Microsoft have posted a document detailing Windows Firewall with Advanced Security in Windows Vista and Longhorn Server. Many organisations have wanted to apply outbound rules to traffic from their Windows boxes, which they will be able to do if they upgrade to Windows Vista or Longhorn, it’s going to be quite a challenge to implement on a large scale basis. It still surprises me though, how many organisations just turn the firewall off completely - in today’s networks, hosts need to actively protect themselves. Treat your internal network as hostile (more on that to come).

When a user reboots Windows XP or 2000 etc. with a program open the user is presented with all sorts of dialog boxes that are a little jarring and the whole experience has got to be confusing to users with only a basic understanding of Windows. Here’s how Windows Vista does it, quite nice I think. Click the thumbnail for more detail.

I’ve been checking out a recent build of Windows Vista today and took the chance to look at connecting to a remote Windows Vista machine from Windows Vista over RDP. The result was impressive to say the least. The remote session has full support for Aero Glass including all the minimise/maximise effects as well as Flip 3D. Now this would require that the Aero Glass is drawn on the screen locally rather than sent directly via RDP, which is what WPF Remoting is all about. Brian Madden has more on this here and here. Once this is teamed with seamless window support in Windows Longhorn Server the line between a local and remote application will be further blurred - users should almost never notice the difference. This is exciting stuff, as I am really into the user experience. In the Terminal Server world we are always battling what users perceive to be performance related issues. Once we can say good-bye to the current screen scraping type technologies in RDP and ICA I think users will be much happier. Of course we just need to get the applications to use WPF. Developers are you listening?

The latest TechNet Magazine has an article by Raymon Chen on the “Program Files” and “Documents and Settings” folders, including changes to the profiles folder in Windows Vista. It gives some clarification to the changes in Vista and I thought that it applies to my previous post.

I’ve recently updated a few WSUS servers with WSUS SP1. The admin tool shows build numbers but does not state if the version is RTM or SP1. For reference these build numbers are:

One of the great features of Citrix Advanced Access Control is the ability to control access to internal resources from trusted machines with End Point Analysis. Citrix have implemented their own client and server components to perform end-point analysis and ensure that client machines are safe for access.

When Microsoft released Windows 2000, the new default UI font was changed to Tahoma from Microsoft Sans Serif. Unfortunately, not every team involved in developing Windows got the memo detailing this change. (There’s a whole team for the Display properties applet right?). I think it was also the same teams that then forgot to change the font in various dialogs in Windows XP. It still haunts us in various locations in Windows Vista as of build 5456 for which the new UI font is Segoe UI. Well if you’re picky like me and just want to see the same font across all UI elements, you can get most of the way there with a couple of registry edits. Navigate to:

I have a discussion topic that comes up again and again - client A has an application from vendor X that has only just been certified to run on Citrix Presentation Server version Y. This discussion topic is driving me nuts, driving me up the wall, round the bend, I think I’m gonna have an aneurism. Why is the concept of Presentation Server so hard to understand? Presentation Server does not do anything to applications, it’s Terminal Services that is doing the work. Write the applications properly in the first place so we can run it anywhere, run it as a limited user, run it on the latest Service Pack and run on Terminal Server. It’s not that hard, start here: http://msdn.microsoft.com.

Citrix have added a new ICA client to their download site. This client is very interesting as it uses application virtualisation from Thinstall that allows the user to run the ICA client without installing it. This is great for users who travel and may want to access applications from their corporate network, but end up in an Internet cafe where the computers don’t have the Citrix ICA Client installed.This client runs from a single compressed executable and evidently requires no change to the host PC. You can read more about the client here.

If you currently have Office 2003 (or any Office 2003 component such as Visio or Publisher) installed you’ll run into some problems if you upgrade to Office 2007 Beta 2*. The Office 2003 components will not be completely removed and you may have issues such as returning shortcuts or Outlook add-ins trying to reinstall eventually bringing Office 2007 to a grinding halt. If this happens, check out the “Windows Installer CleanUp Utility” for removing all vestiges of Office 2003. You may then have to perform a repair of the Office 2007 applications. See KB290301 for more information. Probably best to remove an earlier version of Office before installing Office 2007.