Blank User Activity Report if domain or username contains accented characters Administrators creating a User Activity Report for users where the domain or user name contain characters that are not included in the english alphabet, may not be able to see...

We'd like to advise that Rollup 1 for TMG SP2 is now available. TMG SP2 Rollup 1 can be downloaded here: http://support.microsoft.com/kb/2649961 Please see KB 2649961 for details of the fixes included in this rollup. The Build Number is: 7.0...

  • Configuring Authentication on the Listener • On the Authentication tab of the Listener, select “HTML Form Authentication” from the drop down list and select “RSA SecurID” as the Authentication Validation Method. • Check “Collect additional delegation...

  Disclaimer: Many of the steps outlining the configuration of the RSA Authentication Manager v 7.1 software are not directly supported by Microsoft. They should be used as a guideline to help familiarize and guide you in this configuration. For...

  Disclaimer: Many of the steps outlining the configuration of the RSA Authentication Manager v 7.1 software are not directly supported by Microsoft. They should be used as a guideline to help familiarize and guide you in this configuration. For...

  In this blog post I want to discuss a solution, which we provided to one of our customers. The problem was linked to a published web site where specific flash content had not been compressed as expected by TMG/ISA. The first thing which is important...

  Some days ago a customer opened a case because an ISA array was randomly refusing all the incoming connections and a restart of the Firewall Service was required to make the connections be accepted again. After a quick investigation we figured...

Here’s a new KB article we published on TMG 2010. This one actually first came out a couple weeks ago but since it wasn’t announced at the time I thought I’d send out a quick heads up just to let you know it was there.  This KB article talks about...

  Hello All! It’s Brett Crane from the Forefront Edge team here at Microsoft. I wanted to take a few moments to talk about an issue you may see in your RRAS environment if you are utilizing NLB to load balance your External Interfaces of your TMG...

Richard Hicks (Forefront MVP) was interviewed by Tom Shinder and Yuri Diogenes for their Security Talk Show called From End to Edge and Beyond . In this interview Richard explains and demonstrates some of the new capabilities of Forefront TMG SP2. ...

In ISA 2006 SP1 and TMG RTM it’s possible to configure ISA/TMG to distribute your own custom WPAD configuration file. This can be quite handy if you already did write your own WPAD configuration file, which had been distributed on a separate server...

  Introduction: In this scenario I am going to share a very unique issue which I came across while trying to join one of the TMG servers to the Stand alone array. In this case we had two Enterprise Edition TMG servers installed on an Appliance.  ...

In TMG 2010 Service Pack 2, we put our focus on bug fixing, in order to improve the overall experience with TMG 2010. However next to pure bug fixing, we also introduced some new features. In this article we’ll provide a quick introduction to the new...

Have you ever been interested in which users visit specific sites on the Internet very often? E.g. which users did browse most on blogs.technet.com last week? In SP2 we added a new report, which allows analyzing the usage of specific sites connected to...

In TMG 2010 Service Pack 2, we did put our focus on bug fixing, in order to improve the overall experience with TMG 2010. However next to pure bug fixing, we also introduced some new features. One of these new features introduces the possibility to allow...

We are happy to announce the availability of Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 (SP2). The service pack is available for download from the Microsoft Download Center . Here are some of the improvements we are introducing in Forefront...

Usually we’re using tools like Network Monitor, various text file parser, Procmon, Windbg… to solve ISA/TMG cases every day in and out in Microsoft Customer Service & Support. Sometimes we also use Excel to be able to filter the exported Firewall...

When publishing services like Outlook Anywhere, OWA and Active Sync for exchange in ISA/TMG, we sometimes need certificates with subject alternative names (SAN). This enables us to publish multiple DNS names using one SSL Web Listener. Requesting SAN...

One of the reasons for using an array is the availability of NLB, which is known to provide fault tolerance and load balancing. NLB relies on heartbeats to determine whether the cluster nodes are alive. The nodes divide the potential client IP addresses...

In this article I want to provide a detailed view on a possible performance issue you might face, when you’re publishing CRM 2011 IFD using ISA Server or TMG. Please note that the screenshots provided in this article are based on TMG, however the configuration...

The purpose of this blog post is to provide you with some interesting information about the different kind of product updates the ISA/TMG Sustained Engineering (SE) team can release during the lifecycle of ISA Server or Forefront Threat Management Gateway...

Preface Publishing SharePoint mobile for Windows Phone 7 with UAG is easy. However, it is possible to achieve similar results using TMG (or even other 3rd party reverse proxies) In this post we will provide the high-level topology architecture used in...

Symptom Consider that you have deployed Forefront TMG 2010 along with Exchange Edge and Forefront Protection for Exchange 2010 (FPE), and you have also enabled the E-Mail Policy feature in TMG. In addition, you have configured from the TMG Management...

I’m happy to announce that Microsoft Forefront TMG 2010 (Standard Edition and Enterprise Edition) has passed Common Criteria Evaluation Assurance Level 4+ (EAL 4+). The certification work has been performed by the Federal Office for Information Security...

Introduction Recently we’ve encountered a number of cases where customers wanted to use TMG to require strong authentication for some parts of a published web site (e.g. Outlook Web Access, OWA) but not for others (e.g. Exchange Active Sync, EAS). This...