We’ve been accepted into the Citrix Access Gateway 4.5, Standard and Advanced Editions Beta Program. No word on a NDA yet, but hopefully I might get a chance to post some details.
After doing a few implementations of the Citrix Access Gateway with Advanced Access Control solution for remote access, I’ve found that successful implementations require some coordination to be implemented within a reasonable time frame. This is especially challenging in large environment where things tend to move slowly. A checklist with prerequisites goes a long way to help, so here’s one I prepared earlier in PDF format:
This is listed in the Access Gateway Administrators document, but it’s buried deep, so here’s my own version.
Microsoft have posted a document detailing Windows Firewall with Advanced Security in Windows Vista and Longhorn Server. Many organisations have wanted to apply outbound rules to traffic from their Windows boxes, which they will be able to do if they upgrade to Windows Vista or Longhorn, it’s going to be quite a challenge to implement on a large scale basis. It still surprises me though, how many organisations just turn the firewall off completely - in today’s networks, hosts need to actively protect themselves. Treat your internal network as hostile (more on that to come).
When a user reboots Windows XP or 2000 etc. with a program open the user is presented with all sorts of dialog boxes that are a little jarring and the whole experience has got to be confusing to users with only a basic understanding of Windows. Here’s how Windows Vista does it, quite nice I think. Click the thumbnail for more detail.
I’ve been checking out a recent build of Windows Vista today and took the chance to look at connecting to a remote Windows Vista machine from Windows Vista over RDP. The result was impressive to say the least. The remote session has full support for Aero Glass including all the minimise/maximise effects as well as Flip 3D. Now this would require that the Aero Glass is drawn on the screen locally rather than sent directly via RDP, which is what WPF Remoting is all about. Brian Madden has more on this here and here. Once this is teamed with seamless window support in Windows Longhorn Server the line between a local and remote application will be further blurred - users should almost never notice the difference. This is exciting stuff, as I am really into the user experience. In the Terminal Server world we are always battling what users perceive to be performance related issues. Once we can say good-bye to the current screen scraping type technologies in RDP and ICA I think users will be much happier. Of course we just need to get the applications to use WPF. Developers are you listening?
The latest TechNet Magazine has an article by Raymon Chen on the “Program Files” and “Documents and Settings” folders, including changes to the profiles folder in Windows Vista. It gives some clarification to the changes in Vista and I thought that it applies to my previous post.
I’ve recently updated a few WSUS servers with WSUS SP1. The admin tool shows build numbers but does not state if the version is RTM or SP1. For reference these build numbers are:
One of the great features of Citrix Advanced Access Control is the ability to control access to internal resources from trusted machines with End Point Analysis. Citrix have implemented their own client and server components to perform end-point analysis and ensure that client machines are safe for access.
When Microsoft released Windows 2000, the new default UI font was changed to Tahoma from Microsoft Sans Serif. Unfortunately, not every team involved in developing Windows got the memo detailing this change. (There’s a whole team for the Display properties applet right?). I think it was also the same teams that then forgot to change the font in various dialogs in Windows XP. It still haunts us in various locations in Windows Vista as of build 5456 for which the new UI font is Segoe UI. Well if you’re picky like me and just want to see the same font across all UI elements, you can get most of the way there with a couple of registry edits. Navigate to: