I just can't resist sharing some of my favorite photos from our trip to Hawaii. There was amazing snorkeling right outside the condo we were renting, with tons of turtles, fish, and even a couple of eels:

David and I had a lot of fun snorkeling and "diving":

This one was from an aquarium, not the sea, but it still turned out nice:

Beautiful sunsets too, from right off our balcony:

Take a deep breath... now, time to catch up on email and get back to work. :-)

When running in a Non-Exchange (2000 or higher) Active Directory environment in which you want to use the Microsoft Online Directory Synchronization Tool, there are certain AD user Attributes that must be configured if you want those User Login User Principal Names (UPNs) to be consistent with is being used in the On-Premise Active Directory Environment.

For Example:

An On-Premise Active Directory using the Domain Namespace of Contoso.com which have users with a login UPN of user@contoso.com.  There is no Exchange 2000 Messaging environment within this Active Directory, however user objects have their MAIL attribute configured, so they are mail enabled.  This MAIL attribute is used in a Non-Exchange AD Environment when running DirSync when creating new Microsoft Online Users.  To get the On-Premise User Login to mirror what is used in the Microsoft Online Company environment, you must follow the below steps:

  - Create a Microsoft Online Domain using the same name as used in the On-Premise environment, such as Contoso.com

  - Verify this Microsoft Online Domain, which proves ownership and allows a Microsoft Online Administrator to create new users using this Domain and to provide (Add) additional SMTP addresses to existing users.

  -  Set this Domain as Default.  As new users are created and/or Directory Synchronized, their account and email address will use this Domain (Online user's will always have a secondary Email Proxy address of companyX.microsoftonline.com, which is provided as a Default Routing Domain, created during the Online Company's Provisioning process).

  - Modify/Add On-Premise Active Directory User object's MAIL attribute with an email address that was previously created and verified (i.e. user@Contoso.com)

 - Run the Microsoft Online Directory Synchronization Tool, which will replicate all Mail and Mailbox enabled users/groups into the Microsoft Online Company as Deactivated Users.

Note:  From this point, a Microsoft Online Company Admin can Activate these users, which will be given services granted by the Online Administrator.  Their Login UPN and default SMTP address will be user@contoso.com instead of the default user@Contoso1.microsoftonline.com

This was really interesting…. did you know that Microsoft ISA Server and Forefront TMG are supported on hardware virtualization in accordance with the following programs:

· Microsoft Support Lifecycle

· Microsoft ISA Server 2000 System Requirements

· Microsoft ISA Server 2004 System Requirements

· Microsoft ISA Server 2006 System Requirements

· Forefront TMG System Requirements

· Microsoft Server Virtualization Validation Program (SVVP)

· Support Policy for Microsoft software running on non-Microsoft hardware virtualization software

For example, if a hardware virtualization platform is listed as ”validated” with the SVVP (not “under evaluation”), Microsoft ISA Server and Forefront TMG will be supported for production use on that platform within the limits prescribed in the Microsoft Product Support Lifecycle, Non-Microsoft hardware virtualization policies and the system requirements for that product version and edition.

For hardware virtualization platforms not listed with the SVVP, Microsoft ISA Server and Forefront TMG are supported in accordance with remaining Microsoft support policies, limited as follows:

· Desktop virtualization, such as Microsoft Virtual PC or similar 3^rd-party product: supported for demonstration and educational use only

· Server Virtualization, such as Microsoft Virtual Server or similar 3^rd-party product: supported, but not recommended for production use

Important: as stated in MSKB 897615, Microsoft support engineers may request that a customer reproduce a reported problem on real hardware or within an SVVP-listed hardware virtualization platform before continuing with the case.  If the problem cannot be reproduced in hardware or on SVVP-listed server virtualization product of similar class, the case may be deferred to the 3^rd-party vendor product support.

You can also now view the video interview David did with Jim.  He explains various things around virtualization with ISA/TMG and there are some topics they discuss (such as virtual ISA failover) which you won’t find in the guide.

http://edge.technet.com/Media/Virtualize-your-ISA-or-Forefront-TMG-servers/

Ok, when Adam did the Edge interview with Bob Muglia back in January at his office, he talked about having a 9 server infrastructure at home.  Tina Wood actually went to his home and published a video today which shows this.  Bob shows his server room with raised floors and a terminal server console which they have around their home to control various functions of his house.  I guess being the geek I am, I got exited at the idea of having my own server "Rack P_ _ _" at home and thought I'd blog about it.  Also, it is pretty cool to know my boss 5 levels up (Bob is directly under Steve Ballmer) is an IT guy.

