Kay Sellenrode's Blog

How often hasn't it occured that you are at a customer location and you want to test the Exchange connectivity.
The Microsoft Exchange Team has launched a test site now so you can test the connectivity without the hasle of having a remote pc to test it.

https://www.testexchangeconnectivity.com/

Currently the following Tests are available.

• Autodiscover test for Outlook 2007
• Outlook 2003 RPC/HTTP test
• Exchange Activesync test
• SMTP Inbound Test

I think these guys are doing great work.
And ofcourse like you're also told on the website, use a test account and not your domain admin account to do the tests.

So to make the Microsoft Certification program more complete they now added a new title MCM Microsoft Certified Master.
Though there isn't a lot of information about it yet i see there will be 5 specialisations

MCM Exchange Server 2007
MCM SQL Server 2008
MCM Windows 2008
MCM OCS 2007 ?? (just guessing on the info i found)
MCM Sharepoint ?? (also just guessing)

For the people that already know the MCA program, this seems to become (the technically) part of it.
In the next weeks there will be more info to find on the Microsoft site.

Whatch the following site http://www.microsoft.com/learning/mcp/master/default.mspx

Lukas Beeler posted a great report about his exam experience today and well as a lot of people are searching for resources how to prepare for this exam, i though this would be quite helpful.

See Lukas his blog

I received an invitation for this beta exam and have scheduled it for next week.

But now i also saw the invitation on the website of Trika i though just let's put a link here so everyone that would like to take the exam is able to.

http://blogs.msdn.com/trika/archive/2008/06/02/register-for-beta-exam-71-652-ts-windows-server-virtualization-configuring.aspx

So this year unfortunately i'm not allowed to attend the Teched IT Pro in Orlando.

Previous years i kept a list of where all the party's are, this year i will keep a list here, even though i'm not able to attend these party's myself i know it will be a lot of fun.

If you have any updates please post them and i will add them to the calendar.
Also take a look at the EXPTA blog for a nice calendar with Extracurricular Activities  

And anyone that would like to sponser me a Conference pass is just send me a message i will be happy to still go there.

Just released on the ISA Blog is the info about what's new in the SP1 of ISA 2006 coming this summer.
Some nice features that i can see are coming:

• Traffic simulation
  This function will let you see what will happen with traffic that wants to go through the ISA server and lets you better troubleshoot what is going wrong
• Support for UCC/SAN certificates.
  well at last it is comming. this caused quite some frustration to a lot of people that were experiencing the new SAN certificates. So now it will be fully supported.
• Configuration Change Tracking
  This will be a loved feature that a lot of large companies like to have, now you can track who made which change and why (if correctly used)

For the full feature set and a more thorough explanation visit the post Jim Harrisson made on the ISA blog.

So it took a while before i could post my expierence sofar with the TMG.
This all due to memory i ordered online and which just arrived 5 weeks later than expected.

So well lets start with my review of this new microsoft product.

The installation is a bit confusing. When you download the 310 MB file for the TMG and you run it, you will be told that it will install the Forefront Threat Management Gateway in "C:\program files(x86)\Microsoft ISA server" and it will finish with a screen telling you, you succesfully installed the TMG. Wow that was a fast setup to install the TMG.

But Badly enough all you just did was unpack the archive. so after browsing around on your hard drive you will find the Microsoft ISA server directory in your x86 (only on 64 bit machines) program files directory.

In there you have the whole setup to install TMG(ISA) on your machine. So i would advise to unpack your files not in program files but put it to your normal setup/install directory where it belongs.

From here you run the ISAAutorun.exe
This will show you the flash screen from where you can start the setup.

And once started with the real setup you notice soon that i has been improved quite some.
you will be prompted with the first question if you would like to install the full product or only the Management tools.
Though it might be a little optimized, after making your choice you will be prompted with the component selection screen. Personly i would like it to be like the office setup, give the user the option to click on an advanced button to select the components individually instead of giving all options.

now you also see why it is important to move the installation files to a different directory, the full product will use the exact same installation directory.
Next you will be given the internal network screen where you specify the internal lan addresses. Hereafter the setup will complete the installation and will end with an Getting Started Wizard.

This Getting started Wizard will guide you trough the basic setup of the TMG.
You start by selecting which profile you would like to use for the network setup.
in my case i used the Edge firewall setup. Hereafter i get prompted to tell what my internal network adapter is.
The meaning i don't really understand since i already provided my internal network address range earlier.
At least i can now specify additional internal routes, which is nice and was missing from the previous versions of ISA

from the network settings you will go to the next step "system settings" , this wizard will be for the most people just default and just to verify that the system is configured for the domain or workgroup.

all will end with the last wizard named "Deployment options". this one is all about Updates for the malware scanning which now is part of the TMG.
So now you have done the basic setup of the TMG, another Wizard will popup "the Web Access Policy Wizard"

And you will be prompted to enable or disable the malware option, default it will be active for a 90 days trial period.
It then lets you specify sites that you want to block for your users, interesting idea. Though i still think this would only work if you could do this with categories and a subscription to updated url lists. Blocking sites manually is mostly a waste of time in my opinion. now (again) you will be asked if you would like to scan your http traffic rules (created through the wizard) for malware. and then for me supprisingly you will be asked if you would like to enable caching on your disk.

Recent years it became less usefull i think to cash data from the internet and most of my customers have it all disabled. And while i was thinking that it would be gone, it is still there.

And ofcourse for enough good reasons, in the reverse proxy scenario it will remove some load from your webservers. And here in the Netherlands we might have great speeds to the internet. But my last trip through guatemala and Honduras showed me that 56k modem connections are still around.

So now we have finished all the default wizards and we come into the new management console.
For the people that have worked with ISA 2004/2006 they all will recognize this console and will just see some additions to what they know. For the few that havn't looked at ISA 2004/2006 and are still on ISA 2000, well it is time to go and take a deep dive into this product.

 My next post will descride my first few days working with the TMG.
if you have any questions just ask, hopefully i can answer them for you.