Archive

Archive for the ‘General’ Category

TechNet Edge Interview – TMG and UAG Deployment Options

Recently I had the pleasure of sitting down with David Tesar from TechNet Edge to discuss deployment options for TMG and UAG. I had the opportunity to talk about some of the potential pitfalls to deploying TMG and UAG on a virtual infrastructure, specifically relating to security and performance. You can watch the video here. Enjoy!

Creating User Mode Process Dumps in Microsoft Forefront Threat Management Gateway (TMG) 2010

May 1, 2010 Comments off

In a recent post on his blog, Yuri Diogenes shared with us how to create a manual dump of the wspsrv.exe process in TMG by using the Windows Task Manager. This is tremendously helpful in many situations, but there are scenarios that require more flexibility. For this I use procdump.exe from Sysinternals. To create a dump of a user mode process, enter the following command:

procdump <process>

For example, creating a dump of the wspsrv.exe process would look like this:

procdump wspsrv

This will immediately generate a dump file called wspsrv.dmp.

Procdump provides additional flexibility by allowing you to trigger a dump based on specific thresholds. This is extremely useful when troubleshooting intermittent high CPU utilization issues with TMG. For example, if you wanted to create a dump of the wspsrv.exe process when CPU utilization reaches 90% for more than 5 seconds, enter the following command:

procdump –c 90 –s 5 c:\wspsrv.dmp

When CPU utilization stays at or above 90% for more than 5 seconds, a user mode process dump will be generated and saved in the file c:\wspsrv.dmp. This can be beneficial in situations where high CPU utilization prevents you from using the mouse or typing commands at the command prompt. Automating the task of capturing dumps based on triggers also frees the administrator from having to be at the console when the symptom occurs. Additional command line switches allow you to create multiple dumps, increasing your chances of collecting accurate data for troubleshooting.

March Madness Costs Businesses $1.8 Billion

March 10, 2010 Comments off

According to an article in the Orange County Register, The NCAA Men’s College Basketball tournament (aka March Madness) will cost businesses an estimated $1.8 billion dollars in lost productivity. This is where the URL filtering capabilities of Microsoft Forefront Threat Management Gateway (TMG) 2010 shine! With integrated URL filtering enabled, security administrators can simply configure an access rule allowing limited access to the Sports category (perhaps during the lunch hour only) or perhaps even block the category completely. The result will be improved productivity and significant network bandwidth savings during the tournament.

Wireshark Network Analysis Book – Available for Pre-Order

March 9, 2010 Comments off

A comprehensive reference dedicated to the ubiquitous Wireshark protocol analyzer, authored by the foremost expert in protocol analysis and Wireshark, Laura Chappell, is now available for pre-order. Due to be released on March 29, 2010, you can view sample pages by visiting wiresharkbook.com. Be sure to visit wiresharktraining.com and chappellseminars.com for additional training and reference material.

Categories: General, Networking

Windows Internals Training with David Solomon

March 6, 2010 Comments off

If you are interested in learning more about Windows operating system internals, I would strongly encourage you to register for one of David Solomon’s upcoming Windows OS Internals seminars. These classes will be available as a 5-day hands-on course or 2-day online webinar. David Solomon is one of the authors of Windows Internals Fifth Edition and is one of the foremost experts on the inner workings of the Windows kernel. This is a training class you don’t want to miss. Microsoft employees and MVPs are eligible for a discount. Register today!

Categories: General

Windows Intelligence Conference – March 29 and April 26, 2010

February 28, 2010 Comments off

Quickstart Intelligence, a premiere IT technical training company based here in California, along with Microsoft and AvePoint is sponsoring the Windows Intelligence conference. This event features a long list of speakers that will present on topics such as Windows 7, Windows Server 2008R2, cloud computing, virtualization, Exchange 2010, and Office 2010 just to name a few. The Windows Intelligence conference will be held in two locations:

Monday, March 29, 2010
Orange County Hilton – Costa Mesa, CA

Monday, April 26, 2010
Hyatt Regency Embarcadero – San Francisco, CA

This is an event you won’t want to miss. Register now using the promotion code HICKSMVP and receive $50.00 off registration. Sign up now!

Categories: General

RSA Security Conference – March 2 – 4, 2010

February 22, 2010 Comments off

I will be attending the annual RSA Security Conference in San Francisco on March 2-4, 2010. I’ll be splitting time between the Celestix booth (booth #556) and the Microsoft Partner Pavilion. You can register for a free expo pass by using code EC10CEL. Stop by and introduce yourself!

Categories: General