ForeFront TMG is mainly used indeed for intranet/extranet scenarios. Unless you really have valid reasons to secure or redirect traffic in Intranet, you are adding more complexity otherwise. But you could envision having it running still relying on simple DNS for the redirection of internal calls.
Giving partners access falls under extranet (usually HTTPS), so particularly publishing SharePoint URLs it is recomanded with TMG, whether you decide to use it as Reverse-Proxy or off-load SSL terminations.
The better alternative for TMG is currently UAG.