Newsletter – March 2014

Can a remote access solution improve your organization’s security posture? That’s a topic I explore in this month’s edition of the monthly newsletter. This month I discuss Microsoft’s next generation remote access solution – DirectAccess. DirectAccess provides seamless and transparent, always-on remote corporate network connectivity for managed Windows clients. In addition to providing a significantly improved user experience, DirectAccess also includes native support for bi-directional network connectivity for remote connected endpoints. This enables security administrators to better manage their remote devices and improves compliance tremendously. Read this month’s newsletter to learn more!

Is There Still Life Left in Forefront Threat Management Gateway (TMG) 2010?

In my latest article published on, I explore the possibility that, despite the formal end-of-life announcement from Microsoft, there might just be some life left in the venerable Forefront TMG 2010 firewall. Many folks ask me about replacement options for Forefront TMG, and depending on the deployment scenario and specific requirements, sometimes the best solution is still TMG! Read more here.

Microsoft Forefront TMG 2010 Newsletter – February 2014

The monthly newsletter is out! In this month’s edition I talk in detail about IPv6 security. IPv6 is coming fast, and in fact, for most networks it is already deployed and running! I’m sure this will be a surprise to many, but IPv6 has been enabled by default and preferred since Windows Vista. You’ve got IPv6 running on your network, but most likely you aren’t managing it, and this is a big security risk. Read this month’s newsletter to learn more!

Configure Client-based Remote Access VPN to Windows Azure Virtual Networks

I really enjoy working with Windows Azure. Being able to spin up virtual machines in the cloud is great, especially when you have access to nearly limitless capacity! In addition, having access to pre-defined workloads like SQL is a tremendous blessing. No more spending an hour building a SQL server for a quick lab. I can have one up and running in 5 minutes now! Of course accessing virtual machines running in Windows Azure is extremely important. In the past I’ve written about using site-to-site VPN to enable cross-premises network connectivity to Windows Azure, and in my article this month on I describe in detail how to enable and configure client-based remote access VPN to virtual networks in Windows Azure. Check it out!

Configure Client-based Remote Access VPN to Windows Azure Virtual Networks

Troubleshooting Name Resolution Issues on DirectAccess Clients

Often network connectivity issues can be traced directly to issues involving name resolution. The most common tool used to troubleshoot name resolution issues is NSlookup. If you’re a systems administrator there’s no doubt you’ve used this tool. However, NSlookup does not always work as expected on DirectAccess clients when they are away from the corporate network. Read my latest blog post at to find out how to use NSlookup and Resolve-DnsName on DirectAccess clients in the field.