The WindowSecurity.com monthly newsletter is out! In this month’s edition I talk about the importance of patch management and updating, as well as the recent quality issues that Microsoft has been having with regards to some of the fixes released on update Tuesday. Enjoy!
I’ve spent the better party of the last 16 years implementing and managing edge security and remote access solutions for some of the largest organizations in the world. With a lot of experience enforcing Internet access policies, I can tell you from experience that users will try anything to circumvent those restrictions. One of the most common methods of avoiding in place access controls is public anonymous proxy servers. In this month’s ISAserver.org article I’ll demonstrate a few techniques for preventing public anonymous proxy server access using Forefront TMG 2010.
One of my favorite things about the Microsoft Azure public cloud is the SQL database options that are available. Whenever I’m building a test lab that requires an SQL database, in the past it would take quite a long time to get a VM provisioned and SQL installed and configured. Also, with limited local resources, my test lab SQL servers were often significantly underpowered. With Azure-hosted SQL databases, that’s no longer a problem. I can provision a Windows Server 2012 R2 VM with whatever version of SQL I require in just a few minutes. In addition, I’m no longer constrained by local resources. Now I routinely provision very powerful VMs, typically with at least 8 cores and 14GB of RAM, which makes testing much easier. Microsoft Azure also features SQL database as a service options too, which doesn’t require provisioning a VM. This works quite well in many cases. For more information about SQL database options in Microsoft Azure, be sure to read my latest article on CloudComputingAdmin.com.
The WindowSecurity.com monthly newsletter is out! This month I discuss my recent trip to the Microsoft Worldwide Partner Conference (WWPC) in Washington, D.C. and share details about Microsoft’s increased focus on security for their online services. I also provide details about Microsoft’s current state of security and compliance for the Azure public cloud offering. Check it out!
I’ve really enjoyed working with Microsoft Azure over the last few years. The service continues to add new features at a rapid pace, and I’m finding myself using Azure virtual machines much more frequently that in the past. Recently I decided to configure a full, standalone Windows Server 2012 R2 lab hosted entirely in Azure. The first challenge I faced was configuring the domain controller. As it turns out, there are a few things you have to do to make it work. Read my latest article in CloudComputingAdmin.com to find out the details.
If you are still hosting your own Microsoft Exchange 2010 server on-premises, you may be considering the integration of the Exchange Edge Transport role with Forefront TMG 2010. There are a variety of reasons for doing this, but it is not without some drawbacks. If you’d like to learn more about this deployment scenario and how to configure both Exchange and TMG to accomplish this, read my latest post on ISAserver.org here.
WordPress is an excellent blogging platform, and one that I’ve used for many years. My first two blogs, tmgblog.richardhicks.com and directaccess.richardhicks.com, were both created using the hosted WordPress platform at WordPress.com. Recently I decided to move my personal web site (the site you are viewing now!) over to Microsoft Azure. Instead of migrating my old Classic ASP web site I created a long time ago, I decided that I’d leverage Azure’s support for WordPress. I have to say I’ve really enjoyed the process! There were a few catches, but for the most part it has been a great experience. In my latest article at CloudComputingAdmin.com you can learn for yourself how to create and deploy a WordPress blog on the powerful Microsoft Azure platform. Enjoy!
So, you’ve just finished installing, configuring, and deploying Forefront TMG 2010 in production. You’re done, right? Not quite! After implementing TMG it is vital that you establish performance baselines and prepare a monitoring strategy to ensure the smooth operation and continued availability for the solution. In my latest article on ISAserver.org I discuss some effective monitoring strategies for Forefront TMG 2010 that I’ve gained from implementing and supporting TMG deployments for some of the largest companies in the world. Read it today!
In this month’s WindowSecurity.com monthly newsletter I discuss two important security reports that were recently released – the Verizon 2014 Data Breach Investigations Report (DBIR) and the Microsoft Security Intelligence Report (SIR) Volume 16. Each of these reports include important information about current attack methods and exploit trends. The DBIR focuses on successful data breaches, while the SIR provides detailed information about software vulnerabilities and exploits, which themselves are often used in successful data breaches. Be sure to read this month’s newsletter for all of the details.
Microsoft TechEd North America 2014 is officially in the books. Although I was not in attendance this year, I understand that there was very little talk about DirectAccess during the weeklong event in Houston. I’ve had a number of people reach out to me about this, and for those interested I will be delivering at least two talks about Windows-based remote access in general, and DirectAccess specifically this year. I’ll be presenting a high-level session on remote access that includes DirectAccess at TechDays San Francisco, CA on June 5-6. This will be a 75 minute overview session for all things remote access in Windows Server 2012 R2, including DirectAccess, client-based and site-to-site VPN, and Web Application Proxy. If you’re interested in a more detailed training session on DirectAccess, I’ll be delivering a 3-hour technical deep-dive at TechMentor in Bellevue, WA on August 15. Hope to see you soon!