January–Technical Rollup Mail–Security


Microsoft Office 365 Cloud-Based Productivity Service Now Helps Customers Comply with HIPAA Privacy and Security Standards

With reimbursements falling and medical loss ratio minimums rising, hospitals, physicians, and health plans are under unprecedented pressure to drive down operating costs while still improving the quality and safety of patient care. Explore how Microsoft is helping remove that barrier by embedding privacy and security capabilities in Office 365 so that Office 365 is now a cloud-based platform that complies with leading information privacy and security standards for customers operating in the United States and European Union.

Patterns & Practices: Cloud Security Approach in a Nutshell See how Microsoft is building on experience to secure its own cloud developments and utilizing an approach that simplifies and improves security by chunking up security in a way that helps leverage proven practices, while sharing information around emerging practices.

Microsoft Security Bulletin Summary for Dec, 2011


Security Bulletin Overview for Dec 2011

Microsoft Security Response Center (MSRC) Blog Post http://go.microsoft.com/?linkid=9683067

Windows Media Video (WMV) http://go.microsoft.com/?linkid=9683068

Windows Media Audio (WMA) http://go.microsoft.com/?linkid=9683069

iPod Video (MP4) http://go.microsoft.com/?linkid=9683070

MP3 Audio http://go.microsoft.com/?linkid=9683071

High Quality WMV (2.5 Mbps) http://go.microsoft.com/?linkid=9683072

Zune Video (WMV) http://go.microsoft.com/?linkid=9683073

Microsoft Product Lifecycle Information

Find information about your particular products on the Microsoft Product Lifecycle Web site http://go.microsoft.com/?linkid=9669804

See a List of Supported Service Packs http://go.microsoft.com/?linkid=9669805

Microsoft provides free software updates for security and nonsecurity issues for all supported service packs.

Follow the Microsoft Security Response team on Twitter http://go.microsoft.com/?linkid=9739346 @MSFTSecResponse for the latest information on the threat landscape.

Forefront TMG and ISA Server

Forefront Security TechCenter


Please note that if you have feedback on documentation or wish to request new documents - email isadocs@microsoft.com

Forefront Threat Management Gateway 2010 homepage


Forefront TMG (ISA Server) Product Team Blog

The ISA Server Product Team Blog (http://blogs.technet.com/isablog/) is updated on a regular basis. Latest entries include:

Forefront TMG SP2 at Security Talk Show


L2TP VPN issues when utilizing TMG as your RRAS server and NLB is configured on your external Interfaces


You cannot install a Forefront Threat Management Gateway 2010 service pack on branch office servers


Switching to text file logging fails with Event ID 11003


X-flash-version header can prevent ISA/TMG from compressing contents


Walk-through for RSA SecurID Authentication for TMG 2010 Part 1: RSA Authentication Manager 7.1 Server Configuration


Walk-through for RSA SecurID Authentication for TMG 2010 Part 2: TMG Array Members Preparation


Walk-through for RSA SecurID Authentication for TMG 2010 Part 3: Configure TMG Authentication and Delegation


Forefront Unified Access Gateway & Intelligent Application Gateway 2007

Forefront Unified Access Gateway 2010 Technical Resources


For comments, feedback, and requests, contact the Forefront UAG User Assistance team at uagdocs@microsoft.com.

Forefront Unified Access Gateway Product Team Blog

The UAG Product Team Blog (http://blogs.technet.com/edgeaccessblog) is updated on a regular basis. Latest entries include:

The UAG DirectAccess Web Monitor shows “Network Security” as Not Healthy


DirectAccess Connectivity Assistant polling interval


Forefront Edge on the Wiki

The home of community-generated content about Microsoft technologies — that anyone can edit! Read the latest wiki articles about TMG and UAG.

TMG - http://social.technet.microsoft.com/wiki/contents/articles/tags/tmg/default.aspx

Forefront Threat Management Gateway (TMG) 2010 Troubleshooting Survival Guide


UAG - http://social.technet.microsoft.com/wiki/contents/articles/tags/UAG/default.aspx

New KB’s

Forefront TMG 2010

You cannot install a Forefront Threat Management Gateway 2010 service pack on branch office servers



Cloud Computing: Cloud Security Concerns While maintaining appropriate data security continues to be a prevailing concern, a cloud computing infrastructure can actually increase your overall security. Learn how then explore specific concerns around virtual cloud security in the follow-up article.

Cloud Security Overview Moving to a cloud-based platform requires a change in mindset for IT security professionals. Explore key security considerations for the cloud, the differences between the public and private cloud, and why the ideal solution is often an in-house private cloud solution that exists entirely behind the firewall and hybrid clouds, but which combines private cloud systems with Internet-based (public or private cloud) services.

Cloud Security: Safely Sharing IT Solutions Find out how you can share IT solutions between the fixed cost of local resources and the variable cost of cloud resources without losing control of access to enterprise assets.

Identity and Access Management in the Cloud Identity and access management (IAM) refers to the processes, technologies, and policies for managing digital identities and controlling how identities can be used to access resources. Explore why identity management in a cloud system requires a complex collection of technologies to manage authentication, authorization and access control across distributed environments.

Security Considerations for Infrastructure as a Service (IaaS) Gain a better understanding of common concerns and scenarios around security for and public cloud and private cloud Infrastructure as a Service (IaaS) solutions. From network security to storage and data, this article provides a number of insights that can help you implement a better, more secure IaaS.

Managing the Cloud with Windows Intune Learn how the cloud-based PC management solution Windows Intune can help you keep your organization's PCs secure, updated and manageable, no matter where they are located. This article provides detail on each workspace in Windows Intune and the benefits it provides as well as background information on the technical architecture. Want more technical information on Windows Intune?

Understanding Security Account Management in Windows Azure Find out why, although cloud computing relieves some of the security burden, you still have an active role in managing access, securing communications, and ensuring data protection.

Crypto Services and Data Security in Windows Azure Get an introduction to some of the basic concepts of cryptography and related security considerations with Windows Azure including key storage and persistence, immutability, and message queues.


Security Webcast Calendar http://go.microsoft.com/fwlink/?LinkId=37910

Find security webcasts listed in an easy-to-use calendar format.

Upcoming Security Webcasts


December OOB Webcast (see link below) MS11-100

http://events.microsoft.com/Pages/Home.aspx#m=Security Talk Series|;r=0;s=Series;yourrole=001100;eventtype=111000;level=11100;timelength=2;v=list;pi=7230,8664;mi=678906,678907,678908;si=18;ai=IT Professionals

On-Demand Security Webcasts


Visit TechNet Spotlight: www.microsoft.com/technetspotlight

Video on Demand, Video Downloads, PowerPoint Presentations, Audio and more