Téléchargement disponible pour ISA/TMG

[alex117]

TMG Bêta 2

Bonjour,

Le futur produit remplaçant de ISA Server 2006 est actuellement en version Bêta 2 et est disponible publiquement.
Vous pouvez le télécharger à cette adresse : http://www.microsoft.com/downloads/details.aspx?FamilyID=e05aecbc-d0eb-4e0f-a5db-8f236995bccd&displaylang=en

Il vous faudra un Windows 2008 x64 avec .Net Framework 3.5 pour pouvoir l'installer.
Les fonctionalités de PowerShell et Message Queing seront à installer sur votre server avant de pouvoir exécuter le setup.
Pour finir si vous voulez tester les fonctionnalités de sécurité messagerie (AntiSpam, ...) il sera nécéssaire d'installer des composants Edge Exchange 2007.

What's new:
- HTTP/HTTPS inspection avec un service de vérfication AV (avec McAfee apparement)
- EMail inspection (ave l'aide des services Edge Exchange 2007) de vérifier les mails
- La connexioon redondante pour 2 ISP ! (enfin ) !!!
- La gestion de la VOIP (pas encore exploré mais j'ai croisé le bouton !)

Concernant le HTTPS Inspection, cela fonctionne avec le flux sortant !
http://technet.microsoft.com/en-us/library/dd441073.aspx
On trouve notamment cette note :

How it works
To provide this protection, Forefront TMG acts as an intermediary between the client computer initiating the HTTPS connection and the secure Web site. When a client computer initiates a connection to a secure Web site, Forefront TMG intercepts the request and then does the following:
Establishes a secure connection (an SSL tunnel) to the requested Web site and copies the details of the Web site's certificate
Creates a new SSL certificate with those details and signs it with another certificate called the HTTPS inspection certificate
Presents the new certificate to the client computer and establishes a separate SSL tunnel with it
The client computer, which has previously imported the HTTPS inspection certificate into its Trusted Root Certification Authorities certificate store, automatically trusts any certificate signed by it. By cutting the connection and creating two secure tunnels, the Forefront TMG server can decrypt and inspect all communication between the client and the secure Web site during this session.

D'autres détails sur le Technet Magazine de ce mois-ci : http://technet.microsoft.com/fr-fr/magazine/2009.02.securitywatch.aspx

Bonne utilisation,
Alex

[alex117]

Une version d'ISA Server 2006 en évaluation pour 180 jours est disponible à cette adresse : http://www.microsoft.com/downloads/details.aspx?FamilyID=84504CAD-893B-4212-9AB2-999AD1D8FE68&displaylang=en

[alex117]

Et voilà la première démo virtuelle de Stirling !
http://www.microsoft.com/downloads/deta ... laylang=en

Cette démo inclut :
A central management server and dashboard
The next generation of Forefront Client Security
The next generation of Forefront Security for Exchange Server
Forefront Online Security for Exchange
The next generation of Forefront Security for SharePoint Server
Forefront Threat Management Gateway (Next generation of ISA)

Bon téléchargement,
Alex

[alex117]

Microsoft a publié récémment une nouvelle mise à jour majeure pour leur outil d'analyse de la configuration ISA
http://www.microsoft.com/downloads/details.aspx?FamilyId=D22EC2B9-4CD3-4BB6-91EC-0829E5F84063&displaylang=en

Quelques infos depuis le blog Forefront http://blogs.technet.com/isablog/archive/2009/05/06/announcing-the-availability-of-isa-tmg-best-practices-analyzer-version-7.aspx :

- New Checks – We have added 15 new IsaBPA rules, and are collecting almost all ISA/TMG properties as well as environmental properties (all in all we collect around 1500 settings). These settings are compared against ~235 rules. The focus on this release was targeting Configuration Storage Server and Active Directory authentication issues. This new suite joins Hardware, OS, Authentication, OWA, SSL Certificates; Site-to-site VPN with IPsec, WPLB, logging, NLB related issues and 3rd party software suites that were introduced in previous versions of IsaBPA.
- Enhanced IsaBPA viewer - We have enhanced the IsaBPA configuration viewer, so it is now possible for Microsoft support engineers and the technically savvy ISA/TMG engineer to view the server configuration from the BPA report itself.
- New IDP scenarios – The ISA Data Packager was enhanced to gather both IAG data as well as the ISA/TMG Firewall Client data. We also support data collection from Forefront TMG Medium Business Edition and above, and collect Configuration Change Tracking data.
- BPA2Visio enhancement – The BPA2Visio visualization tool now includes BPA warnings and errors on the pictorial representation of the deployment in question, next to the violating links. Each node in the diagram contains now more data.
- More documentation – The IsaBPA help file has been augmented to over 130 pages. You can easily find information about how to operate IsaBPA, information about specific checks, and how to fix issues that IsaBPA has detected.
- Bug fixes – We fixed several bugs and issues that were discovered in previous versions.

