RE: Forefront client security

[Ken Schaefer]

The Windows Defender in Win8 does the same as MSE (AFAICT), so it's just a 
name/rebranding exercise.

Cheers
Ken

From: Jon Harris [mailto:jk.har...@live.com]
Sent: Saturday, 23 March 2013 11:37 AM
To: NT System Admin Issues
Subject: RE: Forefront client security

I think they are planning to at some point to kill of Security Essentials 
unless they decide to allow it to be installed on Win 8 machines.  Those 
machines come with Defender as the malware protection.  I am not to sure about 
that but I only have one running at home and so far I haven't seen anything bit 
it yet.

Jon

> From: mille...@mukilteo.wednet.edu<mailto:mille...@mukilteo.wednet.edu>
> To: 
> ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>
> Date: Fri, 22 Mar 2013 08:04:17 -0700
> Subject: RE: Forefront client security
>
> +1
>
> I heard they will just be calling it Endpoint Protection. The home version is 
> still Security Essentials at this time.
>
> 
> From: Art DeKneef [art.dekn...@cox.net]
> Sent: Thursday, March 21, 2013 3:30 PM
> To: NT System Admin Issues
> Subject: RE: Forefront client security
>
> From what I remember.
>
> Forefront Client Security was the original product/name. The name changed to 
> Forefront Endpoint Protection with the initial System Center products. It is 
> now called System Center 2012 Endpoint Protection.
>
> I wonder what it will be called next?
>
> -Original Message-
> From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
> Sent: Thursday, March 21, 2013 2:12 PM
> To: NT System Admin Issues
> Subject: Forefront client security
>
> How is this different from SCEP?



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront client security

[Jon Harris]

I think they are planning to at some point to kill of Security Essentials 
unless they decide to allow it to be installed on Win 8 machines.  Those 
machines come with Defender as the malware protection.  I am not to sure about 
that but I only have one running at home and so far I haven't seen anything bit 
it yet. Jon
 > From: mille...@mukilteo.wednet.edu
> To: ntsysadmin@lyris.sunbelt-software.com
> Date: Fri, 22 Mar 2013 08:04:17 -0700
> Subject: RE: Forefront client security
> 
> +1
> 
> I heard they will just be calling it Endpoint Protection.  The home version 
> is still Security Essentials at this time.
> 
> 
> From: Art DeKneef [art.dekn...@cox.net]
> Sent: Thursday, March 21, 2013 3:30 PM
> To: NT System Admin Issues
> Subject: RE: Forefront client security
> 
> From what I remember.
> 
> Forefront Client Security was the original product/name. The name changed to 
> Forefront Endpoint Protection with the initial System Center products. It is 
> now called System Center 2012 Endpoint Protection.
> 
> I wonder what it will be called next?
> 
> -Original Message-
> From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
> Sent: Thursday, March 21, 2013 2:12 PM
> To: NT System Admin Issues
> Subject: Forefront client security
> 
> How is this different from SCEP?
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront client security

[Miller Bonnie L .]

+1

I heard they will just be calling it Endpoint Protection.  The home version is 
still Security Essentials at this time.


From: Art DeKneef [art.dekn...@cox.net]
Sent: Thursday, March 21, 2013 3:30 PM
To: NT System Admin Issues
Subject: RE: Forefront client security

>From what I remember.

Forefront Client Security was the original product/name. The name changed to 
Forefront Endpoint Protection with the initial System Center products. It is 
now called System Center 2012 Endpoint Protection.

I wonder what it will be called next?

-Original Message-
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov]
Sent: Thursday, March 21, 2013 2:12 PM
To: NT System Admin Issues
Subject: Forefront client security

How is this different from SCEP?
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront client security

[Art DeKneef]

>From what I remember.

Forefront Client Security was the original product/name. The name changed to 
Forefront Endpoint Protection with the initial System Center products. It is 
now called System Center 2012 Endpoint Protection.

I wonder what it will be called next?

-Original Message-
From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] 
Sent: Thursday, March 21, 2013 2:12 PM
To: NT System Admin Issues
Subject: Forefront client security

How is this different from SCEP?
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront client security

[Matthew W. Ross]

Isn't Forefront the "Home/SMB" version?


--Matt Ross
Ephrata School District


- Original Message -
From: Heaton, Joseph@Wildlife
[mailto:joseph.hea...@wildlife.ca.gov]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Thu, 21 Mar 2013
14:11:31 -0800
Subject: Forefront client security


> How is this different from SCEP?
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Forefront client security

[Heaton, Joseph@Wildlife]

How is this different from SCEP?
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: OT: Petition Requesting Microsoft to Renew Forefront TMG

[Sam Cayze]

I'm all for this, but really, is this is the best we can do?:



To:
MICROSOFT CORP
Renew Forefront TMG development

Sincerely,
[Your name]



:)





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Petition Requesting Microsoft to Renew Forefront TMG

[Crawford, Scott]

+1

Sent from my Windows Phone

From: Michael B. Smith
Sent: 2/16/2013 5:44 PM
To: NT System Admin Issues
Subject: OT: Petition Requesting Microsoft to Renew Forefront TMG

It would be great if a few hundred of you would sign this petition asking for 
Microsoft to restore Forefront TMG.

http://www.change.org/petitions/microsoft-corp-renew-forefront-tmg-development

Thank you!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Petition Requesting Microsoft to Renew Forefront TMG

[Kurt Buff]

Won't know until we try, right?

On Sat, Feb 16, 2013 at 5:23 PM, Rod Trent  wrote:
> Do those petitions really work?
>
> Sent from Windows Phone 8
> 
> From: Michael B. Smith
> Sent: ‎2/‎16/‎2013 6:47 PM
> To: NT System Admin Issues
> Subject: OT: Petition Requesting Microsoft to Renew Forefront TMG
>
> It would be great if a few hundred of you would sign this petition asking
> for Microsoft to restore Forefront TMG.
>
>
>
> http://www.change.org/petitions/microsoft-corp-renew-forefront-tmg-development
>
>
>
> Thank you!
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Petition Requesting Microsoft to Renew Forefront TMG

[Kurt Buff]

On Sat, Feb 16, 2013 at 3:43 PM, Michael B. Smith  wrote:
> It would be great if a few hundred of you would sign this petition asking
> for Microsoft to restore Forefront TMG.
>
>
>
> http://www.change.org/petitions/microsoft-corp-renew-forefront-tmg-development
>
>
>
> Thank you!

Signed, but they want to run a lot of crap in my browser, which I'm
pretty unhappy about.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Petition Requesting Microsoft to Renew Forefront TMG

[Rod Trent]

Do those petitions really work?

Sent from Windows Phone 8

-Original Message-
From: "Michael B. Smith" 
Sent: ‎2/‎16/‎2013 6:47 PM
To: "NT System Admin Issues" 
Subject: OT: Petition Requesting Microsoft to Renew Forefront TMG

It would be great if a few hundred of you would sign this petition asking for 
Microsoft to restore Forefront TMG.
 
http://www.change.org/petitions/microsoft-corp-renew-forefront-tmg-development
 
Thank you!
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Petition Requesting Microsoft to Renew Forefront TMG

[Eric Wittersheim]

Signed
On Feb 16, 2013 5:44 PM, "Michael B. Smith"  wrote:

>  It would be great if a few hundred of you would sign this petition
> asking for Microsoft to restore Forefront TMG.
>
> ** **
>
>
> http://www.change.org/petitions/microsoft-corp-renew-forefront-tmg-development
> 
>
> ** **
>
> Thank you!
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront roadmap changes

[Crawford, Scott]

Ahh.

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 6:04 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

NO. Only single engine ("basic") scanning is built into Exchange 2013 and the 
capabilities of the single engine and associated infrastructure are quite 
restricted when compared to FPE.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 6:16 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

We're about waist deep in a migration to O365, so I'm not too upset about 
losing Forefront for Exchange and even if we stayed in-house, I like that its 
just built in in 2013.

However, if we lose TMG and the accompanying website filtering capabilities, 
we're looking at a pretty big cost increase to re-add something like WebSense. 
I was quite happy when that functionality was added to TMG.

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 5:12 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley's take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
"If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day"

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone
____
From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally

Re: Forefront roadmap changes

[Kurt Buff]

No, it's "old school" on the public lists...

On Wed, Sep 12, 2012 at 4:16 PM, Steven Peck  wrote:
> We can call you a luddite on a public list if you feel you have been missing
> that experience  :)
>
>
>
>
> On Wed, Sep 12, 2012 at 4:01 PM, Michael B. Smith 
> wrote:
>>
>> Oh, it lives on in FOPE.
>>
>>
>>
>> FOPE is hugely profitable for MSFT and it represents the BEST kind of
>> revenue stream – recurring revenue.
>>
>>
>>
>> What we see disappearing is the store-based scanning from Sybari. MSFT is
>> of the opinion that excellent edge protection and excellent client
>> protection means that store-based scanning is no longer necessary.
>>
>>
>>
>> I think they are full of crap.
>>
>>
>>
>> What they are really saying is “we have not seen a virus like ILOVEYOU in
>> a long time and we think we can prevent it”.
>>
>>
>>
>> Blah blah blah. On private mailing lists I’ve been called a luddite. :-P
>>
>>
>>
>> From: John Cook [mailto:john.c...@pfsf.org]
>> Sent: Wednesday, September 12, 2012 6:12 PM
>> To: NT System Admin Issues
>> Subject: Re: Forefront roadmap changes
>>
>>
>>
>> So much for the purchase/demise of Sybari.
>> John W. Cook
>> Network Operations Manager
>> Partnership for Strong Families
>>
>>
>> From: Michael B. Smith [mailto:mich...@smithcons.com]
>> Sent: Wednesday, September 12, 2012 06:11 PM
>> To: NT System Admin Issues 
>>
>> Subject: RE: Forefront roadmap changes
>>
>>
>> Yeah, well, TMG and on-premises Forefront for Exchange are the biggest
>> losses IMO.
>>
>>
>>
>> From: Crawford, Scott [mailto:crawfo...@evangel.edu]
>> Sent: Wednesday, September 12, 2012 5:46 PM
>> To: NT System Admin Issues
>> Subject: RE: Forefront roadmap changes
>>
>>
>>
>> Mary Jo Foley’s take.
>>
>>
>>
>>
>> http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550
>>
>>
>>
>> Mostly the same stuff, but ya gotta love this line:
>>
>> “If you're going to do a big product-family discontinuation that needs
>> some air cover, there's no day better than an iPhone launch day�
>>
>>
>>
>> From: Michael B. Smith [mailto:mich...@smithcons.com]
>> Sent: Wednesday, September 12, 2012 4:35 PM
>> To: NT System Admin Issues
>> Subject: RE: Forefront roadmap changes
>>
>>
>>
>> I anticipate that UAG will continue development and enhancement. But right
>> now, it’s not on par with TMG.
>>
>>
>>
>> From: Crawford, Scott [mailto:crawfo...@evangel.edu]
>> Sent: Wednesday, September 12, 2012 4:39 PM
>> To: NT System Admin Issues
>> Subject: RE: Forefront roadmap changes
>>
>>
>>
>> Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run
>> it. But, yeah that sounds likely.
>>
>> Sent from my Windows Phone
>>
>> 
>>
>> From: Kurt Buff
>> Sent: 9/12/2012 2:51 PM
>> To: NT System Admin Issues
>> Subject: Re: Forefront roadmap changes
>>
>> I'm going to guess it will, because you can't run UAG without TMG.
>>
>> But that's just a guess...
>>
>> On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
>> wrote:
>> > I'm still waiting to see if TMGs functionality will be rolled into UAG.
>> >
>> > -Original Message-
>> > From: Kurt Buff [mailto:kurt.b...@gmail.com]
>> > Sent: Wednesday, September 12, 2012 1:47 PM
>> > To: NT System Admin Issues
>> > Subject: Re: Forefront roadmap changes
>> >
>> > Nice to see that UAG has been left alone, I think.
>> >
>> > On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith
>> >  wrote:
>> >> FYI.
>> >>
>> >> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> >> hanges-to-forefront-product-roadmaps.aspx
>> >>
>> >> Regards,
>> >>
>> >> Michael B. Smith
>> >> Consultant and Exchange MVP
>> >> http://TheEssentialExchange.com
>> >>
>> >>
>> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>> >>
>> >> ---
>> >> To manage subs

RE: Forefront roadmap changes

[Michael B. Smith]

HAH.

That’s ok. I’m just conservative.

“Those who cannot remember the past are condemned to repeat it.”

-  George Santayana

From: Steven Peck [mailto:sep...@gmail.com]
Sent: Wednesday, September 12, 2012 7:17 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes

We can call you a luddite on a public list if you feel you have been missing 
that experience  :)




On Wed, Sep 12, 2012 at 4:01 PM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
Oh, it lives on in FOPE.

FOPE is hugely profitable for MSFT and it represents the BEST kind of revenue 
stream – recurring revenue.

What we see disappearing is the store-based scanning from Sybari. MSFT is of 
the opinion that excellent edge protection and excellent client protection 
means that store-based scanning is no longer necessary.

I think they are full of crap.

What they are really saying is “we have not seen a virus like ILOVEYOU in a 
long time and we think we can prevent it”.

