Monthly Newsletter – June 2015

WindowSecurity.comThe monthly newsletter is out! In this month’s edition I talk about the importance of “core” deployments of Windows Server. I’ve always been a big fan of server core, and Microsoft has been hard at work adapting workloads to this deployment configuration. They’ve made great progress, and in fact Windows Server 2016 will only install in either core or minimal server interface configurations – no GUI option by default! Yes, you can still add the GUI later, but Microsoft is really trying to shape user behavior and drive adoption of this important configuration option. Server core also has important security benefits too. Read the latest monthly newsletter to learn more.

Implementing a CNG HTTPS Inspection Certificate for Forefront TMG 2010 – Part 1

Microsoft Forefront TMG 2010The venerable Microsoft Forefront TMG 2010 firewall has served capably for many years now, but it is beginning to show its age. For example, many web sites are now using modern SSL certificates with stronger cipher suites and hashing algorithms. When HTTPS inspection is enabled on the TMG firewall in its default configuration, some web sites that use these new certificates may not be accessible. To address this issue, some additional advanced configuration will be required. Be sure to read my latest article on to learn how to implement this workaround. Monthly Newsletter – February 2015
The monthly newsletter is out! The main topic of this month’s newsletter is…passwords. Boring, right? I know, it’s been hashed over thoroughly and anyone even remotely concerned with security understands the problems passwords pose. However, I chose the topic this month based on recent information that indicates, in spite of the fact that we all know how bad passwords really are, that we don’t seem to be making any progress making them better! Read this month’s newsletter to learn more. Monthly Newsletter – December 2014

The monthly newsletter is out! In this month’s edition I take a look back at security happenings in 2014. It certainly was an interesting year! Microsoft finally ended support for Windows XP, there were serious security vulnerabilities in open source platforms announced, and data breaches galore. Never a dull moment! As always, news and current events are covered too. Check it out!

Deconstructing Forefront TMG 2010 Firewall Client Operation and Communication

The Firewall Client, an optional client-side component that can be deployed with Forefront TMG 2010, is arguably the most powerful tool a security administrator can use to control network traffic destined for the public Internet in their organization. The Firewall Client provides seamless and transparent proxy services for all Winsock TCP and UDP communication. More importantly, all Firewall Client communication is authenticated, allowing TMG administrators to enforce strong user and group based access control on traffic using the Firewall Client. In this month’s article on I provide detailed information about how the Firewall Client works. I also break down how communication takes place at the network level, providing deep insight as to how the Firewall Client communicates with the TMG firewall.

Microsoft Forefront TMG 2010

Microsoft Most Valuable Professional (MVP) 2014

I’m very happy to announce that I have been awarded the Microsoft Most Valuable Professional (MVP) award for 2014! This is my sixth consecutive year receiving this award from Microsoft, and I’m proud and honored to be included with the great group of professionals associated with this program. I’m looking forward to joining all of my fellow MVPs again at this year’s summit in November. Hope to see you there!

Microsoft Most Valuable Professional (MVP) 2014