How to Setup IIS for SSL Perfect Forward Secrecy and TLS 1.2

An often overseen action is to lock down Internet Information Services. You can increases security of SSL connections to your server by disabling insecure SSL2 and SSL3 and all insecure and weak ciphers that a browser may fall-back, too. I recently found a great PowerShell script, which can help implement the current best practices for IIS … Read more

Released: Rollup 4 for Forefront Protection for Exchange

Hotfix Rollup 4 for Forefront Protection 2010 for Exchange Server (FPE) has been made available by Microsoft. It includes a series of enhancements and new features. For a list of the fixes in RU4 for FPE: Email is sent to the Forefront Protection for Exchange UNDELIVERABLE folder instead of being delivered UNC and proxy credentials … Read more

Forefront Security for OCS available

Microsoft has released Forefront security for Office Communications Server (FSOCS) as RTM. FSOCS provides fast and effective protection against IM-based malware for OCS 2007 and OCS 2007 R2 environments by including multiple scanning engines from industry-leading security partners. FSOCS also helps reduce corporate liability by blocking instant messages containing inappropriate content. This release includes: 64bit … Read more

URLScan 3.0 beta

Microsoft has released a beta version of UrlScan 3.0. UrlScan is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from being processed by web applications on the server. UrlScan can also be configured to help … Read more