Blah blah blah. On private mailing lists I’ve been called a luddite. :-P

From: John Cook [mailto:john.c...@pfsf.org<mailto:john.c...@pfsf.org>]
Sent: Wednesday, September 12, 2012 6:12 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes

So much for the purchase/demise of Sybari.
John W. Cook
Network Operations Manager
Partnership for Strong Families

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 06:11 PM
To: NT System Admin Issues 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley’s take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
“If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day�

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it’s not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpo

Re: Forefront roadmap changes

[Steven Peck]

We can call you a luddite on a public list if you feel you have been
missing that experience  :)




On Wed, Sep 12, 2012 at 4:01 PM, Michael B. Smith wrote:

>  Oh, it lives on in FOPE. 
>
> ** **
>
> FOPE is hugely profitable for MSFT and it represents the BEST kind of
> revenue stream – recurring revenue.
>
> ** **
>
> What we see disappearing is the store-based scanning from Sybari. MSFT is
> of the opinion that excellent edge protection and excellent client
> protection means that store-based scanning is no longer necessary.
>
> ** **
>
> I think they are full of crap.
>
> ** **
>
> What they are really saying is “we have not seen a virus like ILOVEYOU in
> a long time and we *think* we can prevent it”. 
>
> ** **
>
> Blah blah blah. On private mailing lists I’ve been called a luddite. :-P**
> **
>
> ** **
>
> *From:* John Cook [mailto:john.c...@pfsf.org]
> *Sent:* Wednesday, September 12, 2012 6:12 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Forefront roadmap changes
>
>  ** **
>
> So much for the purchase/demise of Sybari.
> John W. Cook
> Network Operations Manager
> Partnership for Strong Families
>  
>
> *From*: Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent*: Wednesday, September 12, 2012 06:11 PM
> *To*: NT System Admin Issues 
> *Subject*: RE: Forefront roadmap changes
>  
>
>  Yeah, well, TMG and on-premises Forefront for Exchange are the biggest
> losses IMO.
>
>  
>
> *From:* Crawford, Scott [mailto:crawfo...@evangel.edu]
> *Sent:* Wednesday, September 12, 2012 5:46 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Forefront roadmap changes
>
>  
>
> Mary Jo Foley’s take.
>
>  
>
>
> http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550
> 
>
>  
>
> Mostly the same stuff, but ya gotta love this line:
>
> “If you're going to do a big product-family discontinuation that needs
> some air cover, there's no day better than an iPhone launch day�
>
>  
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Wednesday, September 12, 2012 4:35 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Forefront roadmap changes
>
>  
>
> I anticipate that UAG will continue development and enhancement. But right
> now, it’s not on par with TMG.
>
>  
>
> *From:* Crawford, Scott [mailto:crawfo...@evangel.edu]
> *Sent:* Wednesday, September 12, 2012 4:39 PM
> *To:* NT System Admin Issues
> *Subject:* RE: Forefront roadmap changes
>
>  
>
> Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run
> it. But, yeah that sounds likely.
>
> Sent from my Windows Phone
>   --
>
> *From: *Kurt Buff
> *Sent: *9/12/2012 2:51 PM
> *To: *NT System Admin Issues
> *Subject: *Re: Forefront roadmap changes
>
> I'm going to guess it will, because you can't run UAG without TMG.
>
> But that's just a guess...
>
> On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
> wrote:
> > I'm still waiting to see if TMGs functionality will be rolled into UAG.
> >
> > -Original Message-
> > From: Kurt Buff [mailto:kurt.b...@gmail.com ]
> > Sent: Wednesday, September 12, 2012 1:47 PM
> > To: NT System Admin Issues
> > Subject: Re: Forefront roadmap changes
> >
> > Nice to see that UAG has been left alone, I think.
> >
> > On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith <
> mich...@smithcons.com> wrote:
> >> FYI.
> >>
> >> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
> >> hanges-to-forefront-product-roadmaps.aspx
> >>
> >> Regards,
> >>
> >> Michael B. Smith
> >> Consultant and Exchange MVP
> >> http://TheEssentialExchange.com
> >>
> >>
> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
> >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >>
> >> ---
> >> To manage subscriptions click here:
> >> http://lyris.sunbelt-software.com/read/my_forums/
> >> or send an email to listmana...@lyris.sunbeltsoftware.com
> >> with the body: unsubscribe ntsysadmin
> >>
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <
> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> > ---
> > To manage subscriptions click here:
> 

RE: Forefront roadmap changes

[Michael B. Smith]

NO. Only single engine ("basic") scanning is built into Exchange 2013 and the 
capabilities of the single engine and associated infrastructure are quite 
restricted when compared to FPE.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, September 12, 2012 6:16 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

We're about waist deep in a migration to O365, so I'm not too upset about 
losing Forefront for Exchange and even if we stayed in-house, I like that its 
just built in in 2013.

However, if we lose TMG and the accompanying website filtering capabilities, 
we're looking at a pretty big cost increase to re-add something like WebSense. 
I was quite happy when that functionality was added to TMG.

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 5:12 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley's take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
"If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day"

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listm

RE: Forefront roadmap changes

[Michael B. Smith]

Oh, it lives on in FOPE.

FOPE is hugely profitable for MSFT and it represents the BEST kind of revenue 
stream – recurring revenue.

What we see disappearing is the store-based scanning from Sybari. MSFT is of 
the opinion that excellent edge protection and excellent client protection 
means that store-based scanning is no longer necessary.

I think they are full of crap.

What they are really saying is “we have not seen a virus like ILOVEYOU in a 
long time and we think we can prevent it”.

Blah blah blah. On private mailing lists I’ve been called a luddite. :-P

From: John Cook [mailto:john.c...@pfsf.org]
Sent: Wednesday, September 12, 2012 6:12 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes

So much for the purchase/demise of Sybari.
John W. Cook
Network Operations Manager
Partnership for Strong Families

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 06:11 PM
To: NT System Admin Issues 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley’s take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
“If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day�

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it’s not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIP

RE: Forefront roadmap changes

[Crawford, Scott]

We're about waist deep in a migration to O365, so I'm not too upset about 
losing Forefront for Exchange and even if we stayed in-house, I like that its 
just built in in 2013.

However, if we lose TMG and the accompanying website filtering capabilities, 
we're looking at a pretty big cost increase to re-add something like WebSense. 
I was quite happy when that functionality was added to TMG.

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 5:12 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley's take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
"If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day"

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/m

Re: Forefront roadmap changes

[John Cook]

So much for the purchase/demise of Sybari.
John W. Cook
Network Operations Manager
Partnership for Strong Families

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 06:11 PM
To: NT System Admin Issues 
Subject: RE: Forefront roadmap changes

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley’s take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
“If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day�

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it’s not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/rea

RE: Forefront roadmap changes

[Michael B. Smith]

Yeah, well, TMG and on-premises Forefront for Exchange are the biggest losses 
IMO.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, September 12, 2012 5:46 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Mary Jo Foley's take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
"If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day"

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltso

RE: Forefront roadmap changes

[Michael B. Smith]

Yes, and no. It depends.

(Can you tell that I am a consultant?)

UAG was initially a FORK of TMG. It started with an earlier release of TMG and 
has not maintained feature parity. One would PRESUME that since, at one point, 
they were the same code base that it would be easier to integrate the changes 
from TMG to UAG. I have no idea if that is true or not. But at least currently, 
that has not happened.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, September 12, 2012 5:42 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

That's what I figured, but if UAG requires TMG, isn't it, by definition, an add 
on, and therefore would have no feature overlap?

From: Michael B. Smith 
[mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]>
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubsc

RE: Forefront roadmap changes

[Crawford, Scott]

That's what I figured, but if UAG requires TMG, isn't it, by definition, an add 
on, and therefore would have no feature overlap?

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront roadmap changes

[Crawford, Scott]

Mary Jo Foley's take.

http://www.zdnet.com/microsoft-axes-many-of-its-forefront-enterprise-security-products-704166/?s_cid=e550

Mostly the same stuff, but ya gotta love this line:
"If you're going to do a big product-family discontinuation that needs some air 
cover, there's no day better than an iPhone launch day"

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Wednesday, September 12, 2012 4:35 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott 
[mailto:crawfo...@evangel.edu]<mailto:[mailto:crawfo...@evangel.edu]>
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront roadmap changes

[Michael B. Smith]

I anticipate that UAG will continue development and enhancement. But right now, 
it's not on par with TMG.

From: Crawford, Scott [mailto:crawfo...@evangel.edu]
Sent: Wednesday, September 12, 2012 4:39 PM
To: NT System Admin Issues
Subject: RE: Forefront roadmap changes

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes
I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott 
mailto:crawfo...@evangel.edu>> wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith 
> mailto:mich...@smithcons.com>> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to 
>> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront roadmap changes

[Crawford, Scott]

Oh really? Interesting. I'm pretty unfamiliar with UAG, having vever run it. 
But, yeah that sounds likely.

Sent from my Windows Phone

From: Kurt Buff
Sent: 9/12/2012 2:51 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes

I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott  wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith  
> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront roadmap changes

[Kurt Buff]

I'm going to guess it will, because you can't run UAG without TMG.

But that's just a guess...

On Wed, Sep 12, 2012 at 11:53 AM, Crawford, Scott  wrote:
> I'm still waiting to see if TMGs functionality will be rolled into UAG.
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, September 12, 2012 1:47 PM
> To: NT System Admin Issues
> Subject: Re: Forefront roadmap changes
>
> Nice to see that UAG has been left alone, I think.
>
> On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith  
> wrote:
>> FYI.
>>
>> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
>> hanges-to-forefront-product-roadmaps.aspx
>>
>> Regards,
>>
>> Michael B. Smith
>> Consultant and Exchange MVP
>> http://TheEssentialExchange.com
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront roadmap changes

[Crawford, Scott]

I'm still waiting to see if TMGs functionality will be rolled into UAG.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Wednesday, September 12, 2012 1:47 PM
To: NT System Admin Issues
Subject: Re: Forefront roadmap changes

Nice to see that UAG has been left alone, I think.

On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith  
wrote:
> FYI.
>
> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-c
> hanges-to-forefront-product-roadmaps.aspx
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront roadmap changes

[Kurt Buff]

Nice to see that UAG has been left alone, I think.

On Wed, Sep 12, 2012 at 11:18 AM, Michael B. Smith
 wrote:
> FYI.
>
> http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx
>
> Regards,
>
> Michael B. Smith
> Consultant and Exchange MVP
> http://TheEssentialExchange.com
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Forefront roadmap changes

[Michael B. Smith]

FYI.

http://blogs.technet.com/b/server-cloud/archive/2012/09/12/important-changes-to-forefront-product-roadmaps.aspx

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront

[Don Kuhlman]

Is it a pretty streamlined process to remove the old and install the new 
without too much exposure during the process?

Just curious...

Don K




 From: Brian Desmond 
To: NT System Admin Issues  
Sent: Friday, May 18, 2012 11:27 AM
Subject: RE: Forefront
 

 
I’ve had probably half a dozen good sized customers (5-10 K desktops each) move 
from Symantec or McAfee to FEP in the past 12-18 months and they’ve all been 
quite happy with it. Not to mention they’re saving a lot of money in the cases 
that they already owned FEP. 
 
Thanks,
Brian Desmond
br...@briandesmond.com
 
w – 312.625.1438 | c   – 312.731.3132 
  
From:Thozama Nonxuba [mailto:nyib...@gmail.com] 
Sent: Friday, May 18, 2012 1:51 AM
To: NT System Admin Issues
Subject: Forefront
 
Hi
 
My renewal for Symantec Endpoint Protection Manager Anti-Virus is coming up. 
The feauture I like the most is the blocking of usb devices and applications. I 
dont rate it much as as a pure AV as I had a virus come through that was 
immediately picked up by Ms Security Essentials . So I block USB devices and 
CD-ROMS and have a good DMZ to protect the network. I know Group Policy can 
block USB devices but I rate the Symantec interface. I am also looking at 
Forefront. Anyone else use both and can offer a balanced perspective ?
 
Thanks.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Using Forefront TMG to protect Exchange 2010?

[Brian Desmond]

Given what you already have, I don't think you'll see much value in adding a 
second layer.

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Saturday, October 08, 2011 12:17 PM
To: NT System Admin Issues
Subject: Using Forefront TMG to protect Exchange 2010?

I wondered what peoples thoughts are on using TMG to proxy Exchange 2010 
OWA/RPC/ActiveSync access?

We already use a firewall that does SSL inspection and only allows access to 
the Exchange virtual directory URL's so I'm not entirely sure what benefits 
using TMG (solely for Exchange) would give us?

If I understand correctly, the primary one seems to be that as you're 
authenticating to the TMG gateway, and if you don't authenticate you simply 
cannot throw exploit attempts at the IIS that's sitting on the Exchange boxes?

Thanks,
Paul

MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 402570
VAT Registration  GB 100 1464 84

The contents of this e-mail are confidential and are solely for the use of the 
intended recipient.  If you receive this e-mail in error, please delete it and 
notify us either by e-mail, telephone or fax.  You should not copy, forward or 
otherwise disclose the content of the e-mail as this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Rod Trent]

Yeah.particularly with something as comprehensive as ConfigMgr, take it
slow.  Roll out and use a single component at a time.

 

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Monday, October 03, 2011 1:02 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

 

Using sccm for a SINGLE thing is fairly easy. It's just when you try to use
the entire platform that things get complicated.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] 
Sent: Monday, October 03, 2011 12:58 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

 

Thanks Rod, I've seen their website crop up before.  No mention of pricing
though which always has me wary. 

 

It looks interesting as we have ForeFront CALs under our licensing scheme,
but I have no desire to rush into, or learn SCCM right now simply to take
advantage of them.

 

Problem is if a 3rd party management platform costs as much as renewing our
current a/v...

  _  

From: Rod Trent [rodtr...@myitforum.com]
Sent: 03 October 2011 5:58 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

Truesec has an product that you can use to manage Forefront clients without
SCCM

 

http://myitforum.com/myitforumwp/links/lite-management-solution-for-forefron
t-endpoint-protection 

 

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] 
Sent: Monday, October 03, 2011 12:43 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

 

Do you have SCCM in place already?  That's probably the biggest barrier IMO
as it's not a "next, next, done" job and is, arguably, overkill if you just
want to deploy Forefront.

