Richard Hicks is the founder and principal consultant at Richard M. Hicks Consulting, Inc. With more than 25 years of experience implementing secure remote access and public key infrastructure (PKI) solutions, he is a widely recognized enterprise mobility and security infrastructure expert sought after by organizations worldwide. His mission is to help companies provide visibility, control, and assurance for their field-based devices, ensuring the highest level of security and productivity for today's highly mobile workforce.
Don't wanna be here? Send us removal request.
Statistics
We looked inside some of the posts by richardmhicks and here's what we found interesting.
Average Info
Notes Per Post
0
Likes Per Post
0
Reblog Per Post
0
Reply Per Post
0
Time Between Posts
8 days
Number of Posts By Type
Text
17
Last Seen Tumblr Blogs
Fun Fact
Tumblr Inc. is using 66 technologies for its website.
Text
Techmentor Conference at Microsoft HQ 2025
I’m very excited to announce that I will be attending the annual Techmentor Conference at the Microsoft HQ campus in Redmond, Washington, this year. The event takes place August 11-15, 2025. The Techmentor Conference is one of my favorite IT pro conferences because it offers unparalleled access to experts worldwide. I will deliver two presentations at this year’s event. I hope you’ll join…
View On WordPress
#certificate#certificates#Cloud PKI#conference#education#Entra#Entra Private Access#InTune#learning#Microsoft#Microsoft Cloud PKI for Intune#Microsoft Intune#PKI#TechMentor#training#Windows#Zero Trust#Zero Trust Network Access#ZTNA
0 notes
Text
Always On VPN Security Updates June 2025
Patch Tuesday is upon us again; thankfully, it’s a light month of Always On VPN administrators. The Microsoft monthly security updates for June 2025 include just a few Windows Routing and Remote Access Service (RRAS) fixes. In addition, an update is available for a vulnerability in the Windows Remote Access Connection Manager. Significantly, DirectAccess administrators are affected this month by…
#Always On VPN#AOVPN#KDC#KDC Proxy#Microsoft#patch#Remote Access#Remote Access Connection Manager#routing and remote access service#RRAS#update#VPN#vulnerability#Windows
0 notes
Text
Always On VPN Security Updates May 2025
Once again, it’s the second Tuesday of the month, and Microsoft has published its monthly security updates for May 2025. Once again, this month includes many updates for the Windows Server Routing and Remote Access Service (RRAS) and an update for Active Directory Certificate Services (AD CS). RRAS Updates The Microsoft security updates for May 2025 address the following CVEs for Windows Server…
0 notes
Text
Always On VPN Ask Me Anything (AMA) May 2025
Some recent changes have impacted Always On VPN administrators, so I thought having another AMA session this month would be a good idea. The next event is scheduled for Tuesday, May 6, 2025, at 10:00 AM PDT (UTC-7). Do you have questions about Always On VPN? Are you having a specific issue you can’t figure out? Would you like more information about configuration options? Here’s your chance to…
View On WordPress
0 notes
Text
The Case for Short-Lived Certificates in Enterprise Environments
Digital certificates, issued by an internal, private Certification Authority (CA) like Microsoft Active Directory Certificate Services (AD CS), are commonly used in enterprise environments for user and device authentication for workloads such as VPN, Wi-Fi (802.1x), System Center Configuration Manager (SCCM), IPsec, and more. But how long should a user or device authentication certificate be…
View On WordPress
#Active Directory#Active Directory Certificate Services#AD CS#ADCS#authentication#certificate#certificates#identity#kerberos#Microsoft#PKCS#PKI#PKINIT#SCEP#SSL#TLS#TPM#Trusted Platform Module#vDI#Windows
0 notes
Text
Always On VPN SSTP and 47-Day TLS Certificates
