Well, now that the Forefront line of products is being discontinued by Microsoft, I thought I would publish a Versions table for the Forefront Threat Management Gateway 2010.  Microsoft’s lack of guidance on a replacement for TMG has lead many customers to continue using and installing new TMG 2010 servers, so it’s worthwhile to know the latest versions. 

Read More →







Being able to easily delegate access to domain systems is essential for administrators to enable necessary IT staff to manage their environments. The proper OU structure along with the deployment of Active Directory GPOs makes this a fairly simple task.

GPOs can be used to add users or groups to local admins or to replace the existing memberships. Using GPOs ensures access is granted uniformly and consistently for a specific group of systems, ideally separated by their OU placement.

Read More →

Recently, the time on all of my domain computers was out of sync. Each computer in my domain had the same time, but it was about 10 minutes slow. Domain computers get their time from your domain controller(s), so I looked into syncing the time of my DC with an internet time server. The steps below can be used to sync your DC with an internet time server.

Read More →

These are some notes I took at TechEd a couple of years ago.

7 Steps to Secure Environment:

  • Establish a Security Team
  • Security Assessment – What impacts our bottom line? What is normal?
  • Risk Analysis – For the Assets
  • Write a Security Policy. Enforce it.
  • Design Operations Plans and Security Standards
  • Implement Training and Awareness Measures
  • Perform Ongoing Security Management

10 Immutable Laws of Security Patch Management

  • 1: Security patches are a fact of life
  • 2: It does no good to patch a system that was never secure to begin with
  • 3: There is no patch for bad judgment
  • 4: You cannot patch what you do not know you have
  • 5: The most effective patch is the one you do not have to apply
  • 6: A service pack covers a multitude of patches
  • 7: All patches are not created equal
  • 8: Never base your patching decision on whether you have seen an exploit code … Unless you have seen an exploit code
  • 9: Everyone has a patch management strategy, whether they know it or not
  • 10: Patch management is really Risk Management