  _  

From: Stefan Jafs [stefan.j...@gmail.com]
Sent: 03 October 2011 4:34 PM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

Is anyone using MS Endpoint protection, I'm thinking about switching from
ESET, for 325 users. 

Anyone happy / unhappy, recommend not recommend?


 

-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

  _  

MIRA Ltd

 

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England

Registered in England and Wales No. 402570

VAT Registration  GB 100 1464 84

 

The contents of this e-mail are confidential and are solely for the use of
the intended recipient.  If you receive this e-mail in error, please delete
it and notify us either by e-mail, telephone or fax.  You should not copy,
forward or otherwise disclose the content of the e-mail as this is
prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Michael B. Smith]

Using sccm for a SINGLE thing is fairly easy. It's just when you try to use the 
entire platform that things get complicated...

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Monday, October 03, 2011 12:58 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

Thanks Rod, I've seen their website crop up before.  No mention of pricing 
though which always has me wary.

It looks interesting as we have ForeFront CALs under our licensing scheme, but 
I have no desire to rush into, or learn SCCM right now simply to take advantage 
of them.

Problem is if a 3rd party management platform costs as much as renewing our 
current a/v...

From: Rod Trent [rodtr...@myitforum.com]
Sent: 03 October 2011 5:58 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection
Truesec has an product that you can use to manage Forefront clients without SCCM

http://myitforum.com/myitforumwp/links/lite-management-solution-for-forefront-endpoint-protection

From: Paul Hutchings 
[mailto:paul.hutchi...@mira.co.uk]<mailto:[mailto:paul.hutchi...@mira.co.uk]>
Sent: Monday, October 03, 2011 12:43 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

Do you have SCCM in place already?  That's probably the biggest barrier IMO as 
it's not a "next, next, done" job and is, arguably, overkill if you just want 
to deploy Forefront.

From: Stefan Jafs [stefan.j...@gmail.com]
Sent: 03 October 2011 4:34 PM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection
Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

--
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 402570
VAT Registration  GB 100 1464 84

The contents of this e-mail are confidential and are solely for the use of the 
intended recipient.  If you receive this e-mail in error, please delete it and 
notify us either by e-mail, telephone or fax.  You should not copy, forward or 
otherwise disclose the content of the e-mail as this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Paul Hutchings]

Thanks Rod, I've seen their website crop up before.  No mention of pricing 
though which always has me wary.

It looks interesting as we have ForeFront CALs under our licensing scheme, but 
I have no desire to rush into, or learn SCCM right now simply to take advantage 
of them.

Problem is if a 3rd party management platform costs as much as renewing our 
current a/v...

From: Rod Trent [rodtr...@myitforum.com]
Sent: 03 October 2011 5:58 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

Truesec has an product that you can use to manage Forefront clients without SCCM

http://myitforum.com/myitforumwp/links/lite-management-solution-for-forefront-endpoint-protection

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk]
Sent: Monday, October 03, 2011 12:43 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

Do you have SCCM in place already?  That's probably the biggest barrier IMO as 
it's not a "next, next, done" job and is, arguably, overkill if you just want 
to deploy Forefront.

From: Stefan Jafs [stefan.j...@gmail.com]
Sent: 03 October 2011 4:34 PM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection
Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

--
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 402570
VAT Registration  GB 100 1464 84

The contents of this e-mail are confidential and are solely for the use of the 
intended recipient.  If you receive this e-mail in error, please delete it and 
notify us either by e-mail, telephone or fax.  You should not copy, forward or 
otherwise disclose the content of the e-mail as this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Rod Trent]

Truesec has an product that you can use to manage Forefront clients without
SCCM

 

http://myitforum.com/myitforumwp/links/lite-management-solution-for-forefron
t-endpoint-protection 

 

From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] 
Sent: Monday, October 03, 2011 12:43 PM
To: NT System Admin Issues
Subject: RE: MS Forefront Endpoint Protection

 

Do you have SCCM in place already?  That's probably the biggest barrier IMO
as it's not a "next, next, done" job and is, arguably, overkill if you just
want to deploy Forefront.

  _  

From: Stefan Jafs [stefan.j...@gmail.com]
Sent: 03 October 2011 4:34 PM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

Is anyone using MS Endpoint protection, I'm thinking about switching from
ESET, for 325 users. 

Anyone happy / unhappy, recommend not recommend?


 

-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

  _  

MIRA Ltd

 

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England

Registered in England and Wales No. 402570

VAT Registration  GB 100 1464 84

 

The contents of this e-mail are confidential and are solely for the use of
the intended recipient.  If you receive this e-mail in error, please delete
it and notify us either by e-mail, telephone or fax.  You should not copy,
forward or otherwise disclose the content of the e-mail as this is
prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Paul Hutchings]

Do you have SCCM in place already?  That's probably the biggest barrier IMO as 
it's not a "next, next, done" job and is, arguably, overkill if you just want 
to deploy Forefront.

From: Stefan Jafs [stefan.j...@gmail.com]
Sent: 03 October 2011 4:34 PM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

--
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

--
MIRA Ltd

Watling Street, Nuneaton, Warwickshire, CV10 0TU, England
Registered in England and Wales No. 402570
VAT Registration  GB 100 1464 84

The contents of this e-mail are confidential and are solely for the use of the 
intended recipient.  If you receive this e-mail in error, please delete it and 
notify us either by e-mail, telephone or fax.  You should not copy, forward or 
otherwise disclose the content of the e-mail as this is prohibited.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Tim Vander Kooi]

We switched to Forefront from Eset about 3 years ago and have had no 
complaints. It is easy to install and monitor and it stays relatively hidden to 
our users which we prefer.
TVK

From: Stefan Jafs [mailto:stefan.j...@gmail.com]
Sent: Monday, October 03, 2011 10:35 AM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

--
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Rod Trent]

Lots of folks are migrating and getting positive results.

 

From: Stefan Jafs [mailto:stefan.j...@gmail.com] 
Sent: Monday, October 03, 2011 11:35 AM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

 

Is anyone using MS Endpoint protection, I'm thinking about switching from
ESET, for 325 users.

Anyone happy / unhappy, recommend not recommend?


 

-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS Forefront Endpoint Protection

[Joseph Heaton]

I'm using it here, but in a pretty limited scope for the time being.  We're 
migrating from Novell to Windows AD, and we have SCCM setup in the new domain, 
along with about 30 or so servers, all with FEP installed.  Client installation 
is extremely quick and painless, once the SCCM client gets installed.  I've had 
a couple of issues with that phase, but nothing once that's done.

>>> Stefan Jafs  10/3/2011 8:34 AM >>>
Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: MS Forefront Endpoint Protection

[Brian Desmond]

We've rolled this out to probably 30-50K seats in the past 18 months or so 
across quite a few customers. It's gone well in each case and has generally 
saved a lot in terms of costs with customers who already have it as part of 
their licensing deal with MS.

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: Stefan Jafs [mailto:stefan.j...@gmail.com]
Sent: Monday, October 03, 2011 10:35 AM
To: NT System Admin Issues
Subject: MS Forefront Endpoint Protection

Is anyone using MS Endpoint protection, I'm thinking about switching from ESET, 
for 325 users.
Anyone happy / unhappy, recommend not recommend?

--
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

MS Forefront Endpoint Protection

[Stefan Jafs]

Is anyone using MS Endpoint protection, I'm thinking about switching from
ESET, for 325 users.
Anyone happy / unhappy, recommend not recommend?

-- 
Stefan Jafs

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Don Kuhlman]

Thanks Ralph. I ended up getting a trial version of Wingate software for the 
proxy server and another trial version of ProxyInspector 3 for the reporting.  
If these workout and the company wants to keep monitoring what the devices are 
doing, we'll probably use Wingate.  The Wingate is less than $75 USD.  However, 
the Proxy Inspector 3 software is $349 so I'm going to have to look for another 
reporting tool.
 Appreciate the tip though!
 
Don

From: Ralph Smith 
To: NT System Admin Issues 
Sent: Wednesday, July 27, 2011 11:12 AM
Subject: RE: Proxy Server Suggestions - was ISA vs. Forefront Threat Management 
Gateway on server 2008 R2 64 bit


 
I
used a product for several years at two sites called CCproxy.  Not free but also
not expensive.  I don’t recall if it had reporting features, I do remember that
it generated a log.  Never had a problem with it. 
  
From:Don Kuhlman
[mailto:drkuhl...@yahoo.com] 
Sent: Wednesday, July 27, 2011 10:39 AM
To: NT System Admin Issues
Subject: Proxy Server Suggestions - was ISA vs. Forefront Threat
Management Gateway on server 2008 R2 64 bit   
  
Just
revisiting this topic (briefly)...does anyone have a proxy software they really
like that has reporting capabilities?  
I've
found "Squid" (free on linux) and TMG/ISA so far but would appreciate
anyone's real world experience with a software based proxy solution.  
   
Thanks  
   
   
From:Joseph
Heaton 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:52 PM
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit

No more development on TMG, but they will be supporting it for the next 10
years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman 
7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing paperwork
to see if this is in there so at least I can get it loaded.  I will pass
on the fact that no more TMG for also.

Do you know if they are creating a new proxy server product then?

Much appreciated!

Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64
bit


ISA Server was never free.  It evolved from the old Proxy Server which
also was not free.  There is no free proxy server from Microsoft of which
I am aware.  You should also be aware that Microsoft is no longer
developing new versions of TMG.

From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

Hi folks. I'm trying to investigate something here. I've been instructed to
install a Proxy server on Windows 2008 R2 (64 bit)

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server. 
It seems as though Forefront TMG 2010 is the microsoft product for creating a
proxy server.

Howerver, it also seems like it costs to do this.  So my questions are

1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on
2008 R2 ?

Thanks

Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> 
~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> 
~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> 
~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> 
~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> 
~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/B

Re: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Dean Cunningham]

No longer windows based, but can run as a VM
http://www.clearswift.com/products/clearswift-secure-web-gateway
Not cheap but great

On Thu, Jul 28, 2011 at 2:38 AM, Don Kuhlman  wrote:

>  Just revisiting this topic (briefly)...does anyone have a proxy software
> they really like that has reporting capabilities?
> I've found "Squid" (free on linux) and TMG/ISA so far but would appreciate
> anyone's real world experience with a software based proxy solution.
>
> Thanks
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Ralph Smith]

Like anything whether the product fits depends on your requirements.  It
did what I needed and did it well for years, but it is just a basic
proxy with some ability to white/black list web sites based on computer
groups, which is what I needed at the time.

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, July 27, 2011 1:54 PM
To: NT System Admin Issues
Subject: Re: Proxy Server Suggestions - was ISA vs. Forefront Threat
Management Gateway on server 2008 R2 64 bit

 

I tried CCProxy a few years back, but it was an inflexibile, annoying
product, IMO...



Not a whole lot of good Windows-based options here...

ASB

http://about.me/Andrew.S.Baker

Harnessing the Advantages of Technology for the SMB market...





On Wed, Jul 27, 2011 at 12:12 PM, Ralph Smith
 wrote:

I used a product for several years at two sites called CCproxy.  Not
free but also not expensive.  I don't recall if it had reporting
features, I do remember that it generated a log.  Never had a problem
with it.

 

From: Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Wednesday, July 27, 2011 10:39 AM


To: NT System Admin Issues
Subject: Proxy Server Suggestions - was ISA vs. Forefront Threat
Management Gateway on server 2008 R2 64 bit

 

Just revisiting this topic (briefly)...does anyone have a proxy software
they really like that has reporting capabilities?

I've found "Squid" (free on linux) and TMG/ISA so far but would
appreciate anyone's real world experience with a software based proxy
solution.

 

Thanks

 

 

From: Joseph Heaton 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:52 PM
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit

No more development on TMG, but they will be supporting it for the next
10 years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman  7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing
paperwork to see if this is in there so at least I can get it loaded.  I
will pass on the fact that no more TMG for also.

Do you know if they are creating a new proxy server product then?

Much appreciated!

Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit


ISA Server was never free.  It evolved from the old Proxy Server which
also was not free.  There is no free proxy server from Microsoft of
which I am aware.  You should also be aware that Microsoft is no longer
developing new versions of TMG.

From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2
64 bit

Hi folks. I'm trying to investigate something here. I've been instructed
to install a Proxy server on Windows 2008 R2 (64 bit)

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.
It seems as though Forefront TMG 2010 is the microsoft product for
creating a proxy server.

Howerver, it also seems like it costs to do this.  So my questions are

1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server
on 2008 R2 ?

Thanks

Don K

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Andrew S. Baker]

I tried CCProxy a few years back, but it was an inflexibile, annoying
product, IMO...