The question we still don't have answered though is - does Bob use a Home Server?

Well I just want to introduce you to a new writer who is gonna come along and help giving you great content on virtualworld! Duane Thomas is one of my buddies and fellow speaker whores :o) within PFE. Duane and I work closely on the Virtualization community and with our customers and its great to have Duane contributing into the blog! You should see loads of cool stuff coming from Duane which I hope you all enjoy! So let me hand it over to Duane for his first post!

---------------------------------

Well you might not be as Vista gadget crazy as I am but this is still very cool!  I am a firm believer that the Vista sidebar is a great platform for BI information, and IT KPI or dashboards.  It’s a shame we haven’t seen more gadgets like this one!

One of my customers pointed this out to me yesterday (Thanks Matt Black!)

Hyper-V Monitor Gadget for Windows Sidebar!

Tore Lervik has created just such a gadget!  Check out his page here http://mindre.net/post/Hyper-V-Monitor-Gadget-for-Windows-Sidebar.aspx

The gadget can list multiple servers at once and also support vmconnect when double clicking on a VM.
PS: The gadget uses WMI to connect to the server so the user need remote WMI access (Step 5) on the Hyper-V server.

The things I really like about the gadget are the ability to VMconnect to a VM from the gadget and the fact the gadget auto populates the machines and status of machines.

Have a go!  Make sure you provide your feedback and comments back to Tore at this blog.

That’s all for now. 

Duane

Today’s post is from Kathy Davies one of the excellent Hyper-V technical writers.  Enjoy!

Here is some preliminary documentation on planning for backing up Hyper-V VMs. It will eventually be made part of our Planning and Deployment guide on TechNet.

Planning for Backup

When you plan a backup and recovery strategy for a virtualized server environment, there are several factors to consider. You must consider the different types of backups you can make, the state of the virtual machine, and the type of storage being used by the virtual machines. This topic discusses the advantages, disadvantages, and considerations for these factors.

Understanding the backup options and considerations

The backup integration service and the Hyper-V Volume Shadow Copy Service (VSS) Writer provide the mechanism for backing virtual machines as well as system-wide settings that apply to Hyper-V. There are two basic methods you can use to perform a backup. You can: 

· Perform a backup from the server running Hyper-V. Using this method to perform a full server backup is the recommended method because it captures more data than the other method. If the storage is compatible with Hyper-V and the Hyper-V VSS Writer, you can perform a full server backup that helps protect all of the data required to fully restore the server. The data included in such a backup includes the configuration of virtual machines and virtual networks, snapshots associated with the virtual machines, and virtual hard disks used by the virtual machines. As a result, using this method can make it easier to recover the server if the need arises, because you will not have to recreate virtual machines or system-wide settings such as virtual networks.

· Perform a backup from within the guest operating system of a virtual machine. This method is useful when you need to back up data from storage that is not supported by the Hyper-V VSS writer.

Storage considerations

As you plan your backup strategy, consider the compatibility between the storage and backup solutions:

· Virtual hard disks offer the best compatibility and can be stored on many types of physical media. For more information about the types of storage you can use with Hyper-V, see “Hardware Considerations” in the Hyper-V Planning and Deployment Guide on TechNet (http://technet.microsoft.com/en-us/library/cc816844.aspx).

· Network-based storage such as shared folders should be used with caution. If the network-based storage is unavailable when a backup is attempted, the backup will fail.

· Physical disks that are directly attached to a virtual machine (sometimes referred to as ‘pass-through disks’) cannot be backed up by the Hyper-V VSS writer. As a result, this type of disk will not be included in any backup performed by a backup program that uses the Hyper-V VSS writer. In this situation, you would need to use some other process to back up the physical disk. For example, you could run a backup of the data on the iSCSI storage from a backup application running in the guest operating system.

· Storage accessed from a virtual machine by using an Internet SCSI (iSCSI) initiator within the guest operating system will not be included in a backup of the physical computer. In this scenario, you must use another process to back up the data from the iSCSI-based storage before you perform a full server backup. For example, you could run a backup of the data on the iSCSI storage from a backup application running in the guest operating system.

· iSCSI-based storage is supported for backup by the Hyper-V VSS writer when the storage is connected through the parent partition and the storage is used for virtual hard disks.

Understanding online and offline backups

Whether a backup is performed online or offline depends on whether the backup can be performed without downtime.

An online backup can be performed with no downtime on a running virtual machine when all of the following conditions are met:

· Integration services are installed and the backup integration service has not been disabled.

· All disks being used by the virtual machine are configured within the guest operating system as NTFS-formatted basic disks. Virtual machines that use dynamic disks or the FAT32 file system prevent an online backup from being performed.