The Secure Socket Tunneling Protocol (SSTP) VPN protocol uses Transport Layer Security (TLS) encryption and HTTP transport over TCP port 443. SSTP is easy to configure and firewall-friendly, making it an excellent choice for the Always On VPN user tunnel. Security best practices dictate using a TLS certificate issued by a public Certification Authority (CA). Today, the maximum lifetime of a…
View On WordPress
#ACME#Always On VPN#AOVPN#AOVPNTools#automation#CA#certificate#certificates#Certification Authority#Cloudflare#Let&039;s Encrypt#Microsoft#Posh-ACME#PowerShell#public certificate#Routing and Remote Access#RRAS#Secure Socket Tunneling Protocol#SSTP#TLS#transport layer security#user tunnel#VPN#Windows
0 notes
Text
Always On VPN Security Updates April 2025
Microsoft has published its monthly security updates. Many updates address Routing and Remote Access Service (RRAS) vulnerabilities commonly used in Always On VPN deployments. In addition, an update addresses a vulnerability in Active Directory Certificate Services (AD CS). Always On VPN user and device authentication often rely on AD CS-issued certificates. RRAS Updates The April 2025…
#AD CS#Always On VPN#AOVPN#CVE#hotfix#Microsoft#patch#Routing and Remote Access#RRAS#security#update#VPN#vulernabilities#vulnerability#Windows#Windows Server
0 notes
Text
Always On VPN Troubleshooting with Windows Packet Monitor PktMon.exe
When troubleshooting Always On VPN, taking a network packet capture or network trace is sometimes required to identify the root cause of a problem. After all, Packets Don’t Lie™. There are numerous ways to capture packets. Many administrators will install Wireshark for this purpose. However, Windows has a native packet capture tool called PktMon.exe that offers many advantages over…
View On WordPress
#command line#debug#deep packet inspection#ETL#filtering#netsh#netsh.exe#network#network capture#network trace#Networking#npcap#packet capture#pcap#PCAPNG#pktmon.exe#tool#tools#troubleshooting#Windows#Windows Packet Monitor#Wireshark
0 notes
Text
Always On VPN Load Balancing with Loadbalancer.org
Recently, I had the opportunity to deploy the Loadbalancer.org load balancer as part of an enterprise Always On VPN deployment. In the past, I’ve published guidance for using F5 BIG-IP, Citrix ADC (formerly NetScaler), and Kemp LoadMaster, so in this post, I’ll provide guidance for configuring Loadbalancer.org for Always On VPN. IKEv2 Open the Loadbalancer.org management console and follow the…
View On WordPress
#ADC#Always On VPN#application delivery controller#Citrix ADC#Citrix NetScaler#enterprise mobility#F5#failover#GSLB#high availability#Kemp#load balancing#Loadbalancer.org#Microsoft#monitor#Netscaler#redundancy#Remote Access#scalability#SSTP#VPN#WAF
0 notes
Text
Always On VPN Discord Channel
I’m excited to announce the launch of a brand-new Discord channel dedicated to administrators working with Always On VPN! Whether you’re a seasoned pro or just getting started, this community is designed to be your go-to hub for collaboration, troubleshooting, and staying up to date on all things Always On VPN. The channel was established by my good friend Leo D’Arcy, the creator of the popular…
View On WordPress
#Always On VPN#AOVPN#channel#community#configuration#Discord#disucssion#DPC#Dynamic Profile Configurator#enterprise mobility#forum#learning#Microsoft#Mobility#mobiltiy#Remote Access#security#troubleshooting#VPN
0 notes
Text
Enable TLS in Microsoft SQL Server 2022
In a recent post, I described some of the security benefits of using Transport Layer Security (TLS) with Microsoft SQL Server. Configuration changes are required to take full advantage of these capabilities. By default, SQL Server uses an unmanaged, self-signed certificate, which provides little security value. The best practice is to use a certificate issued by the organization’s enterprise PKI.…
View On WordPress
#AD CS#ADCS#authentication#certificate#certificates#database#encryption#Microsoft#SQL#SQL server#SQL Server 2022#TLS#transport layer security#video#Windows#Windows Server
0 notes
Text
TLS and Microsoft SQL Server 2022
