Windows Azure Multi-Factor Authentication and Forefront TMG 2010

When Microsoft first announced Windows Azure Multi-Factor Authentication, a cloud-based strong authentication solution, my first thought was “I wonder if it works with Forefront TMG 2010?” Being cloud-based, my first thought was perhaps not. However, once I started digging in to it I quickly learned that it includes a software component that can be installed on-premises and will even integrate with on-premises security solutions via a number of interfaces, including RADIUS. Forefront TMG 2010 has supported RADIUS authentication for many years, so I put together a test lab and in no time at all I had Windows Azure multi-factor authentication working with Forefront TMG 2010 remote access VPN. Forefront TMG 2010 integrated with Windows Azure multi-factor authentication provides the highest level of protection for remote access users. Leveraging Windows Azure cloud-based strong authentication is extremely cost effective, with very low per user or per authentication costs and no on-premises hardware to purchase. The Windows Azure public cloud, which is ISO/IEC27001:2005 certified, provides the most secure and reliable strong authentication service available today. To learn how to configure Forefront TMG 2010 to work with Windows Azure multi-factor authentication, click here.

Microsoft Forefront TMG 2010


Windows Server 2012 R2 DirectAccess Issue

As an employee of Iron Networks, a Microsoft OEM partner, I’ve had access to very early beta bits for Windows Server 2012 R2 and Windows 8.1. I’ve been testing DirectAccess for quite some time now, and while there haven’t been any real changes in features or functionality, Windows Server 2012 R2 does include many under-the-hood fixes that address some common issues that were present in Windows Server 2012. During all of my testing (performed weekly as we received new builds from Microsoft) I never encountered any issues. Surprisingly, when I first received the Release to Manufacturing (RTM) build, I discovered a pretty serious issue! You can read all the details here.

Publishing Exchange 2013 Outlook Web App with Forefront TMG 2010

For organizations looking to take advantage of cloud-based services, often one of the first services to get migrated to the cloud is mail. However, for some companies this is not an acceptable alternative, typically due to regulatory or compliance reasons, but sometimes it’s a simple as not wanting to give up control of e-mail communications. For those that are sticking with on-premises Exchange and are migrating to or have deployed Exchange 2013, you can leverage Forefront TMG 2010 to provide secure remote access to on-premises Exchange 2013. Although not supported natively in TMG, you can still make it work. Read more here.