ISAserver.org Blogs RSS

Thomas Shinder Blog - FEATURED RSS

Written by Dr Thomas W Shinder, consultant to Microsoft, HP and many Fortune 500 companies on ISA firewall and Web proxy deployments this blog is where administrators get information about ISA Server Universal Threat Management firewalls. Topics include how to manage, deploy, and troubleshoot ISA Server as a network firewall, Web proxy/Web cache, remote access VPN server and VPN gateway to provide a high level of network security for all corporate computers.

Visit the Thomas Shinder Blog

Stefaan Pouseele Blog RSS

Stefaan Pouseele, an ISA Server MVP, discusses issues brought up within various ISA articles and Microsoft publications. Updates to the ISA Firewall, protocol support, discussions on the different ISA clients, ISA features, how to clean up network traffic and links to new ISA server literature are all be included within the blog. Get help on troubleshooting the ISA network firewall and learn how to create good security policies. Coverage on ISA Server 2006 also appears.

Visit the Stefaan Pouseele Blog

Latest ISAserver blog posts

Duplication Authentication Requests when Connecting to Publishing SharePoint Sites

Date - Jul 3rd, 2009

Author - Thomas Shinder

A common problem with publishing SharePoint sites is the constant authentication prompts you get when working with SharePoint information and Office applications. I think just about every ISA firewall admin who’s published a SharePoint site has run into this problem. The problem is related to cookie handling. The key is to change the form settings to use persistent cookies. The problem is that there are security implications to this decision. more...

TMG Network Inspection System

Date - Jul 3rd, 2009

Author - Thomas Shinder

Previous versions of the ISA firewall had a rudimentary intrusion detection and prevention system, mostly based on network layer attacks that were popular in the 1990s. For industrial strength IDS/IPS, you had to look somewhere else. With the introduction of the TMG firewall, a new and vastly improved IDS/IPS is included. This is known as the Network Inspection System (NIS). more...

TMG SCOM-Pack – Monitor TMG with System Center 2007 R2

Date - Jul 3rd, 2009

Author - Thomas Shinder

One the reasons to consider a TMG firewall is the ability to integrate the firewall with the rest of your management infrastructure. The concept of managing security under a “single pane of glass” has caught on, as the industry is recognizing that using multiple consoles from multiple vendors with different interface models introduces high overhead in terms of IT training and maintenance. more...

Bing Safe Search, ISA Server and Forefront TMG

Date - Jun 25th, 2009

Author - Thomas Shinder

If you haven’t had a chance to test out Microsoft’s new search engine – Bing – then today’s a good day to start. I never thought I’d used anything but Google for Internet search, but since Microsoft released Bing a couple of weeks ago, I’ve been using Bing as my first search engine and then falling back on Google if I don’t find what I need. It’s pretty nice and you should give it a try and see how it works for you. more...

Unified Access Gateway (UAG) Means DirectAccess

Date - Jun 24th, 2009

Author - Thomas Shinder

If you haven’t heard of DirectAccess, then now is a great time to start to get to know it. DirectAccess is a new remote access technology (some might even consider it a VPN technology, but that depends on your definition of virtual private networking) that is available when you pair Windows 7 clients with Windows Server 2008 R2. DirectAccess allows your Windows 7 clients to connect to the corporate network when the machine starts up. more...

The End of PPTP and L2TP IPsec VPN Networking in Windows

Date - Jun 24th, 2009

Author - Thomas Shinder

“This is the endBeautiful friendThis is the endMy only friend, the endOf our elaborate plans, the endOf everything that stands, the endNo safety or surprise, the endIll never look into your eyes...again…” http://blogs.technet.com/rrasblog/archive/2009/02/10/do-we-still-need-pptp-l2tp-ipsec-after-windows-7.aspx OK, maybe a little melodramatic, but this blog post really seemed to come out of left field. Actually, it’s not as bad as you might think it is. more...

The Changing of the Guard for Microsoft Remote Access - UAG

Date - Jun 22nd, 2009

Author - Thomas Shinder

Meir Mendelovich a Senior Program Manager in the Microsoft UAG product group, posted an important blog post last week regarding the future of Microsoft remote access. more...

Excluding Users from URL Filtering in TMG Beta 3

Date - Jun 18th, 2009

Author - Thomas Shinder

There are a lot of new goodies included in the Beta 3 version of the upcoming TMG firewall and we’ll cover them in detail here at ISAserver.org in the coming months. However, if you want a quick look at what we think are the best and the brightest new features and capabilities included in the beta 3, then make sure you subscribe to our newsletter. I’ll cover these in the next edition which should be released sometime next week. more...

TMG Beta 3 Introduces SSTP Remote Access VPN

Date - Jun 18th, 2009

Author - Thomas Shinder

Yuri Diogenes reminds us that SSTP is now available with the Beta 3 version of the TMG firewall in his blog post over at http://blogs.technet.com/yuridiogenes/archive/2009/06/16/tmg-beta-3-brings-sstp-capability.aspx SSTP (Secure Socket Tunnel Protocol) is a great addition to the TMG firewall’s suite of VPN protocols. The TMG firewall now supports three VPN protocols for remote access client VPN connections. more...

DNS Security Enhancements and Web Proxy Auto Discovery

Date - Jun 18th, 2009

Author - Thomas Shinder

I’ve talked about changes in how DNS works with updates to Windows Server 2003 and Windows Server 2008 as they relate to WPAD. The main reason I’ve brought this topic up in the past is that I got burned with strange WPAD failures. Even when I had configured a WPAD Host (A) record on the Windows Server 2008 DNS server and configured the ISA firewall to published autodiscovery information, the autodiscovery process failed. more...