Protocol (MS-CHAP).
A component of Forefront TMG that enables users to automatically connect to remote networks, such as the Internet, during predetermined times.
Build date: 6/30/2010