· Volume Shadow Copy Service must be enabled on all volumes used by the virtual machine with a specific configuration. Each volume must itself as the storage location for its shadow copies and that mapping must be available to the Hyper-V VSS writer. In other words, the shadow copy storage of C: should be on C:, the shadow copy storage of D: should be on D:, so on an so forth.

If an online backup cannot be performed, then an offline backup is taken. This type of backup results in some degree of downtime. A variety of factors can affect the time required to take an offline backup. If the virtual machine is running or paused, it is put into a saved state as part of the offline backup process. After the backup is completed, the virtual machine is returned to its existing state.

This continues from Part 6. Ok Here is the topology we are following;

Now I have installed a default installation of Windows Vista Enterprise Edition on my 2nd Virtual PC and joined it to the appv.internal domain.

All I want to do is get the client installed and test the streaming functionality from my client to my server.

Again go to connect.microsoft.com and download the latest RC build and unzip the build to your machine.

1) Run the setup.exe and install and pre-reqs that have not been installed to date.

2) Once the pre-reqs are installed the welcome screen will appear. Click Next. On the licence agreement read it and than agree to the agreement and click next.

3) For my client I have select to use windows update and than click next. In the setup type select custom to see the detail installation

4) Keep the default installation path and click next. In the data location section click next.

5) In the Cache Size setting i have just set a cache size but this option is down to how much you want. You can have 1TB if you really want that! In the runtime package policy click next (although i could have put the ASR path in at this point!).

6) In the Publishing Server Section set a name for the Settings (SGServer) and than select Enhanced Security Application Virtualization. In the Host Name my path is my certificates common name which is stream.appv.internal.

Click Next and than click install

7) Once installed click finish and than restart the computer.

8) Now the ASR should have been set from Part 6 which means if we look in the registry we can see the settings that have been set by policy. If not than run a GPUPDATE /FORCE and get the policy.

9) And once I have set up an application in my management console to be enabled for streaming my application will be delivered by RTSPS to my client. So now DCRefresh and my applications are streaming over RTSPS.

I hope that this little series helps anyone new get rapidly into App-V 4.5 and if you have any problems or think that you want a few extra steps please feel free to ping me and let me know!

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

This Continues from Part 5. The topology for this is;

The template focus is on registry settings that are well suited to controlling via ADM Template/Group Policy infrastructure and are the most likely to be customized. The ADM Template covers over 40 registry settings, including many of our newest features. For example, the ADM Template includes:

• New flags that allow overriding the location configured in the Open Software Description (OSD) file for the Application Source Route (ASR), the Icon Source Root (ISR), and the OSD Source Root (OSR) with the registry value located on the client
• New Auto Load settings including when to target apps and what will start an Auto Load
• New Reporting Configuration options
• New Client Logging settings like maximum log size and number of copies to keep
• All permissions settings visible through the App Virtualization Client
• Disconnected Operation configuration
• Client user interface settings that control how the Tray behaves

The ADM Template allows controlling Preferences (not enforced policies). When you import the template, you need to go through the following steps to see it in the Group Policy Editor.

1) First extract the ADM template by running the msi that you download from connect. By default this will go to C:\AppVirtADMTemplate (RC)\AppVirt.adm. I have than copied this adm to c:\windows\system32\inf

2) Load the Group Policy Management Console and where you have your computers that will be used as clients create and link a new group policy and then start to edit the policy

3) Once in the policy confirm that Filter on is not enabled. If the filter is on than there will be a tick box beside it. Make sure there is no tick box like below.

4) Under Computer Settings>Policies>Administrative Templates>Classic Administrative Templates we will find the new App-V preferences.

5) In the Communications settings I want to modify my clients settings for ASR to rtsps://stream.appv.internal:322

Once you set the and Enable the ASR settings for the above path come out of editing the policy and confirm that your Clients will be located into the OU where the policy is applied.

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

This Continues from Part 4. The topology is as follows;

Now we have installed the App-V Management Server on Windows Server 2008 we need to allow some ports to be open to allow client-server communication to take place.

To do this easiest way is to use Program Rules.

Program rule. This type of rule allows traffic for a particular program. You can identify the program by program path and executable name.

We need to go through this process twice for two different program rules!!!

1) From the Start menu go into Windows Firewall with Advanced Security. In the Windows Firewall with Advanced Security On the Inbound Rules right click and select New Rule.