Not a whole lot of good Windows-based options here...
* *

*ASB* *http://about.me/Andrew.S.Baker* *Harnessing the Advantages of
Technology for the SMB market…

*



On Wed, Jul 27, 2011 at 12:12 PM, Ralph Smith wrote:

>  I used a product for several years at two sites called CCproxy.  Not free
> but also not expensive.  I don’t recall if it had reporting features, I do
> remember that it generated a log.  Never had a problem with it.
>
> ** **
>
> *From:* Don Kuhlman [mailto:drkuhl...@yahoo.com]
> *Sent:* Wednesday, July 27, 2011 10:39 AM
>
> *To:* NT System Admin Issues
> *Subject:* Proxy Server Suggestions - was ISA vs. Forefront Threat
> Management Gateway on server 2008 R2 64 bit
>
>  ** **
>
> Just revisiting this topic (briefly)...does anyone have a proxy software
> they really like that has reporting capabilities?
>
> I've found "Squid" (free on linux) and TMG/ISA so far but would appreciate
> anyone's real world experience with a software based proxy solution.
>
>  
>
> Thanks
>
>  
>
> ** **
>
> *From:* Joseph Heaton 
> *To:* NT System Admin Issues 
> *Sent:* Monday, July 25, 2011 3:52 PM
> *Subject:* Re: ISA vs. Forefront Threat Management Gateway on server 2008
> R2 64 bit
>
> No more development on TMG, but they will be supporting it for the next 10
> years. (5 normal, 5 extended)
>
> Microsoft is getting out of that area.
>
> >>> Don Kuhlman  7/25/2011 1:48 PM >>>
> Thanks Bill!  I am trying to get a look at our volume licensing paperwork
> to see if this is in there so at least I can get it loaded.  I will pass on
> the fact that no more TMG for also.
>
> Do you know if they are creating a new proxy server product then?
>
> Much appreciated!
>
> Don
>
> From: "Mayo, Bill" 
> To: NT System Admin Issues 
> Sent: Monday, July 25, 2011 3:37 PM
> Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2
> 64 bit
>
>
> ISA Server was never free.  It evolved from the old Proxy Server which also
> was not free.  There is no free proxy server from Microsoft of which I am
> aware.  You should also be aware that Microsoft is no longer developing new
> versions of TMG.
>
> From:Don Kuhlman [mailto:drkuhl...@yahoo.com]
> Sent: Monday, July 25, 2011 4:34 PM
> To: NT System Admin Issues
> Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64
> bit
>
> Hi folks. I'm trying to investigate something here. I've been instructed to
> install a Proxy server on Windows 2008 R2 (64 bit)
>
> Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.
> It seems as though Forefront TMG 2010 is the microsoft product for creating
> a proxy server.
>
> Howerver, it also seems like it costs to do this.  So my questions are
>
> 1) Was ISA free for a proxy server?
> 2) Is TMG the only Microsoft product you can use to build a proxy server on
> 2008 R2 ?
>
> Thanks
>
> Don K
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Ralph Smith]

I used a product for several years at two sites called CCproxy.  Not
free but also not expensive.  I don't recall if it had reporting
features, I do remember that it generated a log.  Never had a problem
with it.

 

From: Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Wednesday, July 27, 2011 10:39 AM
To: NT System Admin Issues
Subject: Proxy Server Suggestions - was ISA vs. Forefront Threat
Management Gateway on server 2008 R2 64 bit

 

Just revisiting this topic (briefly)...does anyone have a proxy software
they really like that has reporting capabilities?

I've found "Squid" (free on linux) and TMG/ISA so far but would
appreciate anyone's real world experience with a software based proxy
solution.

 

Thanks

 

 

From: Joseph Heaton 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:52 PM
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit

No more development on TMG, but they will be supporting it for the next
10 years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman  7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing
paperwork to see if this is in there so at least I can get it loaded.  I
will pass on the fact that no more TMG for also.

Do you know if they are creating a new proxy server product then?

Much appreciated!

Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit


ISA Server was never free.  It evolved from the old Proxy Server which
also was not free.  There is no free proxy server from Microsoft of
which I am aware.  You should also be aware that Microsoft is no longer
developing new versions of TMG.

From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2
64 bit

Hi folks. I'm trying to investigate something here. I've been instructed
to install a Proxy server on Windows 2008 R2 (64 bit)

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.
It seems as though Forefront TMG 2010 is the microsoft product for
creating a proxy server.

Howerver, it also seems like it costs to do this.  So my questions are

1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server
on 2008 R2 ?

Thanks

Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Don Kuhlman]

If anyone is interested...while doing some more research on the proxy software 
questions I came across Wingate software - they have a relatively inexpensive 
software based proxy solution - 
http://www.wingate.com/products/wingate/index.php
 
 
Also (not related but may be helpful) came across a neat site that has some 
good tools on it for doing various Internet related tests - GRC Gibson Research 
Corp - (SpinRite) - http://www.grc.com/default.htm
They've got some tools for checking your firewall, stopping some services you 
may not want to use, etc.
 
 
 
 
 

From: Don Kuhlman 
To: NT System Admin Issues 
Sent: Wednesday, July 27, 2011 9:38 AM
Subject: Proxy Server Suggestions - was ISA vs. Forefront Threat Management 
Gateway on server 2008 R2 64 bit


Just revisiting this topic (briefly)...does anyone have a proxy software they 
really like that has reporting capabilities?
I've found "Squid" (free on linux) and TMG/ISA so far but would appreciate 
anyone's real world experience with a software based proxy solution.
 
Thanks
 

From: Joseph Heaton 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:52 PM
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit

No more development on TMG, but they will be supporting it for the next 10 
years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman  7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing paperwork to 
see if this is in there so at least I can get it loaded.  I will pass on the 
fact that no more TMG for also.

Do you know
 if they are creating a new proxy server product then?

Much appreciated!

Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit


ISA Server was never free.  It evolved from the old Proxy Server which also was 
not free.  There is no free proxy server from Microsoft of which I am aware.  
You should also be aware that Microsoft is no longer developing new versions of 
TMG.

From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent:
 Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

Hi folks. I'm trying to investigate something here. I've been instructed to 
install a Proxy server on Windows 2008 R2 (64 bit)

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.  It 
seems as though Forefront TMG 2010 is the microsoft product for creating a 
proxy server.

Howerver, it also seems like it costs to do this.  So my questions are

1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on 
2008 R2 ?

Thanks

Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage
 subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions
 click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Proxy Server Suggestions - was ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Don Kuhlman]

Just revisiting this topic (briefly)...does anyone have a proxy software they 
really like that has reporting capabilities?
I've found "Squid" (free on linux) and TMG/ISA so far but would appreciate 
anyone's real world experience with a software based proxy solution.
 
Thanks
 

From: Joseph Heaton 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:52 PM
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit

No more development on TMG, but they will be supporting it for the next 10 
years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman  7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing paperwork to 
see if this is in there so at least I can get it loaded.  I will pass on the 
fact that no more TMG for also.

Do you know if they are creating a new proxy server product then?

Much appreciated!

Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit


ISA Server was never free.  It evolved from the old Proxy Server which also was 
not free.  There is no free proxy server from Microsoft of which I am aware.  
You should also be aware that Microsoft is no longer developing new versions of 
TMG.

From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

Hi folks. I'm trying to investigate something here. I've been instructed to 
install a Proxy server on Windows 2008 R2 (64 bit)

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.  It 
seems as though Forefront TMG 2010 is the microsoft product for creating a 
proxy server.

Howerver, it also seems like it costs to do this.  So my questions are

1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on 
2008 R2 ?

Thanks

Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Joseph Heaton]

No more development on TMG, but they will be supporting it for the next 10 
years. (5 normal, 5 extended)

Microsoft is getting out of that area.  

>>> Don Kuhlman  7/25/2011 1:48 PM >>>
Thanks Bill!  I am trying to get a look at our volume licensing paperwork to 
see if this is in there so at least I can get it loaded.  I will pass on the 
fact that no more TMG for also.
 
Do you know if they are creating a new proxy server product then?
 
Much appreciated!
 
Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit


ISA Server was never free.  It evolved from the old Proxy Server which also was 
not free.  There is no free proxy server from Microsoft of which I am aware.  
You should also be aware that Microsoft is no longer developing new versions of 
TMG.
 
From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit
 
Hi folks. I'm trying to investigate something here. I've been instructed to 
install a Proxy server on Windows 2008 R2 (64 bit)
 
Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.  It 
seems as though Forefront TMG 2010 is the microsoft product for creating a 
proxy server.
 
Howerver, it also seems like it costs to do this.  So my questions are
 
1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on 
2008 R2 ?
 
Thanks
 
Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Mayo, Bill]

I am only aware of the no further development thing through discussion
on the ISA list.  It is my understanding that they have announced no
plans for any kind of successor.  Here are a couple of links that
discuss it.

 

http://blogs.isaserver.org/shinder/2011/05/27/death-of-tmg

http://blog.konab.com/2011/05/what-will-happen-with-tmg/

http://social.technet.microsoft.com/Forums/en-US/Forefrontedgegeneral/th
read/c9fed466-0636-46fa-b599-09a83588fce3/

 

 

From: Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:48 PM
To: NT System Admin Issues
Subject: Re: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit

 

Thanks Bill!  I am trying to get a look at our volume licensing
paperwork to see if this is in there so at least I can get it loaded.  I
will pass on the fact that no more TMG for also.

 

Do you know if they are creating a new proxy server product then?

 

Much appreciated!

 

Don

 

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008
R2 64 bit

ISA Server was never free.  It evolved from the old Proxy Server which
also was not free.  There is no free proxy server from Microsoft of
which I am aware.  You should also be aware that Microsoft is no longer
developing new versions of TMG.

 

From: Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2
64 bit

 

Hi folks. I'm trying to investigate something here. I've been instructed
to install a Proxy server on Windows 2008 R2 (64 bit)

 

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.
It seems as though Forefront TMG 2010 is the microsoft product for
creating a proxy server.

 

Howerver, it also seems like it costs to do this.  So my questions are

 

1) Was ISA free for a proxy server?

2) Is TMG the only Microsoft product you can use to build a proxy server
on 2008 R2 ?

 

Thanks

 

Don K

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Don Kuhlman]

Thanks Bill!  I am trying to get a look at our volume licensing paperwork to 
see if this is in there so at least I can get it loaded.  I will pass on the 
fact that no more TMG for also.
 
Do you know if they are creating a new proxy server product then?
 
Much appreciated!
 
Don

From: "Mayo, Bill" 
To: NT System Admin Issues 
Sent: Monday, July 25, 2011 3:37 PM
Subject: RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 
bit


ISA Server was never free.  It evolved from the old Proxy Server which also was 
not free.  There is no free proxy server from Microsoft of which I am aware.  
You should also be aware that Microsoft is no longer developing new versions of 
TMG.
 
From:Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit
 
Hi folks. I'm trying to investigate something here. I've been instructed to 
install a Proxy server on Windows 2008 R2 (64 bit)
 
Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.  It 
seems as though Forefront TMG 2010 is the microsoft product for creating a 
proxy server.
 
Howerver, it also seems like it costs to do this.  So my questions are
 
1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on 
2008 R2 ?
 
Thanks
 
Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Mayo, Bill]

ISA Server was never free.  It evolved from the old Proxy Server which
also was not free.  There is no free proxy server from Microsoft of
which I am aware.  You should also be aware that Microsoft is no longer
developing new versions of TMG.

 

From: Don Kuhlman [mailto:drkuhl...@yahoo.com] 
Sent: Monday, July 25, 2011 4:34 PM
To: NT System Admin Issues
Subject: ISA vs. Forefront Threat Management Gateway on server 2008 R2
64 bit

 

Hi folks. I'm trying to investigate something here. I've been instructed
to install a Proxy server on Windows 2008 R2 (64 bit)

 

Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.
It seems as though Forefront TMG 2010 is the microsoft product for
creating a proxy server.

 

Howerver, it also seems like it costs to do this.  So my questions are

 

1) Was ISA free for a proxy server?

2) Is TMG the only Microsoft product you can use to build a proxy server
on 2008 R2 ?

 

Thanks

 

Don K

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

ISA vs. Forefront Threat Management Gateway on server 2008 R2 64 bit

[Don Kuhlman]

Hi folks. I'm trying to investigate something here. I've been instructed to 
install a Proxy server on Windows 2008 R2 (64 bit)
 
Everything I'm seeing says you can't use ISA 2006 on 2008 64 bit server.  It 
seems as though Forefront TMG 2010 is the microsoft product for creating a 
proxy server.
 
Howerver, it also seems like it costs to do this.  So my questions are
 
1) Was ISA free for a proxy server?
2) Is TMG the only Microsoft product you can use to build a proxy server on 
2008 R2 ?
 
Thanks
 
Don K
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront TMG -- Reverse Proxy OWA

[Brian Desmond]

Assuming TMG doesn't block whatever URL is in this hypothetical 0-day, then 
it's added no value really as it gets passed right through.

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: Derrenbacker, L. Jonathan [mailto:jderrenbac...@kshgs.com]
Sent: Tuesday, March 22, 2011 8:17 AM
To: NT System Admin Issues
Subject: re: Forefront TMG -- Reverse Proxy OWA

As far as the security benefit, with just NAT, if a new IIS 0-day comes out and 
someone turns it into a worm before MS can patch it, your internal core 
network(everything) is potentially compromised.
If you have forefront in a DMZ, only your DMZ boxes are compromised.
My only skepticism is if your CAS/HUB have to still have port 80/443 open to 
forefront, it would seem to me any exploit used to get into forefront could 
also be used to pivot from forefront to the CAS/HUB.

Jon



On Mon, Mar 21, 2011 at 9:19 PM, Harry Singh 
mailto:hbo...@gmail.com>> wrote:
> Out of curiosity, what are the added security advantages over a NAT'd
> connection through a FW ?
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront TMG -- Reverse Proxy OWA

[Harry Singh]

Out of curiosity, what are the added security advantages over a NAT'd
connection through a FW ?