IsaBPAv7 is available now online at http://isabpa.com. Note: The tool will require .NET 1.1 framework and above to be installed first. We are always excited to hear feedback and you can mail your comments, requests, information about bug reports, etc. to isabpa@microsoft.com alias.

[alex117]

Bonjour,

Je suis ravi de vous annoncer qu'une nouvelle version de TMG, la bêta 3, est disponible publiquement
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=e05aecbc-d0eb-4e0f-a5db-8f236995bccd

Pour les nouveautés et informations concernant cette version, vous pouvez consulter le blog Technet : http://blogs.technet.com/isablog/archive/2009/06/09/forefront-tmg-beta-3-is-released.aspx

Bon tests,
Alex

[alex117]

Bonjour,

Enfin, nous l'attendions .... TMG est désomrais en version Release Candidate
http://www.microsoft.com/DOWNLOADS/details.aspx?FamilyID=e05aecbc-d0eb-4e0f-a5db-8f236995bccd&displaylang=en

Bonne journée,
Alex

[alex117]

Au secoursssssssss

Comment publier Exchange ?
Comment utiliser ISA/TMG en Workgroup ?
Comment déployer des serveurs de configurations CSS/EMS ?
Quels certificats j'ai besoin ? Comment les générer ?

Trop de questions pour toujours la même chose : ISA/TMG avec Exchange !
La réponse en document en mode pas à pas : http://www.alexgiraud.net/blog/Lists/Billets/Post.aspx?ID=90

Enjoy

[alex117]

Bonjour,

Microsoft Forefront TMG est en RTM, ça y est !
Pour télécharger la version d'éval ici : http://www.microsoft.com/downloads/details.aspx?FamilyID=E05AECBC-D0EB-4E0F-A5DB-8F236995BCCD&displaylang=en

Quelques nouveautés dans la langue de Shakespeare :

Secure Web Gateway
Forefront TMG is a Secure Web Gateway (SWG) that improves security enforcement by integrating multiple detection technologies such as URL filtering, Anti Malware, and intrusion prevention into a single, easy-to-manage solution. We have seen a lot of interest in the features that comprise this solution, so here is some information on what they do and how:

URL Filtering: URL Filtering allows controlling end-user access to Web sites, protecting the organization by denying access to known malicious sites and to sites displaying inappropriate or nonproductive materials, based on URL categories. TMG features over 80 URL categories including security-oriented categories, productivity-oriented and liability-oriented categories. Forefront TMG uses Microsoft Reputation Services (MRS), a cloud-based categorization system hosted in Microsoft data center. To ensure the best bandwidth utilization and low latency, Forefront TMG has implemented a local URL cache. There is a lot more on URL Filtering available in an earlier URL Filtering post.

Anti Malware: Stopping malware on the edge significantly decreases the possibility that a virus will hit a computer with anti-virus signatures that are not up-to-date or a test computer without an anti-virus to protect it. TMG has integrated the Microsoft Anti Malware engine to provide world class scanning and blocking capability on the edge.

Network Inspection System (NIS): NIS is a generic application protocol decode-based traffic inspection system that uses signatures of known vulnerabilities, to detect and potentially block attacks on network resources. NIS provides comprehensive protection for Microsoft network vulnerabilities, researched and developed by the Microsoft Malware Protection Center - NIS Response Team, as well as an operational signature distribution channel which enables dynamic signature snapshot distribution. NIS closes the vulnerability window between vulnerability disclosures and patch deployment from weeks to few hours.
In addition, we have introduced HTTPS scanning to enable inspection of encrypted sessions, eased the deployment and management with a set of easy to use wizards and significantly improved logging and reporting to provide full visibility into how your organization is accessing the web and whether it’s compliant with your organization’s policy.

VPN, Firewall, Email Protection and Infrastructure.
We have also made significant investments to ensure that we keep delivering top notch VPN and Firewall functionality. We made quality improvements in Web Caching and made sure it works well with the new Windows 7 BranchCache feature. We have added several new features, among them: Email Protection, ISP redundancy, NAP integration with VPN role, SSTP, VoIP traversal (SIP support), Enhanced NAT, SQL logging and Updated TMG Client (previously known as the Firewall Client). In addition TMG was built as a native 64bit product that supports Windows Server 2008 R2, and Windows Server 2008 SP2, allowing better scalability and increased reliability.

[alex117]

Ca y est ISABPA est devenu TMGBPA

Brief Description
The Forefront Threat Management Gateway (TMG) Best Practices Analyzer (BPA) Tool is designed for administrators who want to determine the overall health of their Forefront TMG computers and to diagnose current problems. The tool scans the configuration settings of the local Forefront TMG computer and reports issues that do not conform to the recommended best practices.

Téléchargement depuis ce site : http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=8aa01cb0-da96-46d9-a50a-b245e47e6b8b