Richard Hicks' ISA/TMG Blog

Forefront Threat Management Gateway (TMG) 2010 and Windows Firewall Integration

March 11, 2010

With previous versions of Microsoft ISA Server running on Windows Server 2003, the Windows Firewall and Internet Connection Sharing (ICS) services were disabled by default.

After installing Microsoft Forefront Threat Management Gateway (TMG) 2010, you may have noticed that the Windows Firewall service is still enabled.

The reason for this is that the TMG Firewall integrates with the local Windows firewall instead of replacing it. This is made possible by the Windows Filtering Platform (WFP) which makes incorporating firewall services in to the operating system’s networking stack much easier. If you take a closer look you will see that TMG is simply a Windows Filtering Platform registrant.

Having the Windows Firewall service running on a TMG firewall is by design. Since TMG depends on the Windows Firewall service for operation, and the Windows Firewall service can be configured via Active Directory Group Policy, there is the potential for conflict that may result in the TMG firewall not working correctly. To avoid this scenario, create a separate OU dedicated to the TMG firewall systems and filter out any GPOs that make changes to the Windows Firewall configuration.

Leave a Comment » | Threat Management Gateway | Permalink
Posted by Richard Hicks

March Madness Costs Businesses $1.8 Billion

March 10, 2010

According to an article in the Orange County Register, The NCAA Men’s College Basketball tournament (aka March Madness) will cost businesses an estimated $1.8 billion dollars in lost productivity. This is where the URL filtering capabilities of Microsoft Forefront Threat Management Gateway (TMG) 2010 shine! With integrated URL filtering enabled, security administrators can simply configure an access rule allowing limited access to the Sports category (perhaps during the lunch hour only) or perhaps even block the category completely. The result will be improved productivity and significant network bandwidth savings during the tournament.

Leave a Comment » | General, Threat Management Gateway | Permalink
Posted by Richard Hicks

Wireshark Network Analysis Book – Available for Pre-Order

March 9, 2010

A comprehensive reference dedicated to the ubiquitous Wireshark protocol analyzer, authored by the foremost expert in protocol analysis and Wireshark, Laura Chappell, is now available for pre-order. Due to be released on March 29, 2010, you can view sample pages by visiting wiresharkbook.com. Be sure to visit wiresharktraining.com and chappellseminars.com for additional training and reference material.

Leave a Comment » | General, Networking | Permalink
Posted by Richard Hicks

Windows Internals Training with David Solomon

March 6, 2010

If you are interested in learning more about Windows operating system internals, I would strongly encourage you to register for one of David Solomon’s upcoming Windows OS Internals seminars. These classes will be available as a 5-day hands-on course or 2-day online webinar. David Solomon is one of the authors of Windows Internals Fifth Edition and is one of the foremost experts on the inner workings of the Windows kernel. This is a training class you don’t want to miss. Microsoft employees and MVPs are eligible for a discount. Register today!

Leave a Comment » | General | Permalink
Posted by Richard Hicks

Windows Intelligence Conference – March 29 and April 26, 2010

February 28, 2010

Quickstart Intelligence, a premiere IT technical training company based here in California, along with Microsoft and AvePoint is sponsoring the Windows Intelligence conference. This event features a long list of speakers that will present on topics such as Windows 7, Windows Server 2008R2, cloud computing, virtualization, Exchange 2010, and Office 2010 just to name a few. The Windows Intelligence conference will be held in two locations:

Monday, March 29, 2010
Orange County Hilton – Costa Mesa, CA

Monday, April 26, 2010
Hyatt Regency Embarcadero – San Francisco, CA

This is an event you won’t want to miss. Register now using the promotion code HICKSMVP and receive $50.00 off registration. Sign up now!

Leave a Comment » | General | Permalink
Posted by Richard Hicks

RSA Security Conference – March 2 – 4, 2010

February 22, 2010

I will be attending the annual RSA Security Conference in San Francisco on March 2-4, 2010. I’ll be splitting time between the Celestix booth (booth #556) and the Microsoft Partner Pavilion. You can register for a free expo pass by using code EC10CEL. Stop by and introduce yourself!

Leave a Comment » | General | Permalink
Posted by Richard Hicks

RunAs Radio Interview – Episode #147

February 9, 2010

Recently I had the opportunity to chat with Richard Campbell and Greg Hughes at RunAsRadio.com about Microsoft Forefront Threat Management Gateway (TMG) 2010. Each week Richard and Greg interview technology specialists such as Steve Riley, Mark Minasi, Clint Huffman, and Stephen Rose, just to name a few. We talked at length about TMG, and also discussed Microsoft Forefront Unified Access Gateway (UAG) 2010 and some of the other Forefront Security Suite products. Visit RunAsRadio.com to download episode #147 and listen today!

1 Comment | Threat Management Gateway | Permalink
Posted by Richard Hicks

NMap 5.21 Released

January 28, 2010

NMap, the venerable network security scanner, has recently been updated. NMap 5.21 includes a ton of new enhancements. If you are new to NMap or would simply like to enhance your skills I would strongly encourage you to read the NMap Network Scanning book, written by the author of NMap.

Leave a Comment » | Networking, Utilities | Permalink
Posted by Richard Hicks

TMG Management Console for 32-Bit Windows

January 23, 2010

Forefront Threat Management Gateway (TMG) 2010 runs exclusively on 64-bit Windows Server 2008 or Windows Server 2008R2. This means you will not be able to install the TMG management console included with the installation media on any 32-bit Windows machine. What if you wish to manage your TMG firewalls from a 32-bit Windows operating system? The answer is simple. Download the 32-bit version of the TMG management console. After registering, click the download link and then download the file TMG_ENU_Management_x86.exe. Now you can manage your TMG firewalls from a 32-bit Windows desktop or server operating system!