Configuring rule elements

Applies To: Forefront Threat Management Gateway (TMG)

This section describes how to create and modify rule elements. Forefront TMG rule elements are used in Firewall policy rules and consist of the following:

  • Network objects. Network objects are used to categorize IP addresses into different types of network entities. These network entities are used as sources and destinations in firewall policy rules, traffic chaining rules, and HTTP compression settings that make up your firewall policy. Network objects can be entire networks, IP address ranges, computers, and subnets. For more information about networks, see Configuring network objects. For more information about other network objects, see Configuring network objects.

  • Protocols. Forefront TMG provides a number of predefined protocols categorized into groups. You can modify predefined protocol properties and create custom protocols. For instructions, see Configuring protocols.

  • Users. When you create a policy rule, it can be applied anonymously or to a specific set of users. A user set can consist of a specified namespace or a user subset. A user set can include Windows users and groups, RADIUS users, LDAP users, and SecurID users. For instructions, see Configuring user sets.

  • Content types. Forefront TMG provides predefined content types for use in rules that are applied to HTTP or FTP over HTTP traffic. For more information, see Configuring content types.

  • Schedules. Schedules can be specified in access rules to indicate when the rule applies. For instructions, see Configuring schedules.

For more detailed information about rule elements, see Toolbox reference.