New in SP2: Improved Error Pages

In TMG 2010 Service Pack 2, we put our focus on bug fixing, in order to improve the overall experience with TMG 2010. However next to pure bug fixing, we also introduced some new features. In this article we’ll provide a quick introduction to the new error pages and will provide a brief overview of…


New in SP2: Site Activity Report

Have you ever been interested in which users visit specific sites on the Internet very often? E.g. which users did browse most on blogs.technet.com last week? In SP2 we added a new report, which allows analyzing the usage of specific sites connected to users in your organization, with a few mouse clicks. In order to…


New in SP2: Kerberos Authentication in Load Balanced Scenarios

In TMG 2010 Service Pack 2, we did put our focus on bug fixing, in order to improve the overall experience with TMG 2010. However next to pure bug fixing, we also introduced some new features. One of these new features introduces the possibility to allow Kerberos Authentication when connecting to TMG in a “High…


Forefront TMG Service Pack 2 Now Available

We are happy to announce the availability of Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 (SP2). The service pack is available for download from the Microsoft Download Center. Here are some of the improvements we are introducing in Forefront TMG SP2: Site activity report – Forefront TMG SP2 includes a new site activity…


Use the Power of Excel Pivot Tables to analyze attacks and session distribution

Usually we’re using tools like Network Monitor, various text file parser, Procmon, Windbg… to solve ISA/TMG cases every day in and out in Microsoft Customer Service & Support. Sometimes we also use Excel to be able to filter the exported Firewall or Web Proxy Logs our customers send to us, e.g. only display traffic for…


How to generate a certificate with subject alternative names (SAN)

When publishing services like Outlook Anywhere, OWA and Active Sync for exchange in ISA/TMG, we sometimes need certificates with subject alternative names (SAN). This enables us to publish multiple DNS names using one SSL Web Listener. Requesting SAN certificates is something we can perform directly through a Microsoft internal CA. However there are some steps…