On Mon, Mar 21, 2011 at 8:10 PM, Thomas W Shinder MD
wrote:

> I know literally thousands of people who have done it.
> Ranging from small to mid to ginormous enterprise customers.
> Lots of advantages *if* security is a priorty.
> If the firm sees security as PIA and bad things "happen to other people" -
> probably not worth the effort.
> But there are a lot of other advantages too - again, balance the advantages
> with the cost.
> HTH,
> Tom
>
> > -Original Message-
> > From: Jon D [mailto:rekcahp...@gmail.com]
> > Sent: Monday, March 21, 2011 10:57 AM
> > To: NT System Admin Issues
> > Subject: Forefront TMG -- Reverse Proxy OWA
> >
> > Anyone here use Forefront TMG to reverse proxy outlook web access on
> > Exchange 2010?
> > I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but
> > it definitally adds cost.
> > I'm curious if anyone has done it, if they recommend it, any issues, etc.
> >
> >
> >
> > Thanks,
> > Jon
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> > ---
> > To manage subscriptions click here: http://lyris.sunbelt-
> > software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront TMG -- Reverse Proxy OWA

[Thomas W Shinder MD]

I know literally thousands of people who have done it.
Ranging from small to mid to ginormous enterprise customers.
Lots of advantages *if* security is a priorty.
If the firm sees security as PIA and bad things "happen to other people" - 
probably not worth the effort.
But there are a lot of other advantages too - again, balance the advantages 
with the cost.
HTH,
Tom

> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Monday, March 21, 2011 10:57 AM
> To: NT System Admin Issues
> Subject: Forefront TMG -- Reverse Proxy OWA
> 
> Anyone here use Forefront TMG to reverse proxy outlook web access on
> Exchange 2010?
> I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but
> it definitally adds cost.
> I'm curious if anyone has done it, if they recommend it, any issues, etc.
> 
> 
> 
> Thanks,
> Jon
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-
> software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront TMG -- Reverse Proxy OWA

[Andrew S. Baker]

Ah...  Thanks.

Personally, that's the way I have almost always done it (NAT'd).


*ASB *(Find me online via About.Me <http://about.me/Andrew.S.Baker/bio>)
 *Exploiting Technology for Business Advantage...

 *



On Mon, Mar 21, 2011 at 3:13 PM, Brian Desmond wrote:

> *Not sure how much value you get from a couple servers plus associated
> load balancing infrastructure that are passing back HTTPS/SMTP versus just
> NATing it across the firewall. Looking at most of the large scale Exchange
> deployments I’ve worked plus all my current mid-scale customers, very few of
> them have any sort of TMG style appliance in front of stuff. *
>
> * *
>
> *Thanks,*
>
> *Brian Desmond*
>
> *br...@briandesmond.com* **
>
> * *
>
> *c   – 312.731.3132*
>
> * *
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Monday, March 21, 2011 1:56 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Forefront TMG -- Reverse Proxy OWA
>
>
>
> Why?
>
>
>
> *ASB *(Find me online via About.Me <http://about.me/Andrew.S.Baker/bio>)
> *Exploiting Technology for Business Advantage...**
> *
> * *
>
>
>
> On Mon, Mar 21, 2011 at 12:59 PM, Brian Desmond 
> wrote:
>
> I've deployed this lots of times. It works great although the benefit is
> questionable if you ask me.
>
> Thanks,
> Brian Desmond
> br...@briandesmond.com
>
> c   - 312.731.3132
>
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Monday, March 21, 2011 10:57 AM
> To: NT System Admin Issues
> Subject: Forefront TMG -- Reverse Proxy OWA
>
> Anyone here use Forefront TMG to reverse proxy outlook web access on
> Exchange 2010?
> I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but it
> definitally adds cost.
> I'm curious if anyone has done it, if they recommend it, any issues, etc.
>
>
>
> Thanks,
> Jon
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront TMG -- Reverse Proxy OWA

[Brian Desmond]

Not sure how much value you get from a couple servers plus associated load 
balancing infrastructure that are passing back HTTPS/SMTP versus just NATing it 
across the firewall. Looking at most of the large scale Exchange deployments 
I've worked plus all my current mid-scale customers, very few of them have any 
sort of TMG style appliance in front of stuff.

Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>

c   - 312.731.3132

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Monday, March 21, 2011 1:56 PM
To: NT System Admin Issues
Subject: Re: Forefront TMG -- Reverse Proxy OWA

Why?



ASB (Find me online via About.Me<http://about.me/Andrew.S.Baker/bio>)
Exploiting Technology for Business Advantage...




On Mon, Mar 21, 2011 at 12:59 PM, Brian Desmond 
mailto:br...@briandesmond.com>> wrote:
I've deployed this lots of times. It works great although the benefit is 
questionable if you ask me.

Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>

c   - 312.731.3132


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com<mailto:rekcahp...@gmail.com>]
Sent: Monday, March 21, 2011 10:57 AM
To: NT System Admin Issues
Subject: Forefront TMG -- Reverse Proxy OWA

Anyone here use Forefront TMG to reverse proxy outlook web access on Exchange 
2010?
I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but it 
definitally adds cost.
I'm curious if anyone has done it, if they recommend it, any issues, etc.



Thanks,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Forefront TMG -- Reverse Proxy OWA

[Andrew S. Baker]

Why?


 *ASB *(Find me online via About.Me <http://about.me/Andrew.S.Baker/bio>)
 *Exploiting Technology for Business Advantage...

 *



On Mon, Mar 21, 2011 at 12:59 PM, Brian Desmond wrote:

> I've deployed this lots of times. It works great although the benefit is
> questionable if you ask me.
>
> Thanks,
> Brian Desmond
> br...@briandesmond.com
>
> c   - 312.731.3132
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Monday, March 21, 2011 10:57 AM
> To: NT System Admin Issues
> Subject: Forefront TMG -- Reverse Proxy OWA
>
> Anyone here use Forefront TMG to reverse proxy outlook web access on
> Exchange 2010?
> I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but it
> definitally adds cost.
> I'm curious if anyone has done it, if they recommend it, any issues, etc.
>
>
>
> Thanks,
> Jon
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <
> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront TMG -- Reverse Proxy OWA

[Brian Desmond]

I've deployed this lots of times. It works great although the benefit is 
questionable if you ask me. 

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Monday, March 21, 2011 10:57 AM
To: NT System Admin Issues
Subject: Forefront TMG -- Reverse Proxy OWA

Anyone here use Forefront TMG to reverse proxy outlook web access on Exchange 
2010?
I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but it 
definitally adds cost.
I'm curious if anyone has done it, if they recommend it, any issues, etc.



Thanks,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Forefront TMG -- Reverse Proxy OWA

[Jon D]

Anyone here use Forefront TMG to reverse proxy outlook web access on
Exchange 2010?
I like the idea of OWA/ActiveSync/OutlookAnywhere being in a DMZ, but
it definitally adds cost.
I'm curious if anyone has done it, if they recommend it, any issues, etc.



Thanks,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Forefront Endpoint Beta

[Joseph Heaton]

Not really.  We just recently setup FCS, and was wondering how different it is 
now.  I understand it works with SCCM now, instead of MoM.  Is the interface 
useful yet?  Just finding out what machines are up to date and which aren't is 
a trial at the moment...

>>> Tim Vander Kooi  7/29/2010 4:00 PM >>>
I have been. It has changed quite a lot over time. May still be a change or 2 
coming before it is released. Any specific questions?

Tim

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Thursday, July 29, 2010 1:52 PM
To: NT System Admin Issues
Subject: Forefront Endpoint Beta

Anyone playing with this?



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Forefront Endpoint Beta

[Tim Vander Kooi]

I have been. It has changed quite a lot over time. May still be a change or 2 
coming before it is released. Any specific questions?

Tim

-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] 
Sent: Thursday, July 29, 2010 1:52 PM
To: NT System Admin Issues
Subject: Forefront Endpoint Beta

Anyone playing with this?



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Forefront Endpoint Beta

[Joseph Heaton]

Anyone playing with this?



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Anyone using Forefront UAG and Direct Access

[Jason Gauthier]

Awesome! Great information and thanks for the elaboration.

Are you using Forefront TMG?  I'm kind of irked right now about the fact I 
can't get IPv6 traffic to flow through it.
It doesn't even allow me to put IPv6 addresses on the "Internal"/"Trusted" 
network.



-Original Message-
From: Malcolm Reitz [mailto:malcolm.re...@live.com] 
Sent: Tuesday, July 27, 2010 11:02 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

First - There's more to it than just translating IPv4 addresses to IPv6 and 
back. Let me rephrase my statement and see if this works any better: 
"Applications that depend on protocols implementations (such as the version of 
SIP used in MS Communicator) which don't work over IPv6 will not work over 
DirectAccess."  In this case, you could have a completely IPv6-only local area 
network, with no DirectAccess involved, and Communicator will still not work.

Second - DirectAccess clients are supplied with a Name Resolution Policy Table. 
In the NRPT, you tell the client "if you are looking to resolve an 
*.internal.mycorp.com name, use these (internal) DNS servers and, by extension, 
route the traffic to that address across the secure intranet tunnel." So, by 
supplying the client with an name, you've given DirectAccess the information it 
needs to determine if the destination desired is through the intranet tunnel or 
to the outside world. If you only supply your client with an IP address, the 
lack of a name to resolve means the NRPT isn't consulted and DirectAccess 
assumes the destination to be in the outside world.

The Cable Guy blog on TechNet has a lot of good discussion on these topics and 
DirectAccess in general.
http://technet.microsoft.com/en-us/library/ff576611.aspx 

-Malcolm

-Original Message-
From: Jason Gauthier [mailto:jgauth...@lastar.com]
Sent: Tuesday, July 27, 2010 07:58
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

A few question on this topic:

"Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well."

Are you using ForeFront UAG?  My understanding what that the NAT64/DNS64 and 
Forefront UAG product complimented this so that you could access IPv4 only 
systems.

In reviewing my email with Tom Shinder, over at the DA team, he mentions that 
an IPv6 only network can be used with only DA.  However, IPv4 resources need 
the UAG to be reachable.   This doesn't specifically contradict  what you are 
saying, but I'd say it's doable.

"Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com"."

DNS works by IP.  How can you reach the DNS servers if what you are saying 
above is true?

Thanks!

Jason

-Original Message-
From: Malcolm Reitz [mailto:malcolm.re...@live.com]
Sent: Monday, July 26, 2010 10:13 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

Smart cards are optional for DirectAccess, not required. What I was trying 
(poorly) to say was that Microsoft's internal implementation of DirectAccess is 
set up to require smart card authentication (e.g. MSFT employees must use smart 
cards). Our DirectAccess implementation currently does not require the users to 
have a smart card. Smart cards (we use .NET cards - Gemalto is the major vendor 
in the market) are a quite useful security tool, but they require a 
distribution/maintenance infrastructure that complicates their use.

Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well.

Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com". You can 
tell DirectAccess to send all traffic to *.internal.mycorp.com over the tunnel 
to your corporate network, but you can't tell it to route all traffic to any 
10.x.x.x address across the tunnel. The only way around this is to force all 
communications across the tunnel (that is, disable split-tunneling). 
Unfortunately, this has performance implications, as it makes DirectAccess use 
a less-efficient protocol and increases the load on the Direct

RE: Anyone using Forefront UAG and Direct Access

[Malcolm Reitz]

First - There's more to it than just translating IPv4 addresses to IPv6 and 
back. Let me rephrase my statement and see if this works any better: 
"Applications that depend on protocols implementations (such as the version of 
SIP used in MS Communicator) which don't work over IPv6 will not work over 
DirectAccess."  In this case, you could have a completely IPv6-only local area 
network, with no DirectAccess involved, and Communicator will still not work.

Second - DirectAccess clients are supplied with a Name Resolution Policy Table. 
In the NRPT, you tell the client "if you are looking to resolve an 
*.internal.mycorp.com name, use these (internal) DNS servers and, by extension, 
route the traffic to that address across the secure intranet tunnel." So, by 
supplying the client with an name, you've given DirectAccess the information it 
needs to determine if the destination desired is through the intranet tunnel or 
to the outside world. If you only supply your client with an IP address, the 
lack of a name to resolve means the NRPT isn't consulted and DirectAccess 
assumes the destination to be in the outside world.

The Cable Guy blog on TechNet has a lot of good discussion on these topics and 
DirectAccess in general.
http://technet.microsoft.com/en-us/library/ff576611.aspx 

-Malcolm

-Original Message-
From: Jason Gauthier [mailto:jgauth...@lastar.com] 
Sent: Tuesday, July 27, 2010 07:58
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

A few question on this topic:

"Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well."

Are you using ForeFront UAG?  My understanding what that the NAT64/DNS64 and 
Forefront UAG product complimented this so that you could access IPv4 only 
systems.

In reviewing my email with Tom Shinder, over at the DA team, he mentions that 
an IPv6 only network can be used with only DA.  However, IPv4 resources need 
the UAG to be reachable.   This doesn't specifically contradict  what you are 
saying, but I'd say it's doable.

"Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com"."

DNS works by IP.  How can you reach the DNS servers if what you are saying 
above is true?

Thanks!

Jason

-Original Message-
From: Malcolm Reitz [mailto:malcolm.re...@live.com]
Sent: Monday, July 26, 2010 10:13 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

Smart cards are optional for DirectAccess, not required. What I was trying 
(poorly) to say was that Microsoft's internal implementation of DirectAccess is 
set up to require smart card authentication (e.g. MSFT employees must use smart 
cards). Our DirectAccess implementation currently does not require the users to 
have a smart card. Smart cards (we use .NET cards - Gemalto is the major vendor 
in the market) are a quite useful security tool, but they require a 
distribution/maintenance infrastructure that complicates their use.

Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well.

Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com". You can 
tell DirectAccess to send all traffic to *.internal.mycorp.com over the tunnel 
to your corporate network, but you can't tell it to route all traffic to any 
10.x.x.x address across the tunnel. The only way around this is to force all 
communications across the tunnel (that is, disable split-tunneling). 
Unfortunately, this has performance implications, as it makes DirectAccess use 
a less-efficient protocol and increases the load on the DirectAccess servers, 
not to mention it sends all Internet-bound traffic from the client "the long 
way" through the corporate network and out the corporate Internet connection.

Hope that makes sense...

-Malcolm
-Original Message-----
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, July 23, 2010 17:43
To: NT System Admin Issues
Subject: Re: Anyone using Forefront UAG and Direct Access

O...

Actual field experience!

