Checklist: Access Gateway with Advanced Access Control

After doing a few implementations of the Citrix Access Gateway with Advanced Access Control solution for remote access, I’ve found that successful implementations require some coordination to be implemented within a reasonable time frame. This is especially challenging in large environment where things tend to move slowly. A checklist with prerequisites goes a long way to help, so here’s one I prepared earlier in PDF format:

Download: Introduction to Windows Firewall with Advanced Security

Microsoft have posted a document detailing Windows Firewall with Advanced Security in Windows Vista and Longhorn Server. Many organisations have wanted to apply outbound rules to traffic from their Windows boxes, which they will be able to do if they upgrade to Windows Vista or Longhorn, it’s going to be quite a challenge to implement on a large scale basis. It still surprises me though, how many organisations just turn the firewall off completely - in today’s networks, hosts need to actively protect themselves. Treat your internal network as hostile (more on that to come).

Vista: Restarting with Applications Open

When a user reboots Windows XP or 2000 etc. with a program open the user is presented with all sorts of dialog boxes that are a little jarring and the whole experience has got to be confusing to users with only a basic understanding of Windows. Here’s how Windows Vista does it, quite nice I think. Click the thumbnail for more detail.

Windows Aero over RDP / WPF Remoting(?)

I’ve been checking out a recent build of Windows Vista today and took the chance to look at connecting to a remote Windows Vista machine from Windows Vista over RDP. The result was impressive to say the least. The remote session has full support for Aero Glass including all the minimise/maximise effects as well as Flip 3D. Now this would require that the Aero Glass is drawn on the screen locally rather than sent directly via RDP, which is what WPF Remoting is all about. Brian Madden has more on this here and here. Once this is teamed with seamless window support in Windows Longhorn Server the line between a local and remote application will be further blurred - users should almost never notice the difference. This is exciting stuff, as I am really into the user experience. In the Terminal Server world we are always battling what users perceive to be performance related issues. Once we can say good-bye to the current screen scraping type technologies in RDP and ICA I think users will be much happier. Of course we just need to get the applications to use WPF. Developers are you listening?

WSUS Build Numbers

I’ve recently updated a few WSUS servers with WSUS SP1. The admin tool shows build numbers but does not state if the version is RTM or SP1. For reference these build numbers are:

Citrix AAC and Microsoft's NAP

One of the great features of Citrix Advanced Access Control is the ability to control access to internal resources from trusted machines with End Point Analysis. Citrix have implemented their own client and server components to perform end-point analysis and ensure that client machines are safe for access.