Port ACL Demonstration

One topic that I presented at TechEd Europe last week was PortACL but I didn’t have enough time to demonstrate this feature. I recorded the PortACL demo and you can watch on the link below. The scenario that this demo is addressing is the following one: The Private Cloud tenant read the paper “Solution for…


Where is my SMB3 in Network Monitor?

If you are playing around with SMB3 and is trying to find more details on network traffic using Microsoft Network Monitor you may find out that SMB3 is not on the protocol’s list as shown below: Before moving forward, it is important to emphasize that this behavior is expected. There are a couple of thing…


Identifying Suspicious Activity on your Edge Device – Part 2

Introduction In the first part of this post I explained the scenario and the initial approach for data gathering, in this second part I’m going to discuss the approach to collect data while the incident is happening. Understanding Data Gathering Process To better understand the information gathering flow that we are about to configure, review…


Unable to Access Resource behind TMG after enabling NLB

Consider a scenario where the TMG administrator is publishing servers that are behind TMG and after enabling NLB on the External interface the users are not able to access those resources. If he uses the DIP (Dedicated IP) to publish the resource it works. The basic diagram is showed in the figure below: The traffic…