2) In the Rule Type select Program and select next, Now in the program path we need to add the following rules for the Management Server

- %PROGRAMFILES%\Microsoft System Center App Virt Management Server\App Virt Management Server\bin\sghwdsptr.exe

-%ProgramFiles%\Microsoft System Center App Virt Management Server\App Virt Management Server\bin\sghwsvr.exe

You will have to do a separate rule for each of the above! and than click next.

3) Now allow the connection and click next and than click next for the profiles.

4) Enter a name for each rule and click Finish!

This configuration will now allow your App-V management server to communicate correctly with your App-V clients! The ports will be automatically set depending on what the .exe is listening for.

Great Great Windows Server 2008 Feature!

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

This Continues from Part 3. The Topology for this looks like;

So now we have all our bits Installed on our Windows Server 2008 system. What I want to do is install the App-V management Server. To do this we need to get the source files from connect.microsoft.com .

I have also gone into Active Directory User and Computers and created two groups;

1) App-V Admins (I have added my administrator account into this)

2) App-V Users (I have added this to the Domain Users Group as a nested group)

1) On the extracted files click the setup.exe to start the installation. On the Welcome screen, click Next.

2) On the License Agreement screen, have a very good read of the license agreement, select I accept the terms in the license agreement , and click Next. (Only select I agree if you do really agree :o) ) . On the Microsoft Update I have selected to allow this and click Next.

3) On the Registering Information screen, enter the name of a user and the user's organization, and then click Next. Now In the Setup Type select the Custom Install (we are Big administrators these days so we can risk it!) and than select Next.

4) On the Custom Setup screen, Select all Application Virtualization Platform components and then click Next. Now in the configuration database I have chosen to point the installation directly to my database by checking the use the following database and specify my local machine and the default SQL port of 1433 and then click Next.

5) Select Create a new database and Type your new database name (in my case APPVIRT) and then select next. Now in the connection security mode lets get hard core and select use enhanced security. In the drop down select your appropriate certificate that we created in IIS7 in part 3 and than select next.

6) On the Port Setting screen, select the default port (322) and then click Next. On the Administrator Group screen, enter the name of the administrator group, remember at the beginning of this post I said I had already created the Global Group for App-V Admins (which i specified), and then click Next.

7) On the Default Provider Group screen, enter the name of the default provider group, Again remember we specified this earlier (App-V Users) and then click Next. In the Content Path location I am going to leave it in the default location for now and click next.

8) Click Install and walk off to make that cuppa tea and coffee again as we wait for all the database/Management server/Web Service to be installed and created.

9) Once completed click finish and say yes to accept the server being rebooted!

10) Once rebooted that the installation done……… well we do actually have a few minor steps left to go :o)

Now what you may ask is the few extra steps that are required! well you know that certificate we installed earlier. We need to ACL it to allow the network service to have access to use the certificate and RTSPS.

At this moment in the sft-server.txt file you should see the following messages

To give the network service access to the certificate we must Modify the permissions of the certificate to allow access to the security context that the App-V service runs as and is required for successful TLS secured communication.  If this is not done, all TLS communications will fail when SChannel attempts to access the key during a TLS transaction.

In order to modify the permissions of the certificate a Windows Server 2003 Resource Kit tool, WinHttpCertCfg.exe can be used.  There are other ways to modify the certificate permissions, however this is the most straightforward and easy way of completing this task.  The winhttpcertcfg.exe tools is available at the link below.

http://msdn.microsoft.com/en-us/library/aa384088(VS.85).aspx

1. On the machine that will become the App-V Management or Streaming server, type the following commands in the command shell to list the current permissions assigned to a specific certificate.

winhttpcertcfg -l -c LOCAL_MACHINE\My -s Name_of_cert

2. Next, if necessary modify the permissions of the certificate to provide read access to the security context that will be used for Management or Streaming Service.

NOTE:  The default security context is Network Service.

winhttpcertcfg -g -c LOCAL_MACHINE\My -s Name_of_cert -a NetworkService

3. Verify that the security context was properly added by listing the permissions on the certificate.

winhttpcertcfg –l –c LOCAL_MACHINE\My –s Name_of_cert

Once this is completed and is successful restart your App-V Management Server Service and review the sft-server.txt which should look a lot happier;

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

This post Continues from Part 2. The topology for this is;

Ok so this is a bit of a long bit. I want to use App-V for secure communication over my network. The reason for this is that I want to allow my infrastructure to have the potential for secure communication over an Internet Facing Scenario OR just to prevent the possibility of a man in the middle attack.

Now lets also think about App-V 4.5 is set up in a secure by default method. In other words YOU have to dumb the security down. Now I like this feature, I like the Idea of securing my network communication either by HTTPS or RTSPS.

So I am not a cert guru! :o) but wanted to give you a step-by-step to get this setup in the test lab.

