Sure- You can use Forefront TMG to inspect inside outbound HTTPS traffic, to protect your organization from security risks such as: Viruses and other malicious content that could utilize Secure Sockets Layer (SSL) tunnels to infiltrate the organization undetected. Users who bypass the organization’s access policy by using tunneling applications over a secure channel (for example, peer-to-peer applications). To provide HTTPS protection, Forefront Threat Management Gateway (TMG) acts as an intermediary, or a “man in the middle”, between the client computer that initiates the HTTPS connection, and the secure Web site. When a client computer initiates a connection to a secure Web site, Forefront TMG intercepts the request and does the following:- Establishes a secure connection (an SSL tunnel) to the requested Web site and validates the site’s server certificate.- Copies the details of the Web site’s certificate, creates a new SSL certificate with those details, and signs it with a Certification Authority certificate called the HTTPS inspection certificate.- Presents the new certificate to the client computer, and establishes a separate SSL tunnel with it. Because the HTTPS inspection certificate was previously placed in the client computer’s Trusted Root Certification Authorities certificate store, the computer trusts any certificate that is signed by this certificate. By cutting the connection and creating two secure tunnels, the Forefront TMG server can decrypt and inspect all communication between the client computer and the secure Web site during this session.