Today we have some new KB Articles published for Forefront TMG 2010. If you are experience any of those issues, make sure to read these articles and apply the new update called Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 . All articles are available at http://support.microsoft.com/kb/2649961
You might not have noticed but this month (last January 10th) ISA Server 2006 Mainstream Support ended as shown in the table below:
The question that you might have is: what about this extended support that goes until January 2017? Extended support means the following:
The Extended Support phase follows Mainstream Support for Business and Developer products. At the supported service pack level, Extended Support includes:
Better to start planning your migration as part of your new year’s resolution.
Hello folks and Happy New Year for you all !!
If you are running Forefront TMG 2010 and has NIS (Network Inspection System) enabled and updated, you probably notice a new signature that was released to assist you protecting against CVE-2011-3414 (part of MS11-100) as shown below:
Notice also that the response it is already setup to “Block” and it is already enabled. If you open the properties for this signature and review the Details tab you will see it is classified as a high business impact:
The good news is: if an attacker tries to exploit this vulnerability against a server that was not patched yet and the traffic is crossing TMG then NIS will identify the traffic and it will block it. Although you have this additional layer of protection to mitigate attempts to exploit this particular vulnerability, it is strongly recommended that you update your servers with MS11-100 as quick as possible (mainly the ones that are exposed to the Internet).
Stay Safe in 2012 and have a great year !
Yesterday we released a new version of the Private Cloud Security Hub at TechNet Wiki, you can access it from here:
The good news with this release is that you can also access the full set of DOCs (3) that corresponds to those TechNet Wiki articles from one single place. That’s right, we compiled everything in a single ZIP file that you can download from here:
These papers will guide you through the design of private cloud security, the understanding of the security blueprint and the secure service operation of a private cloud. Feel free to leave your comments and feedbacks, they are very important to us.
Me and my friend Tom Shinder, along with John Weston will be speaking at Shared Cloud Dallas 2012 in March. Me and Tom will share the stage to talk about Private Cloud Security and we will also use this opportunity to record an special edition of our Security Talk Show – From End to Edge and Beyond. If you are going to attend to this event, come meet us and chat about Private Cloud Security. We will also give away some Forefront books during our presentation.
See you there !
Me and my great friend Tom Shinder are very pleased to announce that we signed a contract with Syngress to write our next book, which will be about Windows 8 Security. This is our greatest project for 2012 and we are very excited about this new partnership with Syngress. If you take a look on Syngress’s website you will see that their infosec portfolio cover many areas such as:
Note: you will also find in one of these pages the book that our friend Tim “Thor” Mullen wrote (watch Episode 10 for more details).
While we can’t reveal too many details about what we will cover in this book, you can definitely expect broad and deep coverage of many security features that are coming with Windows 8 as well as Cloud implementations.
Stay tune also on Tom’s blog, he will bring some more details about the project.