1) Go into Server Manager and right Click on Roles> Add Role. In the Before you begin Section Click Next

2) In the Select Server Role Section Click “Active Directory Certificate Services” and then click Next. In the next screen click next again

3) Now I have added the Certificate Authority Web Enrolment , the reason why is so that i could add a web page for certificate requests if I so wanted. So select “Certificate Authority Web Enrolment” and click Add Required Server Role when the pop up comes up.

4) Once onto the “Setup Type” I have selected the Enterprise option and click Next, then select Root CA (This is because it is my first and ONLY CA in my test environment)

5) In the “Private Key” section select “create a new private key” and than click Next, now in the “Configure Cryptography for CA” i have just set up some basics which you can see in the below.

6) Now set up your common name for your CA (I will not be using this certificate for my App-V deployment and will create another a bit later) and click next, now for my test environment I have set a 5 year certificate.

7) In the “Certificate Database” I have just left the default and then click Next, In the “Introduction to IIS” click next (this is just configuring some additions to IIS for certificate requests) and than click next.

8) In the Role Services section click next, review the configuration changes and click Install

9) Again go grab a cuppa tea or coffee and let the installation take place, once complete click finish.

Now a little earlier I said that I would not use the original certificate that I created for my Root CA. What I want to do is issue a new certificate for my management server. You can do this from the IIS7 Management Console. To do this log into the IIS 7 management console via the administration tools.

1) In IIS7 select your server in the left hand pane, now in the right hand screen you should see a section that says “Server Certificates” . Now when you select this you will go into the Server Certificates pane. In this area we want to create a new certificate request, so click create certificate request on the right hand side or right click in the right pane and select create certificate request.

2) Now in the details of my certificate I am going to set the following;

Common Name: stream.appv.internal ( This is my DNS name which I will point my clients to)
Organisation Details: This will depend on your details :o)

Once this is set up click Next, In the Online Certificate Authority Browse and search for your CA (this is what we set up earlier in this blog!) and than click Finish!

3) Once that is set up you should be able to see your certificate. In the right hand pane!

Ok that's the initial set up for the certificates! However we are going to have to come back to this after the Installation of the management server to re-ACL the certificate that we have created for the management server.

DNS Update

One last piece!

We have created a certificate for stream.appv.internal you will also have to add a Alias or CNAME in your DNS forward lookup zone for stream.appv.internal for this to work correctly. So go into DNS and make this one small addition. If you use a CNAME for stream.appv.internal just point it back to your management server machine or Virtual IP address for your NLB Cluster.

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

This post Continues from Part 1

The Topology for this is;

So i know i am a little bit behind on my blogging so wanted to get this up to date! In this Part we need to get a few pre-reqs all sorted. So Lets get IIS Set up. Unlike the Beta Code we only need a few elements for IIS7. Actually we just need to alter one thing!

So lets get started!

1) Go to the server Manager, and add right click roles > add new role

2) The New Role Wizard will start > Click Next

3) In the select Server role add the “Web Server (IIS)”, and then click “Add the required Feature” when the pop up appears.

4) In the Intro to IIS screen just click next to take us onto the IIS options.

5) Now in the “Role Services” section of the wizard add the “IIS Management Scripts and Tools” also confirm that the “IIS Management Console” is added and then click next to review the options you have selected, and then select next again.

6) Sit with a cuppa tea or Coffee whilst IIS adds it self to your Win2k8 platform and hit finish at the end!

Thats IIS done and dusted. Now onto Configuring my CA for Certificates in my estate.

The Complete Series are located;

Part 1: The initial Setup - Building your App-V RC test lab (using 4.5.1305)
Part 2 : Installing IIS 7 for App-V RC 4.5.0.1305/8
Part 3 : Configuring Windows Server 2008 with Certificates for RC App-V 4.5.0.1305/8
Part 4 : Installing the First Management Server on RC App-V 4.5.0.1305/8
Part 5 : Configuring the Windows Server 2008 Firewall for RC App-V 4.5.0.1305/8
Part 6 : Installing and Configuring the RC ADM Template
Part 7 : Installing the RC App-V 4.5.0.1305/8 on the client

Besides the official announcement in Tales from the Edge site about the full supportability of ISA Server in a virtual environment, we now also have an interview with Jim Harrison that explains more about ISA/TMG in a virtual environment and why now is supported.

Check it out the interview here:

http://edge.technet.com/Media/Virtualize-your-ISA-or-Forefront-TMG-servers/

Greetings NAP fans!

Back from vacation and thought I would share this with you...

What are the available Network Access Protection (NAP) training solutio