Did not know about the smart card requirement. That's good

RE: Anyone using Forefront UAG and Direct Access

[Jason Gauthier]

A few question on this topic:

"Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well."

Are you using ForeFront UAG?  My understanding what that the NAT64/DNS64 and 
Forefront UAG product complimented this so that you could access IPv4 only 
systems.

In reviewing my email with Tom Shinder, over at the DA team, he mentions that 
an IPv6 only network can be used with only DA.  However, IPv4 resources need 
the UAG to be reachable.   This doesn't specifically contradict  what you are 
saying, but I'd say it's doable.

"Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com"."

DNS works by IP.  How can you reach the DNS servers if what you are saying 
above is true?

Thanks!

Jason

-Original Message-
From: Malcolm Reitz [mailto:malcolm.re...@live.com] 
Sent: Monday, July 26, 2010 10:13 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

Smart cards are optional for DirectAccess, not required. What I was trying 
(poorly) to say was that Microsoft's internal implementation of DirectAccess is 
set up to require smart card authentication (e.g. MSFT employees must use smart 
cards). Our DirectAccess implementation currently does not require the users to 
have a smart card. Smart cards (we use .NET cards - Gemalto is the major vendor 
in the market) are a quite useful security tool, but they require a 
distribution/maintenance infrastructure that complicates their use.

Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well.

Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com". You can 
tell DirectAccess to send all traffic to *.internal.mycorp.com over the tunnel 
to your corporate network, but you can't tell it to route all traffic to any 
10.x.x.x address across the tunnel. The only way around this is to force all 
communications across the tunnel (that is, disable split-tunneling). 
Unfortunately, this has performance implications, as it makes DirectAccess use 
a less-efficient protocol and increases the load on the DirectAccess servers, 
not to mention it sends all Internet-bound traffic from the client "the long 
way" through the corporate network and out the corporate Internet connection.

Hope that makes sense...

-Malcolm
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, July 23, 2010 17:43
To: NT System Admin Issues
Subject: Re: Anyone using Forefront UAG and Direct Access

O...

Actual field experience!

Did not know about the smart card requirement. That's good to know.
What smart card technology are you using, if you can say?

What kind of apps have you run into that don't play nice with it?

Kurt

On Fri, Jul 23, 2010 at 13:29, Malcolm Reitz  wrote:
> I won’t say DirectAccess is just another VPN, because it isn’t, but it 
> is a VPN technology with pretty robust security. It isn’t an easy 
> setup, as it requires working with IPv6 and certificates, however, 
> once it is running, it is really slick in operation. Just connecting 
> your laptop to the Internet and being instantly able to map corporate 
> file shares and open intranet web apps or RDP sessions is great.
> Downsides to it are that not everything works with it, as not 
> everything plays nice with IPv6, and the hardware requirements are 
> more significant than for a traditional IPsec VPN. It also only works with 
> Windows 7 clients.
>
>
>
> Microsoft has enhanced security on their DirectAccess implementation 
> by requiring their people to use smart cards for DirectAccess authentication.
> We may do that as well.
>
>
>
> I can say that everyone using my DirectAccess POC setup is liking it so far.
> Because of its “always on” nature, I think it will be a great boon to 
> our management of remote computers (they always be connected for 
> patching, AV updates, inventory, etc.).
>
>
>
> -Malcolm
>
>
>
> From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
> Sent: Friday, July 23, 2010 14:51
> To: NT Sys

Re: Anyone using Forefront UAG and Direct Access

[Kurt Buff]

This does make some sense. The issue with VOIP might well be a problem
at some point - we have a Shoretel system, and it's desired at some
point to have remote folks use a soft phone remotely. I don't know if
it uses IPv4 only, or if it can use v6, or even if it uses SIP for its
native implementation. IIRC, it needs a SIP gateway to work with COTS
SIP phones, so it might not be affected by that.

I'm not terribly worried about apps that don't use name resolution, as
we don't have any. I'm actually a fan of disabling split tunneling,
but I do recognize the drawbacks - especially when remote bandwidth is
limited.

However, I have to wonder if this starts to highlight problems with
split DNS. That could prove, erm, interesting for us.

Kurt

On Mon, Jul 26, 2010 at 07:12, Malcolm Reitz  wrote:
> Smart cards are optional for DirectAccess, not required. What I was trying 
> (poorly) to say was that Microsoft's internal implementation of DirectAccess 
> is set up to require smart card authentication (e.g. MSFT employees must use 
> smart cards). Our DirectAccess implementation currently does not require the 
> users to have a smart card. Smart cards (we use .NET cards - Gemalto is the 
> major vendor in the market) are a quite useful security tool, but they 
> require a distribution/maintenance infrastructure that complicates their use.
>
> Applications that don't work across a DirectAccess link are those which won't 
> work over IPv6. The first one I came across was the Communicator IM client. I 
> think VoIP apps that rely on the SIP protocol fall in to this category as 
> well.
>
> Also, internal applications that you access by IP address only will be a 
> problem. This is because DirectAccess makes it routing decisions based on 
> name resolution, not IP destination. Say your corporate network is using the 
> 10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com". You 
> can tell DirectAccess to send all traffic to *.internal.mycorp.com over the 
> tunnel to your corporate network, but you can't tell it to route all traffic 
> to any 10.x.x.x address across the tunnel. The only way around this is to 
> force all communications across the tunnel (that is, disable 
> split-tunneling). Unfortunately, this has performance implications, as it 
> makes DirectAccess use a less-efficient protocol and increases the load on 
> the DirectAccess servers, not to mention it sends all Internet-bound traffic 
> from the client "the long way" through the corporate network and out the 
> corporate Internet connection.
>
> Hope that makes sense...
>
> -Malcolm
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, July 23, 2010 17:43
> To: NT System Admin Issues
> Subject: Re: Anyone using Forefront UAG and Direct Access
>
> O...
>
> Actual field experience!
>
> Did not know about the smart card requirement. That's good to know.
> What smart card technology are you using, if you can say?
>
> What kind of apps have you run into that don't play nice with it?
>
> Kurt
>
> On Fri, Jul 23, 2010 at 13:29, Malcolm Reitz  wrote:
>> I won’t say DirectAccess is just another VPN, because it isn’t, but it
>> is a VPN technology with pretty robust security. It isn’t an easy
>> setup, as it requires working with IPv6 and certificates, however,
>> once it is running, it is really slick in operation. Just connecting
>> your laptop to the Internet and being instantly able to map corporate
>> file shares and open intranet web apps or RDP sessions is great.
>> Downsides to it are that not everything works with it, as not
>> everything plays nice with IPv6, and the hardware requirements are
>> more significant than for a traditional IPsec VPN. It also only works with 
>> Windows 7 clients.
>>
>>
>>
>> Microsoft has enhanced security on their DirectAccess implementation
>> by requiring their people to use smart cards for DirectAccess authentication.
>> We may do that as well.
>>
>>
>>
>> I can say that everyone using my DirectAccess POC setup is liking it so far.
>> Because of its “always on” nature, I think it will be a great boon to
>> our management of remote computers (they always be connected for
>> patching, AV updates, inventory, etc.).
>>
>>
>>
>> -Malcolm
>>
>>
>>
>> From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
>> Sent: Friday, July 23, 2010 14:51
>> To: NT System Admin Issues
>> Subject: Anyone using Forefront UAG and Direct Access
>>
>>
>>
>> Thoughts?
>>
>> Is it a big security hole?
>>
>>
>

RE: Anyone using Forefront UAG and Direct Access

[Steven M. Caesare]

Oh man, that was awesome.

 

If you have saved away... either please re-post, or send me a copy!

 

-sc

 

From: Maglinger, Paul [mailto:pmaglin...@scvl.com] 
Sent: Monday, July 26, 2010 9:29 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

I need to tuck this one away for the next... what is it called?
Va-ca-tion?  Right along with Clubber Lang's instructions for removing
yourself from the Exchange list.  Priceless...

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Saturday, July 24, 2010 8:40 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

Best. OoO. Reply. Ever.

 

-sc

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 3:53 PM
To: NT System Admin Issues
Subject: FW: Anyone using Forefront UAG and Direct Access

 

This is a new one, 22 OOO's and this.

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

 

Warning...If you see a blond headed, pale white man wandering around
mumbling comments about ISCSI, server migrations, ticket SLA's and has a
crazed look in his eyes...do not attempt to apprehend this man.   He has
escaped from his job and is thought to be attempting what was once known
as vacation.  This is a long ago forgotten ritual and we dont know what
to expect from him.  Best course of action is to offer him a coke and a
smile and back away slowly.   Rumor has it that vacations lasted a week
so you might try to reach him on the 26th.   We have no futher
information on this man but his team can be reached at 813-657-0849 and
can handle any issues while Greg is missing.



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review,
retransmission, dissemination or other use of this information by
persons or entities other than the intended recipient is prohibited. If
you received this in error, please contact the sender and destroy all
copies of this document. Thank you.

Butler Schein Animal Health

** 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Anyone using Forefront UAG and Direct Access

[Jonathan Link]

I've lost thos directions, could you repost for my edification? :-)

On Mon, Jul 26, 2010 at 9:29 AM, Maglinger, Paul wrote:

>  I need to tuck this one away for the next… what is it called?
> Va-ca-tion?  Right along with Clubber Lang’s instructions for removing
> yourself from the Exchange list.  Priceless…
>
>
>
> *From:* Steven M. Caesare [mailto:scaes...@caesare.com]
> *Sent:* Saturday, July 24, 2010 8:40 AM
> *To:* NT System Admin Issues
> *Subject:* RE: Anyone using Forefront UAG and Direct Access
>
>
>
> Best. OoO. Reply. Ever.
>
>
>
> -sc
>
>
>
> *From:* Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
> *Sent:* Friday, July 23, 2010 3:53 PM
> *To:* NT System Admin Issues
> *Subject:* FW: Anyone using Forefront UAG and Direct Access
>
>
>
> This is a new one, 22 OOO’s and this.
>
>
>
> *From:* greg.swe...@actsconsulting.net [mailto:
> greg.swe...@actsconsulting.net]
> *Sent:* Friday, July 23, 2010 3:51 PM
> *To:* Brumbaugh, Luke
> *Subject:* Automatic reply: Anyone using Forefront UAG and Direct Access
>
>
>
> Warning...If you see a blond headed, pale white man wandering around
> mumbling comments about ISCSI, server migrations, ticket SLA's and has a
> crazed look in his eyes...do not attempt to apprehend this man.   He has
> escaped from his job and is thought to be attempting what was once known as
> vacation.  This is a long ago forgotten ritual and we dont know what to
> expect from him.  Best course of action is to offer him a coke and a smile
> and back away slowly.   Rumor has it that vacations lasted a week so you
> might try to reach him on the 26th.   We have no futher information on this
> man but his team can be reached at 813-657-0849 and can handle any issues
> while Greg is missing.
>
>
>
> **
>
> CONFIDENTIALITY NOTICE - The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review, retransmission,
> dissemination or other use of this information by persons or entities other
> than the intended recipient is prohibited. If you received this in error,
> please contact the sender and destroy all copies of this document. Thank
> you.
>
> Butler Schein Animal Health
>
> **
>
>
>
>
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Malcolm Reitz]

Smart cards are optional for DirectAccess, not required. What I was trying 
(poorly) to say was that Microsoft's internal implementation of DirectAccess is 
set up to require smart card authentication (e.g. MSFT employees must use smart 
cards). Our DirectAccess implementation currently does not require the users to 
have a smart card. Smart cards (we use .NET cards - Gemalto is the major vendor 
in the market) are a quite useful security tool, but they require a 
distribution/maintenance infrastructure that complicates their use.

Applications that don't work across a DirectAccess link are those which won't 
work over IPv6. The first one I came across was the Communicator IM client. I 
think VoIP apps that rely on the SIP protocol fall in to this category as well.

Also, internal applications that you access by IP address only will be a 
problem. This is because DirectAccess makes it routing decisions based on name 
resolution, not IP destination. Say your corporate network is using the 
10.x.x.x IPv4 address space and a domain name of "internal.mycorp.com". You can 
tell DirectAccess to send all traffic to *.internal.mycorp.com over the tunnel 
to your corporate network, but you can't tell it to route all traffic to any 
10.x.x.x address across the tunnel. The only way around this is to force all 
communications across the tunnel (that is, disable split-tunneling). 
Unfortunately, this has performance implications, as it makes DirectAccess use 
a less-efficient protocol and increases the load on the DirectAccess servers, 
not to mention it sends all Internet-bound traffic from the client "the long 
way" through the corporate network and out the corporate Internet connection.

Hope that makes sense...

-Malcolm
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, July 23, 2010 17:43
To: NT System Admin Issues
Subject: Re: Anyone using Forefront UAG and Direct Access

O...

Actual field experience!

Did not know about the smart card requirement. That's good to know.
What smart card technology are you using, if you can say?

What kind of apps have you run into that don't play nice with it?

