Browsing: Security

How to Setup IIS for SSL Perfect Forward Secrecy and TLS 1.2


An often overseen action is to lock down Internet Information Services. You can increases security of SSL connections to your server by disabling insecure SSL2 and SSL3 and all insecure and weak ciphers that a browser may fall-back, too. I recently found a great PowerShell script, which can help implement the current best practices for IIS in a quick way. This PowerShell script setups your Microsoft Internet Information Server 7.5/8.0/8.5/10 (IIS) on Windows 2008R2/2012/2012R2/2016 to support TLS 1.1 and TLS 1.2…

Configure RSA Authentication on a TMG Server for OWA Publishing


This post is based on recent field notes. Instead of creating a new detailed post with step by step information on how to configure RSA Authentication on a TMG Server, I have compiled the information and steps needed to configure RSA Authentication on a TMG Server. Below is a small overview of the steps needed to configure RSA Authentication on a TMG server for use with Outlook Web App. The overview of the steps: On the RSA Authentication Server create…

Released: Rollup 4 for Forefront Protection for Exchange


Hotfix Rollup 4 for Forefront Protection 2010 for Exchange Server (FPE) has been made available by Microsoft. It includes a series of enhancements and new features. For a list of the fixes in RU4 for FPE: Email is sent to the Forefront Protection for Exchange UNDELIVERABLE folder instead of being delivered UNC and proxy credentials are stored in clear text in the Forefront Protection for Exchange file system The Forefront Protection for Exchange FSEMachinePrep.exe fails with a fatal error The…

Forefront Security for OCS available


Microsoft has released Forefront security for Office Communications Server (FSOCS) as RTM. FSOCS provides fast and effective protection against IM-based malware for OCS 2007 and OCS 2007 R2 environments by including multiple scanning engines from industry-leading security partners. FSOCS also helps reduce corporate liability by blocking instant messages containing inappropriate content. This release includes: 64bit support Support for OCS 2007 R2 Support for OCS 2007 Enterprise Edition server roles Integration with OCS 2007 Access Edge role to protect corporate IM…

URLScan 3.0 beta


Microsoft has released a beta version of UrlScan 3.0. UrlScan is a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from being processed by web applications on the server. UrlScan can also be configured to help against SQL injection attacks. Download UrlScan 3.0 beta: x86 version x64 version Supported platform: Internet Information Services 5.1, 6.0 or 7.0 Steve Schofield has written…

1 2
Copyright 2005-2015 - Peter Schmidt.