Hello all,

After some of you asking, i was thinking it will be better to post it here,
The Forefront Protection Server Management Console (FPSMC) is requiring these ports to be open to function properly:

80
HTTP port. Enables communication between the web browser and FPSMC, as well as all HTTP communication from FPSMC to the internet.

445
Required for FPSMC agent deployment (unidirectional: FPSMC server to the managed computer)

8815
The deployment agent listens on this port on a managed server to receive commands from the FPSMC agent (unidirectional: FPSMC server to the managed computer).

8816
The push installer listens on this port on the managed servers (unidirectional: FPSMC server to the managed computer).

8817
The NotificationService on the FPSMC server listens on this port to receive data (such as quarantine and stats) from the managed servers.

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hello all!

Next Release of Windows Intune Now Available! - PC MANAGEMENT & SECURITY IN THE CLOUD

Perform security and management tasks remotely from a web-based console.
Help secure PCs from malware and virus threats with endpoint protection.
Deploy most updates and line of business applications through the cloud.
Greater performance and security with available Windows 7 Enterprise upgrade.

Get Free 30 Day Trial Now

http://www.microsoft.com/en-us/windows/windowsintune/pc-management.aspx
Enjoy :)

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hello!

FYI... The Windows 8 Developer Preview is a pre-beta version of Windows 8 for developers. These downloads include prerelease software that may change without notice. The software is provided as is, and you bear the risk of using it. It may not be stable, operate correctly or work the way the final version of the software will. It should not be used in a production environment. The features and functionality in the prerelease software may not appear in the final version. Some product features and functionality may require advanced or additional hardware, or installation of other software.

http://msdn.microsoft.com/en-us/windows/apps/br229516

On: http://msdn.microsoft.com/en-us/subscriptions/default.aspx You can also download a preview of Windows Server (MSDN subscribers only)

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hey,

As some articles and forums says, you can also read here, FYI:

Enterprises require easily managed remote access solutions for end users connecting to private or public clouds. Most remote access solutions require changes in user behavior because the remote access connection must be manually initiated. Additionally, enterprises have difficulty managing remote machines and ensuring they remain compliant with enterprise policies. The hybrid cloud extends an enterprise’s data center to span both private and public clouds, and presents new opportunities for remote access solutions. With Windows Server 8, partners can build and package remote access appliances to meet customer requirements including policy compliance and simplified user behavior, thereby driving down support costs. In this session, we will demonstrate how remote access appliances provide customer value by simplifying deployment logistics and offering enhanced feature support. New functionality including simplified configuration, new monitoring capabilities, highly available and scale, remote provisioning of clients and cloud based cross-premise connectivity will be highlighted.

Enabling the hybrid cloud using remote access appliances
http://channel9.msdn.com/Events/BUILD/BUILD2011/SAC-668T

So, probably with next version of windows server you will get all of it on one package and no more UAG...

 Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hi! 

I would like to share with you a great Interview with Curtis Parker from the Forefront Online Protection team:

FYI...
Its IT Time and in today’s episode, Blain Barton and John Baker welcome Curtis Parker from the Forefront Online Protection team. Tune in as Curtis gives us a tour of Forefront’s new features for Exchange, as he explains how Office 365 customers can simplify the management and security experience through this innovative service.
http://blogs.technet.com/b/blainbar/archive/2011/09/20/it-time-technet-radio-interview-with-curtis-parker-from-the-forefront-online-protection-team.aspx

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hello,

I would like to share a great webcast with you guys,
The benefits of cloud computing are many - speed, flexibility, increased expertise, shared workload and reduced costs - but so are the risks. What are the threats to cloud security? Which parties assume responsibility for securing the environment? What about the data? Which type of cloud deployment offers superior security benefits?
______________________________________
Attend this webinar to learn more about those cloudy issues as well as:
1. Maintaining the confidentiality of data in the cloud
2. Retro-fitting for aging compliance requirements
3. Balancing technology momentum with regulatory inertia
4. Maintaining security and compliance while implementing forward-looking technology
5. Tracking global standards such as the Payment Card Industry Data Security Standard
http://www.brighttalk.com/webcast/188/35875

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

PING all,

TMG SP2 and UAG SP Update 1 is now out:

 Forefront Unified Access Gateway (UAG) Service Pack 1 (SP1) Update 1
http://www.microsoft.com/download/en/details.aspx?id=27604&WT.mc_id=rss_alldownloads_all
Overview
The following is provided by Forefront UAG Update 1:
 
• Lync web services publishing—Forefront UAG now supports publishing Lync web services
• Dynamics CRM 2011 publishing—Forefront UAG now supports publishing Dynamics CRM 2011
• SharePoint 2010 with Office Web Apps—Forefront UAG now supports publishing SharePoint 2010 with Office Web Apps
• Improved browser support—Forefront UAG now supports more web browsers than in previous releases
_______________________________________________________
 
Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 2
http://www.microsoft.com/download/en/details.aspx?id=27603&WT.mc_id=rss_alldownloads_all
Overview
The service pack includes the following new functionality and feature improvements:
 
New Reports
• The new Site Activity report displays a report showing the data transfer between users and specific websites for any user.
Error Pages
• A new look and feel has been created for error pages.
• Error pages can be more easily customized and can include embedded objects.
 
Kerberos Authentication
• You can now use Kerberos authentication when you deploy an array using network load balancing (NLB).

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments

Hello all,

 I would like to share with you a new Vulnerabilities in Microsoft Forefront Unified Access Gateway that can Cause Remote Code Execution!

Microsoft Security Bulletin MS11-079 - Important

 General Information

Executive Summary

This security update resolves five privately reported vulnerabilities in Microsoft Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code execution if a user visits an affected Web site using a specially crafted URL. However, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.

This security update is rated Important for all supported versions of Microsoft Forefront Unified Access Gateway 2010. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities by modifying the way that UAG handles specially crafted requests, modifying the MicrosoftClient.JAR file, and adding exception handling around the null value of the UAG Web server. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update at the earliest opportunity.

Known Issues. Microsoft Knowledge Base Article 2544641 documents the currently known issues that customers may experience when installing this security update. The article also documents recommended solutions for these issues.

http://technet.microsoft.com/en-us/security/bulletin/MS11-079

*ForefrontSecurity.org post:
http://forums.forefrontsecurity.org/default.aspx?g=posts&m=2740#post2740

Thanks,

Ohad Plotnik (Plotniko)
MVP-Forefront
System&network
Security Architect
ForefrontSecurity.org

• Read more
• No comments