News

Motivations, Risks and Rewards of the BYOD Trend
Bring Your Own Device (BYOD) policies can easily backfire on businesses, unless closely monitored to maintain benefits for employees and the company. In this three-part blog series, TwC Director Jeff Jones takes a close look at the BYOD trend, the forces that are driving it, and the pros and cons of supporting BYOD within an IT organization.

clip_image001

Threat Modeling from the Front Lines
Threat modelling is a systematic way to find design-level security and privacy weaknesses in a system. In this article, Principal Cybersecurity Architect Michael Howard summarizes the key lessons he has learned while building threat models.

clip_image001[1]

Identity and Access Management: Access Is a Privilege
Explore why privileged-access lifecycle management is a process and technology framework that can make your access controls more efficient and effective.

Microsoft Security Bulletin Summary for August, 2012

http://technet.microsoft.com/en-us/security/bulletin/ms12-aug

Security Bulletin Overview for August  2012

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069

iPod Video (MP4) http://go.microsoft.com/?linkid=9683070

MP3 Audio http://go.microsoft.com/?linkid=9683071

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072

Zune Video (WMV) http://go.microsoft.com/?linkid=9683073

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape

Forefront TMG and ISA Server

Forefront Security TechCenter

http://technet.microsoft.com/en-gb/forefront/default.aspx

Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Threat Management Gateway 2010 homepage

http://technet.microsoft.com/en-gb/forefront/ee807302.aspx

Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Support Tip: Solving the mystery of frequent occurrences of ISA Event ID 14197

http://blogs.technet.com/b/isablog/archive/2012/08/08/support-tip-solving-the-mystery-of-frequent-occurrences-of-isa-event-id-14197.aspx

Support Tip: Troubleshooting WPAD and TMG/ISA

http://blogs.technet.com/b/isablog/archive/2012/08/08/support-tip-troubleshooting-wpad-and-tmg-isa.aspx

Support Tip: Adding an ISA Server 2004/2006 Replica Configuration Storage Server fails with Error Code 0x80072108

http://blogs.technet.com/b/isablog/archive/2012/08/13/support-tip-adding-an-isa-server-2004-2006-replica-configuration-storage-server-fails-with-error-code-0x80072108.aspx

TMG services will not start and Event ID 21235 is logged

http://blogs.technet.com/b/isablog/archive/2012/08/14/support-tip-tmg-services-won-t-start-and-log-event-id-21235.aspx

Support Tip: Site to site IPSEC tunnel Between TMG 2010 on VMware and Cisco

http://blogs.technet.com/b/isablog/archive/2012/08/15/support-tip-site-to-site-ipsec-tunnel-between-tmg-2010-on-vmware-and-cisco.aspx

Getting error 12202 intermittently (Authentication Failure) while accessing published resources (SharePoint/Exchange) through TMG 2010

http://blogs.technet.com/b/isablog/archive/2012/08/15/getting-error-12202-intermittently-authentication-failure-while-accessing-published-resources-sharepoint-exchange-through-tmg-2010.aspx

Troubleshooting "The operation failed 0x80000400 " while joining TMG server to an EMS Array

http://blogs.technet.com/b/isablog/archive/2012/08/20/troubleshooting-quot-the-operation-failed-0x80000400-quot-while-joining-tmg-server-to-an-ems-array.aspx

Troubleshooting why ISA server does not cache the response of a web server

http://blogs.technet.com/b/isablog/archive/2012/08/21/troubleshooting-why-isa-server-does-not-cache-the-response-of-a-web-server.aspx

FIX: The Forefront Threat Management Gateway Firewall service (Wspsrv.exe) may crash frequently for a published website secured by SSL after you install Service Pack 2

http://blogs.technet.com/b/isablog/archive/2012/08/21/fix-the-forefront-threat-management-gateway-firewall-service-wspsrv-exe-may-crash-frequently-for-a-published-website-secured-by-ssl-after-you-install-service-pack-2.aspx

An enterprise node is incorrectly added in the Forefront TMG 2010 MMC after you run repair on Forefront TMG 2010 SP1 Update 1

http://blogs.technet.com/b/isablog/archive/2012/08/22/an-enterprise-node-is-incorrectly-added-in-the-forefront-tmg-2010-mmc-after-you-run-repair-on-forefront-tmg-2010-sp1-update-1.aspx

Sent Items delayed when publishing Outlook Anywhere through TMG

http://blogs.technet.com/b/isablog/archive/2012/08/28/sent-items-delayed-when-publishing-outlook-anywhere-through-tmg.aspx

Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources

http://technet.microsoft.com/en-gb/forefront/edgesecurity/ee907407.aspx

For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

Forefront Unified Access Gateway 2010 Service Pack 2 is available for download

http://blogs.technet.com/b/edgeaccessblog/archive/2012/08/06/forefront-unified-access-gateway-2010-service-pack-2-is-available-for-download.aspx

