Following on the success of Outlook Anywhere in Exchange Server 2007, Windows Server 2008 in turn delivers the capability to access your desktop from anywhere in a secure and controlled manner.

The new Terminal Server Gateway service (TS Gateway) in Windows Server® 2008 offers the flexibility of Windows® Terminal Server Services plus the ability to connect to a Terminal Server from anywhere over an HTTP connection. This service uses Remote Desktop Protocol (RDP) over HTTPS (SSL) to increase security while providing a single client interface for accessing Terminal Services resources.

This new TS Gateway service offers significant benefits to those who need to access their computers remotely:

• No need to establish a Virtual Private Network (VPN) session prior to connecting to internal resources using RDP.
• Enhanced security using Network Access Protection (NAP) and Windows Security Health Checks to control RDP connections.
• No need to open TCP port 3389 inbound to enable more secure Web publishing through firewalls.

You can use Microsoft® Internet Security and Acceleration (ISA) Server 2006 to enhance the security of TS Gateway service while allowing external access to internal resources. You can set up an SSL-to-SSL bridging scenario in which ISA Server 2006 receives requests and passes them to the internal TS Gateway service, also using HTTPS. While bridging the request, the ISA firewall decrypts the SSL communications and performs application-layer inspection.

If the HTTP protocol stream passes inspection, then the communication is re-encrypted and forwarded to the Terminal Services proxy. If the protocol stream fails inspection, the connection is dropped.

Check out the details in the rest of this article that I wrote together with Yuri Diogenes for TechNet magazine.

http://technet.microsoft.com/en-us/magazine/2008.0...g.aspx

Thanks!

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Ever wonder what applications are either connected to the network or are trying to connect to the network? One way you can check this out without installing any additional software is to use the netstat command. To do this, open a command prompt and at the command prompt type netstat -nab What you’ll see is a comprehensive list of connections your computer is making to the network and also ports that applications have opened for either inbound or outbound connections. For example, check out the figure below:

This figure shows that OUTLOOK.EXE (which it Outlook 2007 on my computer) is making outbound connections from IP address 192.168.1.70 with a number of source ports (e.g., 4547, 4548, etc) to IP address 192.168.1.60 on destination port 8080. This information lets me know that Outlook is connecting to the Web Proxy listener port on my ISA firewall, and that some component in Outlook is connecting to the Internet. It could be that I’m looking at an HTML mail message, or it could be the Windows Live mail connector. In order to get information about where the connection is destined, I’d have to look at the firewall logs. But netstat does let me know that this application is trying to connect to the Internet.

Next time you’re wondering what applications on your computer are trying to connect to the network, give netstat a try. If you want to see what other options are available with netstat, just type in the command netstat /?

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

I get a lot of requests from people on how to manipulate their MAC addresses. Most of these are related to connections from wireless clients. Unfortunately, there is still the impression in the general public that MAC address control is a security configuration. The fact is that this isn’t true, because of how easy it is to change a MAC address.

Don’t believe it? Then check out this article on how to change your MAC address on a Windows XP computer at:

http://devices.natetrue.com/macshift/

That article provides information on how to use a freeware, command line tool on how to change your MAC address in Windows XP.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Here’s a great article by my friends Yuri Diogenes, Mohit Saxena and Jim Harrison on the malware inspection capabilities of the Microsoft Forefront Threat Management Gateway (TMG) Medium Business Edition that comes with the Microsoft Essential Business Server product. In this article the guys get together to explain how TMG firewall malware inspection works and how to configure it.

Check it out at:

http://technet.microsoft.com/en-us/magazine/2009.0...h.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

“Microsoft Windows XP Service Pack 2 (SP2) helps protect your computer against the insertion of malicious code into areas of computer memory reserved for non-executable code by implementing a set of hardware and software-enforced technologies called Data Execution Prevention (DEP). Hardware-enforced DEP is a feature of certain processors that prevents the execution of code in memory regions that are marked as data storage. This feature is also known as No-Execute and Execution Protection. Windows XP SP2 also includes software-enforced DEP that is designed to reduce exploits of exception handling mechanisms in Windows.”

For more information about Windows XP SP2 memory protection and how to configure it, check out this link to the full article:

http://technet.microsoft.com/en-us/library/cc700810.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Want to get up to speed fast on the MS Assessment and Planning Toolkit? Then check out this great video!

http://video.msn.com/video.aspx/?mkt=en-us&vid...nin1.0

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Join Microsoft for a technical introduction to Microsoft Forefront Client Security, which provides unified malicious software protection for business desktops, laptops, and server operating systems. In this webcast, you will see how Forefront Client Security works, examine its architecture, and learn about best practices for planning and deploying the product in your network. They also discuss key features in Client Security like policies, alerting, and reporting. This overview session serves as a starting point for other more in-depth sessions in our series on Forefront Client Security.

Register for and view the Webcast at:

http://msevents.microsoft.com/cui/WebCastEventDeta...ode=US

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Data Protection Manager (DPM) is Microsoft’s enterprise backup solution. You can use DPM to backup servers in a disk to disk configuration as well as disk to tape. DPM 2007 SP1 one brings additional features to the DPM offering that I’m sure you’ll like. In this video, they look at the new SP1 features that you can use to enhancing backup of SharePoint 2003/2007 and Windows SharePoint Services 2.0/3.0.

Check out the video at:

http://edge.technet.com/Media/What-is-new-in-DPM-2...Point/

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Microsoft’s Intelligent Application Gateway (IAG) 2007 with Application Optimizers provides secure socket layer (SSL) virtual private network (VPN), a Web application firewall, and endpoint security management that enable access control, authorization, and content inspection for a wide variety of line-of-business applications. And when you download the trial virtual machine, you’re automatically registered to receive valuable resources delivered at strategic intervals throughout the software evaluation period. Please be advised that this trial virtual machine will expire on May 15th 2009.

Please review the Microsoft IAG 2007 SP2 system requirements before you proceed.  Actual requirements and product functionality may vary based on your system configuration.

Get your eval copy of IAG 2007 at:

http://technet.microsoft.com/en-us/evalcenter/dd18...9.aspx

And make sure to visit www.isaserver.org on a regular basis for articles, tips and tricks on working with the IAG 2007 SP2. I think that after you have a chance to evaluate the IAG in your own network, you’ll find it to be the superior SSL VPN solution.

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

Learn more about how Microsoft SQL Server 2008 provides customers with a trusted, productive, and intelligent platform for business applications. See how SQL Server 2008 can be used to provide a reliable platform with lower cost for key business scenarios like business intelligence, data warehousing, mission-critical applications, and server consolidation.

Presenter:  Ram Ramanathan, Senior Product Manager, Microsoft Corporation

Register for and view the Webcast at:

http://www.microsoft.com/events/series/detail/webc...d=4191

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer

Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)