How to Disable Spoof Detection in ISA and TMG MBE Firewalls

image By default, the IP Spoof Detection feature is enabled in Microsoft Internet Security and Acceleration (ISA) Server 2004, in Microsoft Internet Security and Acceleration (ISA) Server 2006, in Microsoft Forefront Threat Management Gateway Medium Business Edition, and in Windows Essential Business Server 2008.

Although there is no way to disable this feature in the ISA Microsoft Management Console (MMC) snap-in, you can disable this feature in the Windows registry.

However, I have to tell you that you should have a very specific reason for disabling spoof detection. Don’t use this solution to fix a misconfiguration problem on your part. Otherwise, you’ll have broken the firewall’s security model and not fixed the original problem.

Check it out at:



Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting

PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top