Example XML\HTML code for UAG AppWrap process to provide a “Cover-up” page for Custom Form Login SSO.

http://blogs.technet.com/b/edgeaccessblog/archive/2012/08/07/example-xml-html-code-for-uag-appwrap-process-to-provide-a-cover-up-page-for-custom-form-login-sso.aspx

KB: Browser returns error code 37 when accessing an Apache site via Unified Access Gateway using HTTP 1.0

http://blogs.technet.com/b/edgeaccessblog/archive/2012/08/27/kb-browser-returns-error-code-37-when-accessing-an-apache-site-via-unified-access-gateway-using-http-1-0.aspx

Other TechNet Blogs

Supported security products for UAG endpoint detection.

http://blogs.technet.com/b/ben/archive/2012/08/06/supported-security-products-for-uag-endpoint-detection.aspx

UAG DA Clients do not connect to the Internal network and on UAG server we get a Getting "A client certificate was not provided" warning

http://blogs.technet.com/b/sooraj-sec/archive/2012/08/11/uag-da-clients-do-not-connect-to-the-internal-network-and-on-uag-server-we-get-a-getting-quot-a-client-certificate-was-not-provided-quot-warning.aspx

Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx.

UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx

The latest entries include:

An enterprise node is incorrectly added in the Forefront TMG 2010 MMC after you run repair on Forefront TMG 2010 SP1 Update 1

http://social.technet.microsoft.com/wiki/contents/articles/13053.an-enterprise-node-is-incorrectly-added-in-the-forefront-tmg-2010-mmc-after-you-run-repair-on-forefront-tmg-2010-sp1-update-1.aspx

Forefront UAG: About Publishing Remote Desktop Services (RDS)

http://social.technet.microsoft.com/wiki/contents/articles/461.forefront-uag-about-publishing-remote-desktop-services-rds.aspx

Downloads

UAG

Forefront Unified Access Gateway (UAG) Service Pack 2

http://www.microsoft.com/en-us/download/details.aspx?id=30459

Forefront Unified Access Gateway (UAG) Service Pack Two (SP2) provides a number of new features, including support for more devices; AD FS 2.0 multi-namespace support; integration of Unified Access Gateway SP1 Update1 and Security Update for Unified Access Gateway 2010 Service Pack 1 Update 1.

For a full description of the Forefront UAG SP2 features, see What’s New in SP2.

New KB’s

UAG

Description of Forefront Unified Access Gateway 2010 Service Pack 2

http://support.microsoft.com/kb/2710791

Browser returns error code 37 when accessing an Apache site via Unified Access Gateway using HTTP 1.0

http://support.microsoft.com/kb/2678886

Documents

Security Tip of the Month: Social Engineering Advice for IT Professionals
IT professionals are accustomed to thinking about the technical aspects of security. However, as the most recent edition of the Security Intelligence Report has shown, the human element—the techniques that attackers use to trick typical users into helping them—has become just as important for attackers as the technical element. This article outlines effective technical safeguards, programs, and processes you can implement to help defend against social engineering in your organization.

clip_image001[2]

Infrastructure Planning and Design Guides for Security
Streamline and clarify your security infrastructure design processes with concise planning guidance from IPD Guides for Security. Each guide addresses a unique security infrastructure technology or scenario, provides critical architectural decisions to be addressed, available options, as well as a means to validate design decisions to ensure that solutions meet requirements of both business and IT stakeholders.

clip_image001[3]

Threat Modeling and Agile Development Practices
Examine how to effectively perform threat modeling for projects that demand rapid development processes. Before we dive into the details on threat modeling, let's briefly review how threat modeling fits into the SDL.

clip_image001[4]

The SDL and Threat Modeling
Threat Modeling is a core element of the Microsoft Security Development Lifecycle (SDL). Able to plug in to any issue-tracking system, the SDL Threat Modeling Tool makes threat modeling easier for developers of all skill levels by providing guidance on creating and analyzing threat models. Download the tool and check out these tips to help you get started with the tool.

clip_image001[5]

Using the BinScope Binary Analyzer
The BinScope Binary Analyzer is a free Microsoft tool that can help both developers and IT professionals in auditing the security of applications that they are developing or deploying/managing. Learn how to configure and use BinScope to analyze an application within Visual Studio.

clip_image001[6]

Conficker Clean Up Tips
Even a conscientious IT department that follows responsible practices for quickly installing security updates, installing and monitoring antimalware and intrusion detection systems, and controlling access to file shares can still encounter outbreaks of a threat such as Conficker. Microsoft provides information to help IT administrators deal with Conficker infections at www.microsoft.com/conficker.This list provides additional tips that may help advanced users who possess a good understanding of computer security and Windows administration find computers that are infected with Conficker in order to minimize their attack surface.

Events/WebCasts

Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts

http://www.microsoft.com/events/security/upcoming.mspx

On-Demand Security Webcasts

http://www.microsoft.com/events/security/ondemand.mspx

Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more.