Transport Layer Security (TLS) for SQL Server 2022 has numerous benefits. TLS enhances SQL Server security by providing authentication, encrypting data in transit, ensuring regulatory compliance, and following security best practices. It helps prevent unauthorized access, protects sensitive information, and mitigates interception attacks, making it a critical component of a secure database…
View On WordPress
#authentication#certificate#certificates#Compliance#encryption#GDPR#HIPAA#Microsoft#PCI-DSS#PKI#public key infrastructure#security#SQL#SQL server#SQL Server 2022#TLS#transport layer security#Windows#Windows Server
0 notes
Text
Managed Certificates for Remote Desktop Protocol
The Remote Desktop Protocol (RDP) is arguably the most widely used protocol for Windows remote server administration. RDP uses Transport Layer Security (TLS) for server authentication, data encryption, and integrity. However, the default configuration of TLS for RDP in Windows is less than ideal. RDP Self-Signed Certificate By default, RDP uses a self-signed certificate for TLS operations. TLS…
View On WordPress
#AD CS#ADCS#administration#authentication#certificate#certificate services#error#group policy#Microsoft#nmap#RDP#remote administration#Remote Desktop Authentication#Remote Desktop Protocol#self-signed certificate#TLS#transport layer security#warning#Windows
0 notes
Text
Configure Entra Conditional Access for Always On VPN
Recently, I wrote about Microsoft Always On VPN and Entra Conditional Access and how conditional access improves your organization’s security posture by making policy-based access decisions based on various signals such as user identity, location, device compliance, platform, sign-in risk, and more. In this post, I’ll provide step-by-step instructions for integrating Entra Conditional Access with…
View On WordPress
#Active Directory#AD#Always On VPN#AOVPN#authentication#certificates#conditional access#Entra#Entra ID#identity#Identity Protection#MFA#Microsoft#Microsoft Entra#Microsoft Entra ID#multifactor authentication#NPS#strong authentication#VPN#Windows
0 notes
Text
Always On VPN Authentication Failure After February 2025 Security Update
Microsoft introduced changes to Windows domain controllers in the February 2025 security update that may result in authentication failures for Always On VPN user tunnel connections. If you suddenly find that all your Always On VPN user tunnel connections fail, additional changes may be required to resolve the issue. Authentication Failure Administrators may find that Always On VPN connections…
View On WordPress
#6273#853#Always On VPN#AOVPN#authentication#authentication failure#certificate#domain controller#February 2025 Security Update#KDC#kerberos#Kerberos Key Distribution Center#Microsoft#NDES#NPS#PKCS#PKINIT#PowerShell#registry#SCEP#update#VPN#Windows
0 notes
Text
Arizona Systems Management User Group March 2025
I’m excited to announce that I’ll be speaking at the Arizona Systems Management User Group (AZSMUG) at their next user group meeting on Friday, March 7, at 9:00 AM MST. I am presenting on the topic of Certificate Deployment Strategies with Microsoft Intune. Intune and Certificates My session at AZSMUG will provide an overview of issuing and managing certificates with Microsoft Intune. We’ll…
View On WordPress
#Active Directory#AD#authentication#AZSMUG#certificate#certificates#Cloud PKI#CloudPKI#event#identity#InTune#Intune certificate connector#learning#Microsoft#Microsoft Intune#Microsoft Intune Cloud PKI#NDES#pfx#PKCS#PKI#presentation#SCEP#user group
0 notes
Text
Always On VPN and SQL Target Principal Name Incorrect
Microsoft Always On VPN provides seamless and transparent remote access to corporate applications and data. In most cases, accessing resources over the VPN works the same as on-premises. However, a few folks have asked recently about an issue they found when using the SQL Server Management Studio (SMSS) to connect to a remote SQL server over Always On VPN. Principal Name…
View On WordPress
#administration#Always On VPN#AOVPN#authentication#error#kerberos#Microsoft#Mobility#remote administration#security#SMSS#SQL#SQL server#SQL Server Management Studio#VPN#warning#Windows
0 notes