Lately I’ve been using quite a lot the FTP over HTTP protocol in Forefront TMG 2010 SP1(Update 1).
The main reasons for this are: - malware inspection can be applied to FTP traffic. Note that although there are some advantages, also there are some limitations of FTP over HTTP, see the Extra Notes below.
If the body is compressed and the encoding scheme is not recognized, Forefront TMG cannot inspect the content.
HTTP content compressed with gzip encoding can be decoded, inspected, and encoded in both directions.
After doing all these, looking at the Malware Inspection settings of this rule we will notice that this time Inspect content downloaded from Web servers to clients check box is checked and grayed out: We can then test if indeed the malware inspection will detect malware served by FTP servers.