Issue 2 | May 2010 | Bi-Monthly Update
Forefront Edge on the Wiki
The Anywhere Access iX Team has posted ~ 25 articles to the new TechNet Wiki!
Forefront TMG launched a series of articles on the wiki about troubleshooting.
Posted so far in this series, by Rachel Aldam:
We’d like you to contribute from your experience by adding comments and content to these articles, for the benefit of the Forefront TMG community.
Recently posted Forefront UAG articles include:
· Troubleshooting the “No Usable Certificate(s)” IP-HTTPS Client Error by Tom Shinder
Highlights from Customer Visits
Tom Shinder met with several customers who were interested to deploy Forefront UAG 2010. In particular, they wanted to learn about the technologies and options of Forefront UAG DirectAccess and how it might fit their requirements. During one customer visit, Tom provided a two-day workshop including a deep dive into Forefront UAG DirectAccess, including core infrastructure requirements, IPv6 transition technologies, IPsec, PKI, Active Directory, Windows Firewall with Advanced Security Connection Security Rules, Group Policy, and other key technologies that drive a DirectAccess solution.
The expected results of these visits are more customer pilot deployments of Forefront UAG DirectAccess in the near future!
Tom is working with Joe Davies on a new content model with the step-by-step guides which will take on greater prominence in the documentation processes. These guides would transform themselves into “Test Lab Guides” and would lend themselves to a modular or extensible format, so that new technology experiences and demonstrations can be easily included on top of the basic infrastructure. The first experiment is the “UAG DirectAccess with NAP” module. Stay tuned for more details!
The second edition of the Forefront UAG DirectAccess Step-by-Step Guide was released this month, including content on Forefront UAG array configuration, NLB deployment and NAT64/DNS64 functionality. Feedback from different ISVs and OEMs was that the new content helps to demonstrate the value that Forefront UAG provides over the Windows-only DirectAccess solution. While happy with the new content, they are interested in more content in the step-by-step labs, to include the DirectAccess Client Assistant (DCA), NAP, Smart Card/OTP, and SCCM, and other more complex remote management capabilities.
What’s new at the Microsoft Download Center?
Forefront Unified Access Gateway (UAG) Update 1 —Anywhere Access iX released the documentation for Forefront UAG Update 1, including a new Forefront UAG help file (UAG_Help.chm) for download. Special thanks to Rayne Wiselman who lead the effort, and to James Kilner who did most of the writing.
Forefront UAG Update 1 provides:
· Remote Desktop access from Windows Vista and Windows XP—Client endpoints running Windows Vista and Windows XP can now access RemoteApps and Remote Desktops published through Forefront UAG.
· Support for Microsoft SharePoint Server 2010—Forefront UAG now supports SharePoint Server 2010.
· Support for MSOFBA—Forefront UAG now supports the Office Forms Based Authentication protocol to allow rich clients to directly access applications published through Forefront UAG.
· Support for site cookies—Forefront UAG now supports the use of site cookies for non-alternate access mapping applications, in addition to domain cookies.
· Support for large CustomUpdate files—Forefront UAG now supports CustomUpdate files up to 1.5 GB in size.
· Changes in Group Policy Object (GPO) provisioning for DirectAccess clients—Update 1 fixes an issue that caused the export script that creates GPO objects to fail, and an issue that caused the GPO to be applied to all authenticated users in the domain (including computer accounts), instead of to DirectAccess clients only.
What’s new on Forefront Edge Security TechNet?
The following new documentation is live on Microsoft® Forefront Security Edge TechNet:
· Forefront TMG 2010 troubleshooting Web access protection —This series of troubleshooting topics help you determine the cause and resolution of problems you might experience while using Forefront TMG Web access protection.
Forefront Edge in the Community
· Read recent articles by Forefront Edge Security experts in Tales from the Edge:
- Understanding the Re-Injection Mechanism Improvement on Forefront TMG by Yuri Diogenes and Thomas Detzner
- Network Monitor 3.3 RWS Parser Basics, Part 1: Introduction to RWS Protocol Analysis by Jim Harrison
- Network Monitor 3.3 RWS Parser Basics, Part 2: Observing single-connection HTTP traffic by Jim Harrison
· Find answers to questions that MVPs, Microsoft employees, and other experts are asking at the Forefront Edge Security Forums.
· Read the latest postings on the Forefront TMG (ISA Server) product team blog (still one of the most popular blogs visited on TechNet). More than 15 blogs posted recently!
· Read the latest postings on the Forefront UAG product team blog. The popularity of this blog on TechNet is steadily increasing, with almost 10,000 Page Views during March!
· Tom Shinder posted 9 blogs on Forefront UAG DirectAccess issues to The Edge Man!
Michelle Friedmann, Technical Editor, ISD iX: Anywhere Access Team (AAT)