Back in June, Microsoft created a resource section on TechNet for the Windows Firewall, check it out here. There is also a link to an article from way back in May 2004 about how Windows determines if the computer is on the domain network or another network and thus when to apply the Domain Windows Firewall profile or the Standard Windows Firewall profile settings pushed out via Group Policy. Using Group Policy to deliver a Domain and a Standard firewall policy to your workstations, allows you to place a less restrictive firewall policy when inside the coporate network and place a tight firewall policy (read deny all inbound) when a machine is away from the corporate network. Check out the article here:
The Access Gateway 4.2.3 hotfix includes the ability to set the speed of the network connection, a feature that is not mentioned in the readme. For the last AG installation I did the customer wanted to hard set speed and duplex settings, well now they can.
We’ve been accepted into the Citrix Access Gateway 4.5, Standard and Advanced Editions Beta Program. No word on a NDA yet, but hopefully I might get a chance to post some details.
After doing a few implementations of the Citrix Access Gateway with Advanced Access Control solution for remote access, I’ve found that successful implementations require some coordination to be implemented within a reasonable time frame. This is especially challenging in large environment where things tend to move slowly. A checklist with prerequisites goes a long way to help, so here’s one I prepared earlier in PDF format:
Microsoft have posted a document detailing Windows Firewall with Advanced Security in Windows Vista and Longhorn Server. Many organisations have wanted to apply outbound rules to traffic from their Windows boxes, which they will be able to do if they upgrade to Windows Vista or Longhorn, it’s going to be quite a challenge to implement on a large scale basis. It still surprises me though, how many organisations just turn the firewall off completely - in today’s networks, hosts need to actively protect themselves. Treat your internal network as hostile (more on that to come).
When a user reboots Windows XP or 2000 etc. with a program open the user is presented with all sorts of dialog boxes that are a little jarring and the whole experience has got to be confusing to users with only a basic understanding of Windows. Here’s how Windows Vista does it, quite nice I think. Click the thumbnail for more detail.
I’ve been checking out a recent build of Windows Vista today and took the chance to look at connecting to a remote Windows Vista machine from Windows Vista over RDP. The result was impressive to say the least. The remote session has full support for Aero Glass including all the minimise/maximise effects as well as Flip 3D. Now this would require that the Aero Glass is drawn on the screen locally rather than sent directly via RDP, which is what WPF Remoting is all about. Brian Madden has more on this here and here. Once this is teamed with seamless window support in Windows Longhorn Server the line between a local and remote application will be further blurred - users should almost never notice the difference. This is exciting stuff, as I am really into the user experience. In the Terminal Server world we are always battling what users perceive to be performance related issues. Once we can say good-bye to the current screen scraping type technologies in RDP and ICA I think users will be much happier. Of course we just need to get the applications to use WPF. Developers are you listening?
The latest TechNet Magazine has an article by Raymon Chen on the “Program Files” and “Documents and Settings” folders, including changes to the profiles folder in Windows Vista. It gives some clarification to the changes in Vista and I thought that it applies to my previous post.