Kurt

On Fri, Jul 23, 2010 at 13:29, Malcolm Reitz  wrote:
> I won’t say DirectAccess is just another VPN, because it isn’t, but it 
> is a VPN technology with pretty robust security. It isn’t an easy 
> setup, as it requires working with IPv6 and certificates, however, 
> once it is running, it is really slick in operation. Just connecting 
> your laptop to the Internet and being instantly able to map corporate 
> file shares and open intranet web apps or RDP sessions is great. 
> Downsides to it are that not everything works with it, as not 
> everything plays nice with IPv6, and the hardware requirements are 
> more significant than for a traditional IPsec VPN. It also only works with 
> Windows 7 clients.
>
>
>
> Microsoft has enhanced security on their DirectAccess implementation 
> by requiring their people to use smart cards for DirectAccess authentication.
> We may do that as well.
>
>
>
> I can say that everyone using my DirectAccess POC setup is liking it so far.
> Because of its “always on” nature, I think it will be a great boon to 
> our management of remote computers (they always be connected for 
> patching, AV updates, inventory, etc.).
>
>
>
> -Malcolm
>
>
>
> From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
> Sent: Friday, July 23, 2010 14:51
> To: NT System Admin Issues
> Subject: Anyone using Forefront UAG and Direct Access
>
>
>
> Thoughts?
>
> Is it a big security hole?
>
>
>
>
>
> Luke L. Brumbaugh
>
> Network Engineer
>
> Butler Animal Health Supply
>
> Ph:(614) 659-1736
>
>
>
> **
>
> CONFIDENTIALITY NOTICE - The information transmitted in this message 
> is intended only for the person or entity to which it is addressed and 
> may contain confidential and/or privileged material. Any review, 
> retransmission, dissemination or other use of this information by 
> persons or entities other than the intended recipient is prohibited. 
> If you received this in error, please contact the sender and destroy 
> all copies of this document. Thank you.
>
> Butler Schein Animal Health
>
> **
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Anyone using Forefront UAG and Direct Access

[Andrew S. Baker]

Indeed. :)

-ASB: http://XeeSM.com/AndrewBaker


On Sat, Jul 24, 2010 at 9:40 AM, Steven M. Caesare wrote:

> Best. OoO. Reply. Ever.
>
>
>
> -sc
>
>
>
> *From:* Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
> *Sent:* Friday, July 23, 2010 3:53 PM
>
> *To:* NT System Admin Issues
> *Subject:* FW: Anyone using Forefront UAG and Direct Access
>
>
>
> This is a new one, 22 OOO’s and this.
>
>
>
> *From:* greg.swe...@actsconsulting.net [mailto:
> greg.swe...@actsconsulting.net]
> *Sent:* Friday, July 23, 2010 3:51 PM
> *To:* Brumbaugh, Luke
> *Subject:* Automatic reply: Anyone using Forefront UAG and Direct Access
>
>
>
> Warning...If you see a blond headed, pale white man wandering around
> mumbling comments about ISCSI, server migrations, ticket SLA's and has a
> crazed look in his eyes...do not attempt to apprehend this man.   He has
> escaped from his job and is thought to be attempting what was once known as
> vacation.  This is a long ago forgotten ritual and we dont know what to
> expect from him.  Best course of action is to offer him a coke and a smile
> and back away slowly.   Rumor has it that vacations lasted a week so you
> might try to reach him on the 26th.   We have no futher information on this
> man but his team can be reached at 813-657-0849 and can handle any issues
> while Greg is missing.
>
>
>
> **
>
> CONFIDENTIALITY NOTICE - The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review, retransmission,
> dissemination or other use of this information by persons or entities other
> than the intended recipient is prohibited. If you received this in error,
> please contact the sender and destroy all copies of this document. Thank
> you.
>
> Butler Schein Animal Health
>
> **
>
>
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Maglinger, Paul]

I need to tuck this one away for the next... what is it called?
Va-ca-tion?  Right along with Clubber Lang's instructions for removing
yourself from the Exchange list.  Priceless...

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Saturday, July 24, 2010 8:40 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

Best. OoO. Reply. Ever.

 

-sc

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 3:53 PM
To: NT System Admin Issues
Subject: FW: Anyone using Forefront UAG and Direct Access

 

This is a new one, 22 OOO's and this.

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

 

Warning...If you see a blond headed, pale white man wandering around
mumbling comments about ISCSI, server migrations, ticket SLA's and has a
crazed look in his eyes...do not attempt to apprehend this man.   He has
escaped from his job and is thought to be attempting what was once known
as vacation.  This is a long ago forgotten ritual and we dont know what
to expect from him.  Best course of action is to offer him a coke and a
smile and back away slowly.   Rumor has it that vacations lasted a week
so you might try to reach him on the 26th.   We have no futher
information on this man but his team can be reached at 813-657-0849 and
can handle any issues while Greg is missing.



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review,
retransmission, dissemination or other use of this information by
persons or entities other than the intended recipient is prohibited. If
you received this in error, please contact the sender and destroy all
copies of this document. Thank you.

Butler Schein Animal Health

** 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Ziots, Edward]

Honestly, 

 

I think we should frame that one in the SYSADMIN Hall of Fame.. 

 

Even I'd be scared to even try and contact greg for anything during his
vacation time, or fear the wrath of a crazied sys admin mubling about
how he is going to route his ISCI network using my head as a conduit...
J 

 

Happy Saturday, 

If anyone is looking for a Windows 2008 Audit layout document, I am
doing the final touches on it this weekend, and should have something
for review next week.  I am sure it will be a nice cheat-sheet for those
that don't spill through the logs each and every day of there lives in
troubleshooting the permissions non-sense...

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Saturday, July 24, 2010 11:37 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

+1

I forwarded that to folks on my current contract last week ...

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Saturday, July 24, 2010 9:40 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

Best. OoO. Reply. Ever.

 

-sc

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 3:53 PM
To: NT System Admin Issues
Subject: FW: Anyone using Forefront UAG and Direct Access

 

This is a new one, 22 OOO's and this.

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

 

Warning...If you see a blond headed, pale white man wandering around
mumbling comments about ISCSI, server migrations, ticket SLA's and has a
crazed look in his eyes...do not attempt to apprehend this man.   He has
escaped from his job and is thought to be attempting what was once known
as vacation.  This is a long ago forgotten ritual and we dont know what
to expect from him.  Best course of action is to offer him a coke and a
smile and back away slowly.   Rumor has it that vacations lasted a week
so you might try to reach him on the 26th.   We have no futher
information on this man but his team can be reached at 813-657-0849 and
can handle any issues while Greg is missing.



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review,
retransmission, dissemination or other use of this information by
persons or entities other than the intended recipient is prohibited. If
you received this in error, please contact the sender and destroy all
copies of this document. Thank you.

Butler Schein Animal Health

** 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Erik Goldoff]

+1

I forwarded that to folks on my current contract last week …

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Saturday, July 24, 2010 9:40 AM
To: NT System Admin Issues
Subject: RE: Anyone using Forefront UAG and Direct Access

 

Best. OoO. Reply. Ever.

 

-sc

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 3:53 PM
To: NT System Admin Issues
Subject: FW: Anyone using Forefront UAG and Direct Access

 

This is a new one, 22 OOO’s and this.

 

From: greg.swe...@actsconsulting.net [mailto:greg.swe...@actsconsulting.net]

Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

 

Warning...If you see a blond headed, pale white man wandering around
mumbling comments about ISCSI, server migrations, ticket SLA's and has a
crazed look in his eyes...do not attempt to apprehend this man.   He has
escaped from his job and is thought to be attempting what was once known as
vacation.  This is a long ago forgotten ritual and we dont know what to
expect from him.  Best course of action is to offer him a coke and a smile
and back away slowly.   Rumor has it that vacations lasted a week so you
might try to reach him on the 26th.   We have no futher information on this
man but his team can be reached at 813-657-0849 and can handle any issues
while Greg is missing.



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of this information by persons or entities other
than the intended recipient is prohibited. If you received this in error,
please contact the sender and destroy all copies of this document. Thank
you.

Butler Schein Animal Health

** 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Steven M. Caesare]

Best. OoO. Reply. Ever.

 

-sc

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 3:53 PM
To: NT System Admin Issues
Subject: FW: Anyone using Forefront UAG and Direct Access

 

This is a new one, 22 OOO's and this.

 

From: greg.swe...@actsconsulting.net
[mailto:greg.swe...@actsconsulting.net] 
Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

 

Warning...If you see a blond headed, pale white man wandering around
mumbling comments about ISCSI, server migrations, ticket SLA's and has a
crazed look in his eyes...do not attempt to apprehend this man.   He has
escaped from his job and is thought to be attempting what was once known
as vacation.  This is a long ago forgotten ritual and we dont know what
to expect from him.  Best course of action is to offer him a coke and a
smile and back away slowly.   Rumor has it that vacations lasted a week
so you might try to reach him on the 26th.   We have no futher
information on this man but his team can be reached at 813-657-0849 and
can handle any issues while Greg is missing.



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review,
retransmission, dissemination or other use of this information by
persons or entities other than the intended recipient is prohibited. If
you received this in error, please contact the sender and destroy all
copies of this document. Thank you.

Butler Schein Animal Health

** 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Anyone using Forefront UAG and Direct Access

[Kurt Buff]

O...

Actual field experience!

Did not know about the smart card requirement. That's good to know.
What smart card technology are you using, if you can say?

What kind of apps have you run into that don't play nice with it?

Kurt

On Fri, Jul 23, 2010 at 13:29, Malcolm Reitz  wrote:
> I won’t say DirectAccess is just another VPN, because it isn’t, but it is a
> VPN technology with pretty robust security. It isn’t an easy setup, as it
> requires working with IPv6 and certificates, however, once it is running, it
> is really slick in operation. Just connecting your laptop to the Internet
> and being instantly able to map corporate file shares and open intranet web
> apps or RDP sessions is great. Downsides to it are that not everything works
> with it, as not everything plays nice with IPv6, and the hardware
> requirements are more significant than for a traditional IPsec VPN. It also
> only works with Windows 7 clients.
>
>
>
> Microsoft has enhanced security on their DirectAccess implementation by
> requiring their people to use smart cards for DirectAccess authentication.
> We may do that as well.
>
>
>
> I can say that everyone using my DirectAccess POC setup is liking it so far.
> Because of its “always on” nature, I think it will be a great boon to our
> management of remote computers (they always be connected for patching, AV
> updates, inventory, etc.).
>
>
>
> -Malcolm
>
>
>
> From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com]
> Sent: Friday, July 23, 2010 14:51
> To: NT System Admin Issues
> Subject: Anyone using Forefront UAG and Direct Access
>
>
>
> Thoughts?
>
> Is it a big security hole?
>
>
>
>
>
> Luke L. Brumbaugh
>
> Network Engineer
>
> Butler Animal Health Supply
>
> Ph:(614) 659-1736
>
>
>
> **
>
> CONFIDENTIALITY NOTICE - The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review, retransmission,
> dissemination or other use of this information by persons or entities other
> than the intended recipient is prohibited. If you received this in error,
> please contact the sender and destroy all copies of this document. Thank
> you.
>
> Butler Schein Animal Health
>
> **
>
>
>
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Anyone using Forefront UAG and Direct Access

[Malcolm Reitz]

I won't say DirectAccess is just another VPN, because it isn't, but it is a
VPN technology with pretty robust security. It isn't an easy setup, as it
requires working with IPv6 and certificates, however, once it is running, it
is really slick in operation. Just connecting your laptop to the Internet
and being instantly able to map corporate file shares and open intranet web
apps or RDP sessions is great. Downsides to it are that not everything works
with it, as not everything plays nice with IPv6, and the hardware
requirements are more significant than for a traditional IPsec VPN. It also
only works with Windows 7 clients.

 

Microsoft has enhanced security on their DirectAccess implementation by
requiring their people to use smart cards for DirectAccess authentication.
We may do that as well. 

 

I can say that everyone using my DirectAccess POC setup is liking it so far.
Because of its "always on" nature, I think it will be a great boon to our
management of remote computers (they always be connected for patching, AV
updates, inventory, etc.).

 

-Malcolm

 

From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] 
Sent: Friday, July 23, 2010 14:51
To: NT System Admin Issues
Subject: Anyone using Forefront UAG and Direct Access

 

Thoughts?

Is it a big security hole?

 

 

Luke L. Brumbaugh

Network Engineer

Butler Animal Health Supply

Ph:(614) 659-1736

 



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is
intended only for the person or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of this information by persons or entities other
than the intended recipient is prohibited. If you received this in error,
please contact the sender and destroy all copies of this document. Thank
you.

Butler Schein Animal Health

** 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Anyone using Forefront UAG and Direct Access

[Kurt Buff]

IMHO, yes, and no.

It's basically IPSec to a gateway inside your network.

Nothing new there.

However, according to what I've read, it makes the connection at boot
time, which allows you to apply GPOs, login scripts, etc.

So, whoever gains access to the machine has access to your network.

Mitigations:

 1) Full Disk Encryption. Must have this to stymie things like
booting from a Nordahl disk to change the Administrator password,
among other things

 2) No Admin access for standard users - don't allow them to
install anything that isn't business-related and authorized. This is
where whitelisting apps is going to be critical.


There are probably other things that can and should be done, but I
believe that's the basics.

Kurt

On Fri, Jul 23, 2010 at 12:51, Brumbaugh, Luke
 wrote:
> Thoughts?
>
> Is it a big security hole?
>
>
>
>
>
> Luke L. Brumbaugh
>
> Network Engineer
>
> Butler Animal Health Supply
>
> Ph:(614) 659-1736
>
>
>
> **
>
> CONFIDENTIALITY NOTICE - The information transmitted in this message is
> intended only for the person or entity to which it is addressed and may
> contain confidential and/or privileged material. Any review, retransmission,
> dissemination or other use of this information by persons or entities other
> than the intended recipient is prohibited. If you received this in error,
> please contact the sender and destroy all copies of this document. Thank
> you.
>
> Butler Schein Animal Health
>
> **
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

FW: Anyone using Forefront UAG and Direct Access

[Brumbaugh, Luke]

This is a new one, 22 OOO's and this.

From: greg.swe...@actsconsulting.net [mailto:greg.swe...@actsconsulting.net]
Sent: Friday, July 23, 2010 3:51 PM
To: Brumbaugh, Luke
Subject: Automatic reply: Anyone using Forefront UAG and Direct Access

Warning...If you see a blond headed, pale white man wandering around mumbling 
comments about ISCSI, server migrations, ticket SLA's and has a crazed look in 
his eyes...do not attempt to apprehend this man.   He has escaped from his job 
and is thought to be attempting what was once known as vacation.  This is a 
long ago forgotten ritual and we dont know what to expect from him.  Best 
course of action is to offer him a coke and a smile and back away slowly.   
Rumor has it that vacations lasted a week so you might try to reach him on the 
26th.   We have no futher information on this man but his team can be reached 
at 813-657-0849 and can handle any issues while Greg is missing.


