Friday, May 25, 2012

Disable TMG 2010 Flood Mitigation Settings

q: We are performing a load test against one of our websites published by Threat Management Gateway (TMG 2010) and seeing alerts.
a: Typically this issue is caused by too many concurrent connections within a time frame from the same client IP.  The easiest way to prove this would be to disable all Flood Mitigation Settings then test again. But remember to turn them back on when you're done.

  1. Open TMG Manager
  2. Left Pane / expand "Forefront TMG"
  3. select "Intrusion Prevention System"
  4. Right Pane / Select "Behavioral Intrusion Detection"
  5. Select "Configure Flood Mitigation Settings"
  6. Uncheck the first box "Mitigate flood attacks and worm propagation"
  7. Click Okay
  8. Apply Policy