Choosing Between Forefront TMG or Forefront UAG for Publishing Scenarios

Your first decision when planning a publishing solution using Forefront TMG 2010 (TMG) or Forefront UAG 2010 (UAG) is to determine which of the two products best fits the needs of the deployment. Both TMG and UAG can securely publish Exchange, SharePoint, Terminal Services and web-based line of business applications to the Internet. However TMG…

5

Serving Up Quality Content on the TechNet Wiki–The TMG Troubleshooting Survival Guide

There’s a continuing debate in the IT Pro community whether or not you can host quality content on a wiki. If you don’t know what a wiki is, it’s a platform where anyone can post content and then after the content is posted, anyone can edit it. Seems like a good idea, since IT Pros…


DirectAccess Gets Positive Comments in The Register

From what I hear, this year is going to be the year where we see the wave of enterprise Windows 7 rollouts take place. While I’m not sure how these assessments are made, it makes sense from where I sit. Windows 7 Service Pack 1 has been released and end users, admins and the media…

1

Heads Up on New Contest for Forefront Security Enthusiasts

Many of your might know my friend Yuri Diogenes from the great work he’s done over the years for ISA Server and the TMG firewall. Yuri has spent the last several years working in the CSS Security Team, and most of his work was focused on Forefront products. Last Month, Yuri moved from the support…


DirectAccess – More Information on the “No Usable Certificate(s)” 0x103 Error

In the continuing saga of the “No Usable Certificate(s) 0x103” error, which has been discussed in two previous blog posts: http://blogs.technet.com/b/tomshinder/archive/2010/03/30/troubleshooting-the-no-usable-certificate-s-ip-https-client-error.aspx and http://blogs.technet.com/b/tomshinder/archive/2011/02/21/another-cause-of-the-no-usable-certificates-s-0x103-error.aspx#3415408 we’ll expand on the explanation for the reason why the computer certificate isn’t included in the NTAUTH store on the UAG DirectAccess server. In the second link noted above, we discovered that…

1

UAG DirectAccess and the IPv6 Internet

We’ve received a number of questions recently about UAG DirectAccess support for the IPv6 Internet. When thinking about the IPv6 Internet, you need to think about when the DirectAccess client is on an IPv6 Internet (or on an IPv6 only intranet) and when the UAG DirectAccess server has its external interface connected to an IPv6…

7

New Test Lab Guide for System Center Service Manager Now Available

I’ve been pretty quiet for most of this month (in fact, this is the first post on the Edge Man blog for March). I was in Redmond for the world wide MVP conference for a week and then spent a week to meet with members of my team on how we’ll approach documentation for the…


Another Cause of the “No Usable Certificate(s) 0x103 Error

One of the most mysterious errors you’ll see when working with DirectAccess are related to failures in IP-HTTPS connectivity. I did a blog post on this problem last year and you can find it at http://blogs.technet.com/b/tomshinder/archive/2010/03/30/troubleshooting-the-no-usable-certificate-s-ip-https-client-error.aspx Phillip Sand clued me into another possible cause of IP-HTTPS connectivity problems. First, whenever you suspect a problem with…

13

Clearing the Air on ISATAP

For companies thinking about deploying DirectAccess, the question of whether or not you need to deploy ISATAP will invariably come up. The answer to this question is “no” and the reasons for why you don’t need ISATAP in a DirectAccess deployment are covered in my article over at http://blogs.technet.com/b/tomshinder/archive/2010/10/01/is-isatap-required-for-uag-directaccess.aspx However, ISATAP does have a place…

9