**

CONFIDENTIALITY NOTICE - The information transmitted in this message is 
intended only for the person or entity to which it is addressed and may contain 
confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, 
please contact the sender and destroy all copies of this document. Thank you.

Butler Schein Animal Health

**

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Anyone using Forefront UAG and Direct Access

[Brumbaugh, Luke]

Thoughts?
Is it a big security hole?


Luke L. Brumbaugh
Network Engineer
Butler Animal Health Supply
Ph:(614) 659-1736



**

CONFIDENTIALITY NOTICE - The information transmitted in this message is 
intended only for the person or entity to which it is addressed and may contain 
confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, 
please contact the sender and destroy all copies of this document. Thank you.

Butler Schein Animal Health

**

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Microsoft Forefront question

[Jon Harris]

No I just got a new position and have not gotten back to testing yet.  I
never have a lot of time when I am working and no hardware when I am not.
That will change though when I get past the 90 day test period on this job.
They have a full development network and I have already been told I will
have time to play (test) with new stuff.

Jon

On Thu, May 6, 2010 at 4:17 PM, Joseph L. Casale
wrote:

> >I had hoped that would get fixed in the new version or is it not out yet?
>
> Been/still in Beta forever on Technet...
> You ran it? (Far too much work to install just to have a look:))
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Microsoft Forefront question

[Joseph L. Casale]

>I had hoped that would get fixed in the new version or is it not out yet?

Been/still in Beta forever on Technet...
You ran it? (Far too much work to install just to have a look:))

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Microsoft Forefront question

[Jon Harris]

I had hoped that would get fixed in the new version or is it not out yet?

Jon

On Thu, May 6, 2010 at 4:09 PM, Joseph L. Casale
wrote:

> >I'm not sure you can do that. Seems like letting them see, was as good as
> letting them do.
>
> Well I can tell you I rechecked my settings, redeployed, and reapplied gpos
> and if you allow them to see but not change, they can only adjust startup
> in `Software Explorer` and turf quarantined items.
>
> Lame...
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Microsoft Forefront question

[Joseph L. Casale]

>I'm not sure you can do that. Seems like letting them see, was as good as 
>letting them do.

Well I can tell you I rechecked my settings, redeployed, and reapplied gpos
and if you allow them to see but not change, they can only adjust startup
in `Software Explorer` and turf quarantined items.

Lame...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Microsoft Forefront question

[Justin Thomas]

I'm not sure you can do that. Seems like letting them see, was as good as
letting them do.

On Thu, May 6, 2010 at 10:57 AM, Joseph L. Casale  wrote:

> >"administrator" where?  I'm an admin on my local machine, I'm part of the
> Domain Admins group... is there another administrator group that I may >not
> be a part of?
>
> Bah, the setting that controls this got set to users `can` view, but only
> admins
> can still change it. Have to look into how that gat changed:)
>
> Maybe allow users to `view` but restrict changes?
>
> jlc
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Microsoft Forefront question

[Joseph L. Casale]

>"administrator" where?  I'm an admin on my local machine, I'm part of the 
>Domain Admins group... is there another administrator group that I may >not be 
>a part of?

Bah, the setting that controls this got set to users `can` view, but only admins
can still change it. Have to look into how that gat changed:)

Maybe allow users to `view` but restrict changes?

jlc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Microsoft Forefront question

[Joseph Heaton]

"administrator" where?  I'm an admin on my local machine, I'm part of the 
Domain Admins group... is there another administrator group that I may not be a 
part of?

I guess it's not that big a deal, as long as the machine isn't showing up in 
MoM/FCS consoles as not checking in/getting updates.  But I just like being 
able to see that info on the local machine.

>>> "Joseph L. Casale"  5/6/2010 8:14 AM >>>
>It doesn't allow me to open a console on the workstation.  Shows an icon in 
>the taskbar, saying it's managed by a system administrator.

Right, like all mine do as a result of that policy being set, unless
obviously you are an "administrator", then it displays, like mine right
now?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: Microsoft Forefront question

[Justin Thomas]

That behavior is controlled at the Forefront server.

On Thu, May 6, 2010 at 9:19 AM, Joseph Heaton  wrote:

> It doesn't allow me to open a console on the workstation.  Shows an icon in
> the taskbar, saying it's managed by a system administrator.
>
> >>> "Hart, Robert"  5/4/2010 11:53 AM >>>
>  When you open the console on the workstation, click on the "Home" button
> and it is listed on the bottom as "Antivirus definition"
>
>
>
>
>
> Bob
>
>
>
>
>
> From: Jon Harris [mailto:jk.har...@gmail.com]
> Sent: Tuesday, May 04, 2010 2:49 PM
> To: NT System Admin Issues
> Subject: Re: Microsoft Forefront question
>
>
>
> I seem to remember that if you call up the interface on the client it
> will tell you date and time of last update.  If it does just compare the
> server and client.  Otherwise look in the logs under application for
> when the last update was.
>
>
>
> Jon
>
> On Tue, May 4, 2010 at 1:36 PM, Joseph Heaton 
> wrote:
>
> How can you tell definition version on a workstation?
> Trying to figure out how to manage this stuff, and it's definitely not
> friendly.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Microsoft Forefront question

[Joseph L. Casale]

>It doesn't allow me to open a console on the workstation.  Shows an icon in 
>the taskbar, saying it's managed by a system administrator.

Right, like all mine do as a result of that policy being set, unless
obviously you are an "administrator", then it displays, like mine right
now?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Microsoft Forefront question

[Joseph Heaton]

It doesn't allow me to open a console on the workstation.  Shows an icon in the 
taskbar, saying it's managed by a system administrator.

>>> "Hart, Robert"  5/4/2010 11:53 AM >>>
When you open the console on the workstation, click on the "Home" button
and it is listed on the bottom as "Antivirus definition"

 

 

Bob

 

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, May 04, 2010 2:49 PM
To: NT System Admin Issues
Subject: Re: Microsoft Forefront question

 

I seem to remember that if you call up the interface on the client it
will tell you date and time of last update.  If it does just compare the
server and client.  Otherwise look in the logs under application for
when the last update was.

 

Jon

On Tue, May 4, 2010 at 1:36 PM, Joseph Heaton 
wrote:

How can you tell definition version on a workstation?
Trying to figure out how to manage this stuff, and it's definitely not
friendly.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Microsoft Forefront question

[Hart, Robert]

When you open the console on the workstation, click on the "Home" button
and it is listed on the bottom as "Antivirus definition"

 

 

Bob

 

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Tuesday, May 04, 2010 2:49 PM
To: NT System Admin Issues
Subject: Re: Microsoft Forefront question

 

I seem to remember that if you call up the interface on the client it
will tell you date and time of last update.  If it does just compare the
server and client.  Otherwise look in the logs under application for
when the last update was.

 

Jon

On Tue, May 4, 2010 at 1:36 PM, Joseph Heaton 
wrote:

How can you tell definition version on a workstation?
Trying to figure out how to manage this stuff, and it's definitely not
friendly.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Microsoft Forefront question

[Jon Harris]

I seem to remember that if you call up the interface on the client it will
tell you date and time of last update.  If it does just compare the server
and client.  Otherwise look in the logs under application for when the last
update was.

Jon

On Tue, May 4, 2010 at 1:36 PM, Joseph Heaton  wrote:

> How can you tell definition version on a workstation?
> Trying to figure out how to manage this stuff, and it's definitely not
> friendly.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Microsoft Forefront question

[Joseph Heaton]

How can you tell definition version on a workstation?

Trying to figure out how to manage this stuff, and it's definitely not friendly.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

Re: New Forefront question

[Justin Thomas]

Oh sure, but the user could run the advertised program to uninstall Symantec
and reboot. We laid it all out for the staff ahead of time, and if they saw
both icons do this, if they saw no icons do that...

On Thu, Apr 22, 2010 at 5:38 PM, Joseph Heaton  wrote:

> Did having both products running in parallel cause any issues?
>
> >>> Justin Thomas  4/21/2010 9:42 AM >>>
>  yes and yes. It's been a couple of years now, but we used SCCM to push
> out
> NoNav, and Forefront installed through WSUS and GP. We couldn't get real
> tight integration of the whole thing, so some folks were running both for a
> period of time. With all of that I suspect we visited at least 10% of the
> machines personally.
>
> On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton 
> wrote:
>
> > Didn't figure it did, but thanks for the verification.
> >
> > Has anyone out there done an extensive migration from Symantec to
> > Forefront?  Is it possible to script/automate the uninstallation of
> > Symantec?
> >
> > >>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>
> >  >I'm currently running SEP11 on my own machine.  I want to add my
> machine
> > to my test group for Forefront Client Security.  Does Forefront cleanly
> > remove SEP?  (I'm thinking not, >but figured I'd ask) or do I need to
> > manually uninstall, and hope I can clean all the cruft left behind?
> >
> > Nope, it doesn't do any of that unfortunately...
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> >
>
>
> --
> Probable Contrarian
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: New Forefront question

[Joseph Heaton]

Did having both products running in parallel cause any issues?

>>> Justin Thomas  4/21/2010 9:42 AM >>>
yes and yes. It's been a couple of years now, but we used SCCM to push out
NoNav, and Forefront installed through WSUS and GP. We couldn't get real
tight integration of the whole thing, so some folks were running both for a
period of time. With all of that I suspect we visited at least 10% of the
machines personally.

On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton  wrote:

> Didn't figure it did, but thanks for the verification.
>
> Has anyone out there done an extensive migration from Symantec to
> Forefront?  Is it possible to script/automate the uninstallation of
> Symantec?
>
> >>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>
>  >I'm currently running SEP11 on my own machine.  I want to add my machine
> to my test group for Forefront Client Security.  Does Forefront cleanly
> remove SEP?  (I'm thinking not, >but figured I'd ask) or do I need to
> manually uninstall, and hope I can clean all the cruft left behind?
>
> Nope, it doesn't do any of that unfortunately...
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: New Forefront question

[Joseph Heaton]

Yep, heard about that a few days ago... great news, as we're getting SCCM 
through our EA, but not OpsMgr.

>>> "Rod Trent"  4/21/2010 9:44 AM >>>
Forefront and ConfigMgr integration announced today at MMS 2010.

 

From: Justin Thomas [mailto:jat...@gmail.com] 
Sent: Wednesday, April 21, 2010 12:42 PM
To: NT System Admin Issues
Subject: Re: New Forefront question

 

yes and yes. It's been a couple of years now, but we used SCCM to push out
NoNav, and Forefront installed through WSUS and GP. We couldn't get real
tight integration of the whole thing, so some folks were running both for a
period of time. With all of that I suspect we visited at least 10% of the
machines personally.

On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton  wrote:

Didn't figure it did, but thanks for the verification.

Has anyone out there done an extensive migration from Symantec to Forefront?
Is it possible to script/automate the uninstallation of Symantec?

>>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>

>I'm currently running SEP11 on my own machine.  I want to add my machine to
my test group for Forefront Client Security.  Does Forefront cleanly remove
SEP?  (I'm thinking not, >but figured I'd ask) or do I need to manually
uninstall, and hope I can clean all the cruft left behind?

Nope, it doesn't do any of that unfortunately...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




-- 
Probable Contrarian

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: New Forefront question

[Rod Trent]

Forefront and ConfigMgr integration announced today at MMS 2010.

 

From: Justin Thomas [mailto:jat...@gmail.com] 
Sent: Wednesday, April 21, 2010 12:42 PM
To: NT System Admin Issues
Subject: Re: New Forefront question

 

yes and yes. It's been a couple of years now, but we used SCCM to push out
NoNav, and Forefront installed through WSUS and GP. We couldn't get real
tight integration of the whole thing, so some folks were running both for a
period of time. With all of that I suspect we visited at least 10% of the
machines personally.

On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton  wrote:

Didn't figure it did, but thanks for the verification.

Has anyone out there done an extensive migration from Symantec to Forefront?
Is it possible to script/automate the uninstallation of Symantec?

>>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>

>I'm currently running SEP11 on my own machine.  I want to add my machine to
my test group for Forefront Client Security.  Does Forefront cleanly remove
SEP?  (I'm thinking not, >but figured I'd ask) or do I need to manually
uninstall, and hope I can clean all the cruft left behind?

Nope, it doesn't do any of that unfortunately...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~




-- 
Probable Contrarian

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: New Forefront question

[Justin Thomas]

yes and yes. It's been a couple of years now, but we used SCCM to push out
NoNav, and Forefront installed through WSUS and GP. We couldn't get real
tight integration of the whole thing, so some folks were running both for a
period of time. With all of that I suspect we visited at least 10% of the
machines personally.

On Wed, Apr 21, 2010 at 11:34 AM, Joseph Heaton  wrote:

> Didn't figure it did, but thanks for the verification.
>
> Has anyone out there done an extensive migration from Symantec to
> Forefront?  Is it possible to script/automate the uninstallation of
> Symantec?
>
> >>> "Joseph L. Casale"  4/21/2010 8:58 AM >>>
>  >I'm currently running SEP11 on my own machine.  I want to add my machine
> to my test group for Forefront Client Security.  Does Forefront cleanly
> remove SEP?  (I'm thinking not, >but figured I'd ask) or do I need to
> manually uninstall, and hope I can clean all the cruft left behind?
>
> Nope, it doesn't do any of that unfortunately...
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>


-- 
Probable Contrarian

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~