The Final Countdown for Forefront TMG

It has been awhile since I talked about TMG here, but the fact of the matter is that one of the most important TMG services is coming to an end in December 31st 2015. As you know TMG uses Microsoft Reputation Services (MRS) for URL categorization and this service is approaching to an end, as…


Site to site connectivity with Windows Azure (GA)

Almost a month ago I wrote this post about an attempt to establish a site to site connection between TMG and Windows Azure and the conclusion was: you need a valid IP on your edge device in order to do that. Done, got my valid IP and now I’m ready to rock! It should be…


Unable to access resources after enabling site to site connectivity with Windows Azure

Recently I was working on a document where I had to build a lab in order to validate a series of assumptions. This lab required cross-premises connectivity with Windows Azure, in other words: allowing resources that were located on-premises to access virtual machines located on Windows Azure and vice-versa. For testing purpose (since it is…


As you know, TMG is over….now what?

The news about the retirement of Forefront TMG 2010 was announced last September on this blog post. Since them I didn’t have I chance to write about it as I was engaged on so many other projects, however (and not intentionally) on that same day that this was announced, I was with Jim Harrison and…


Let’s meet at TechED North America 2012

Besides the sessions that I will co-present with my friend Tom Shinder at TechED North America 2012, we will also be signing our books at the Microsoft Press booth on Tuesday, June 12th at 3pm and on Wednesday, June 13th at 10:30 AM at Server and Cloud Division Information Experience Booth. If you have a…


Forefront TMG Malware Inspection False Positive Detection

Recently I saw this thread on the TMG Forum and found it very interesting as it was quiet easy to repro. Yesterday Microsoft released a signature update that address this issue. The problem that TMG’s administrators were facing is documented here: From: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3aJS%2fBlacole.BW Make sure to go to TMG Update Center and force an update…


Rollup 1 for Forefront TMG SP2

Hello Folks, Today we have some new KB Articles published for Forefront TMG 2010. If you are experience any of those issues, make sure to read these articles and apply the new update called Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 . All articles are available at http://support.microsoft.com/kb/2649961


Forefront TMG – NIS Update for CVE-2011-3414

Hello folks and Happy New Year for you all !! If you are running Forefront TMG 2010 and has NIS (Network Inspection System) enabled and updated, you probably notice a new signature that was released to assist you protecting against CVE-2011-3414 (part of MS11-100) as shown below: Notice also that the response it is already…


Debug Fest

If you are following this blog since 2008 when I started you probably noticed that troubleshooting is a subject that I love it. Troubleshooting using tools like Perfmon and Windbg is amazing. In my new role at Microsoft I don’t deal with this on the daily basis anymore (like I used to on CSS Forefront…


Heads up on a new TMG 2010 KB

Hello folks, a quick post here just to bring awareness about a new KB that was released today for Forefront TMG 2010. As the KB describes the symptoms are based on the following scenario: A web proxy client establishes a secure socket layer (SSL) connection to an external web server by using a server that…