Let’s start this post about Exchange with a common question: Now that Microsoft has stopped selling TMG, should I rip it out and find something else to publish Exchange with? I have occasionall...
Updated Jul 01, 2019
Version 2.0
Blog Post
@Greg
Fantastic point of view, Greg.
There are too many reading this as a "must do" post, when it's actually about provide more information to, only then, call a decision.
Moreover, it's - sadly - impressive how some "hard security lovers" can't think different then the recipe that is being spread over a decade. Security is based in models, and models gets old. Physics is here to support my point. However, we are still trying to prevent attackers on the old-school approach, meanwhile they are attacking us using new ways; and the only thing that we achieved was to make the authentic user to get struggling with "Access denied" (and variants) resultant of our effort.
There's no short answer, no "only solution", no out-of-box (OOF TLA?) design to secure any infrastructure. There's only best practices, analysis, and new approaches (like the one purposed by you/o-365). There's no version of "forever secure". And, that's the "why" the attack surface can be increasing: We are very confident about the way we do security (the same way that it was being done, 10 years ago).
Congrats!
Rodrigo