Directly connect to your corpnet with IPsec and IPv6

Contrary to popular belief, the rumors of my demise have been greatly exaggerated. Well, ok, no actual rumors, but hey, one can dream, huh? My spring calendar was full of events in Asia and Australia, then TechEd US seemed to suddenly appear out of nowhere! So I’ve been kinda swamped. I’ve missed writing here; it’s…

26

NAP case study published

Another new resource for you… I know from my time with customers in meetings and at events that NAP is something you’re all very interested in. You’re also being a bit cautious, waiting to see how the market matures, and hoping to learn how some customers have implemented it. Recently we published our first NAP…

1

Must be a slow news day: reporter writes 100% crap

Imagine my surprise to read that Microsoft is removing NAP from Windows Vista! Does this guy actually get paid money to write this drivel? The particular folks quoted in the article all have their own agendas, of course. News flash: we aren’t dropping NAP. It’s in the product now, we’re actually running it on part of…

6

Remote Access Quarantine (TechNet Magazine article)

http://www.microsoft.com/technet/technetmag/issues/2006/03/SecurityWatch/default.aspx In those good old  easy-to-manage pre-mobility days, personal computers presented few actual threats to a network. Sure, there was the occasional virus you’d get from a borrowed floppy disk, but the rate, or at least the speed, of infection was pretty low—limited substantially by the low bandwidth and high latency of “sneakernet” technology. In…

9

August article: 802.1X on wired networks considered harmful

Several months ago I learned from Svyatoslav Pidgorny, Microsoft MVP for security, about a problem in 802.1X that makes it essentially useless for protecting wired networks from rogue machines. Initially I was a bit skeptical, but the attack he described is in fact true — I’ve seen it myself now. So I’ve been explaining the attack at conferences…

15