If you are still hosting your own Microsoft Exchange 2010 server on-premises, you may be considering the integration of the Exchange Edge Transport role with Forefront TMG 2010. There are a variety of reasons for doing this, but it is not without some drawbacks. If you’d like to learn more about this deployment scenario and how to configure both Exchange and TMG to accomplish this, read my latest post on ISAserver.org here.
WordPress is an excellent blogging platform, and one that I’ve used for many years. My first two blogs, tmgblog.richardhicks.com and directaccess.richardhicks.com, were both created using the hosted WordPress platform at WordPress.com. Recently I decided to move my personal web site (the site you are viewing now!) over to Microsoft Azure. Instead of migrating my old Classic ASP web site I created a long time ago, I decided that I’d leverage Azure’s support for WordPress. I have to say I’ve really enjoyed the process! There were a few catches, but for the most part it has been a great experience. In my latest article at CloudComputingAdmin.com you can learn for yourself how to create and deploy a WordPress blog on the powerful Microsoft Azure platform. Enjoy!
So, you’ve just finished installing, configuring, and deploying Forefront TMG 2010 in production. You’re done, right? Not quite! After implementing TMG it is vital that you establish performance baselines and prepare a monitoring strategy to ensure the smooth operation and continued availability for the solution. In my latest article on ISAserver.org I discuss some effective monitoring strategies for Forefront TMG 2010 that I’ve gained from implementing and supporting TMG deployments for some of the largest companies in the world. Read it today!
In this month’s WindowSecurity.com monthly newsletter I discuss two important security reports that were recently released – the Verizon 2014 Data Breach Investigations Report (DBIR) and the Microsoft Security Intelligence Report (SIR) Volume 16. Each of these reports include important information about current attack methods and exploit trends. The DBIR focuses on successful data breaches, while the SIR provides detailed information about software vulnerabilities and exploits, which themselves are often used in successful data breaches. Be sure to read this month’s newsletter for all of the details.
Microsoft TechEd North America 2014 is officially in the books. Although I was not in attendance this year, I understand that there was very little talk about DirectAccess during the weeklong event in Houston. I’ve had a number of people reach out to me about this, and for those interested I will be delivering at least two talks about Windows-based remote access in general, and DirectAccess specifically this year. I’ll be presenting a high-level session on remote access that includes DirectAccess at TechDays San Francisco, CA on June 5-6. This will be a 75 minute overview session for all things remote access in Windows Server 2012 R2, including DirectAccess, client-based and site-to-site VPN, and Web Application Proxy. If you’re interested in a more detailed training session on DirectAccess, I’ll be delivering a 3-hour technical deep-dive at TechMentor in Bellevue, WA on August 15. Hope to see you soon!
The cloud is awesome! I love the power and flexibility it provides, and it lends itself well to data archiving and storage too. In my latest article on CloudComputingAdmin.com, read how to configure Microsoft Azure Recovery Services to back up on-premises Windows Server. In the article I demonstrate how to do this with Windows Server 2012 R2, but you can certainly apply this to other operating systems as well. Enjoy!
I’ve been working with Microsoft Forefront Threat Management Gateway (TMG) 2010 and it’s predecessors, Microsoft Internet Security and Acceleration Server (ISA) 2006 and 2004 and Microsoft Proxy Server 2.0, for more than 15 years. I’ve deployed TMG for some of the largest organizations in the world, and one of the most common deployment scenarios I encounter in the enterprise is the forward proxy server. In this role, Forefront TMG 2010 serves as a central point to aggregate access and to provide visibility and control for users accessing content on the public Internet. Over the years I’ve gained a lot of experience making TMG perform well under extreme circumstances. Under heavy load conditions, which are common in enterprise deployments, a seemingly benign configuration error can result in severely degraded performance. In my latest article on ISAserver.org, I share a few of the tips I’ve learned for extracting the most performance from the Forefront TMG 2010 firewall configured as a forward proxy server. Check it out today!
The big security news in April was, without a doubt, the vulnerability in the popular OpenSSL crypto library. The vulnerability, dubbed “Heartbleed”, is discussed at length in the latest edition of the WindowSecurity.com monthly newsletter. Yes, I know it doesn’t pertain to “Windows security” as the title of the newsletter suggests, but it was an important topic that I felt needed to be discussed. This vulnerability is without question one of the worst in the history of the Internet, and for once, it wasn’t a Microsoft product. No gloating, however! Software is created by humans, and humans are fallible. It could happen to anyone. However, there are some interesting peculiarities regarding this particular bug. Read the newsletter to find out more.
PowerShell is an amazing tool for configuring and managing Windows hosts. But what happens when you implement new or migrate existing workloads to the Microsoft Azure public cloud? Not to worry…PowerShell is there! That’s right, you can leverage PowerShell to configure the Azure public cloud infrastructure too. Read my latest article on CloudComputingAdmin.com for an introduction to PowerShell for the Microsoft Azure public cloud.
Can a remote access solution improve your organization’s security posture? That’s a topic I explore in this month’s edition of the WindowSecurity.com monthly newsletter. This month I discuss Microsoft’s next generation remote access solution – DirectAccess. DirectAccess provides seamless and transparent, always-on remote corporate network connectivity for managed Windows clients. In addition to providing a significantly improved user experience, DirectAccess also includes native support for bi-directional network connectivity for remote connected endpoints. This enables security administrators to better manage their remote devices and improves compliance tremendously. Read this month’s newsletter to learn more!