Tag: Security

Altaro Azure Security Center Webinar

Free Webinar: Azure Security Center: How to Protect Your Datacenter with Next Generation Security

I am happy to announce that I will be speaking in a free webinar together with Microsoft MVP Andy Syrewicze about Azure Security Center. The Altaro webinar called Azure Security Center: How to Protect Your Datacenter with Next Generation Security will be focusing on Azure Security Center, and how you can protect your Cloud and Datacenter Infrastructure. The webinar will be free and it will be held twice on Tuesday, July 30th, 2019. You can save your seat by filling out the form here.

Webinar presented live twice:

  • Session 1: 2pm CEST – 8am EDT – 5am PDT
  • Session 2: 7pm CEST – 1pm EDT – 10am PDT

Free Webinar

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Security has always been a fundamental concern of IT admins and now more than ever, in the age of the cloud datacenter, you need to ensure your workload security is ahead of the curve.

Join Thomas Maurer from the Microsoft Azure Team, alongside Microsoft MVP Andy Syrewicze, for a value-packed webinar that will show you how to batten down the hatches, even when your workloads are hosted in the public cloud! You’ll learn:

  • Azure Security Center Introductions
  • Deployment and first steps
  • Best Practices
  • Integration with other tools
  • And more!

With the industry’s transition to the cloud, we’ve seen a number of workloads migrate to service provider datacenters and public clouds like Azure. While many IT Pros are comfortable in dealing with core services in this manner, many find themselves at a loss when it comes to securing these next generation deployments. Pair that with an overly eager bad-actor community, and you have a recipe for disaster. However, new tools are designed to enhance existing security paradigms and help you sleep at night, such as Azure Security Center. Are you concerned about the strength of your Azure workload security? Struggling with where to start? We’ve got the webinar for you!

Taking advantage of the latest in security tools will ensure your organization stays one step ahead of the bad guys, and we’re here to help you get started!

See you there!

As mentioned, we will give you an overview of how Azure Security Center and strengthen your security posture and protect against threats with Azure Security Center. I will also show you features like Azure Just-in-Time VM access and many others.

I hope that you join the webinar and if you have any questions, let me know in the comments.



AZ-500 Microsoft Certified Azure Security Engineer Associate

Passed Exam AZ-500 Microsoft Certified Azure Security Engineer Associate

The new Azure Security exam just came out of beta, and I took some time to learn and see if I would pass it. I am happy that I just passed exam AZ-500: Microsoft Azure Security Technologies, which focuses on Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access, and protects data, applications, and networks. After passing this exam, you can call yourself a Microsoft Certified: Azure Security Engineer Associate. Azure Security Engineers implement security controls and threat protection, manage identity and access, and protect data, applications, and networks in cloud and hybrid environments as part of the end-to-end infrastructure. That means this exam covers different topics across the Azure infrastructure and many various Azure services like Azure AD, Azure IaaS, Azure Networking, Azure Kubernetes Service (AKS), Databases, Azure Monitor, Azure Security Center and many more.

Exam AZ-500: Microsoft Azure Security Technologies

Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

You can find more detailed information on the Microsoft exam website. There you will find all the skills measured in this exam.

How to prepare for the AZ-500 exam

Microsoft Learn

Microsoft Learn

Exams always have a specific focus; this one covers a broad set of Azure security topics over different Azure services. This means you not only need to have particular security know-how, but also a good overview of the various Azure services. If you don’t have that right now, I recommend that you might start with other exams, such as AZ-900 and AZ-10X for the Microsoft Certified: Azure Administrator Associate. But if you want to go forward with the AZ-500 exam and become a Microsoft Certified: Azure Security Engineer Associate, first have a look at the more detailed information on the Microsoft exam website. Start reading through the Microsoft Docs about the different security topics mentioned in the skills measured, and also get some hands-on experience by trining out the various technologies. My favorite place to learn and understand some tutorial about different topics is Microsoft Learn! On Microsoft learn, you can use a lot of different learning modules, and some of them are focused on Azure Security. If you want to know more about Microsoft learn, check out my blog post: Microsoft Learn – A Great Place To Learn!

At Microsoft Ignite The Tour, our team also presented a session on securing your Azure environment, my session in Amsterdam was recorded, you can watch it here: Microsoft Ignite The Tour 2019 Azure Hybrid Session Recordings.

With that, I wish you happy learning and good luck with the AZ-500 Microsoft Azure Security Technologies exam!



Windows Server 2019 ATP

Windows Server 2019 Windows Defender Advanced Threat Protection

Windows Server 2019 comes with a lot of new feature. One of the large investment Microsoft is making in this Windows Server release, is in security. And one of my favorite new security features in Windows Server 2019 is the support for Windows Defender Advanced Thread Protection. Windows Defender Advanced Threat Protection (ATP) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. It was available for Windows 10 devices for awhile, and now it is available for Windows Server 2019 and other version of Windows Server.

What is Windows Defender Advanced Threat Protection

Windows Defender ATP

Windows Defender Advanced Threat Protection brings some great security features to your platform.

  • Agentless, cloud-powered – No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date.
  • Unparalleled optics – Built into Windows and Windows Server for deeper insights. Exchanges signals with the Microsoft Intelligent Security Graph.
  • Automated security – Take your security to a new level, by going from alert to remediation in minutes – at scale.

Onboard Windows Server 2019 to Windows Defender Advanced Thread Protection

Windows Defender Advanced Thread Protection Onboarding

If you’re already using Windows Defender Advanced Threat Protection (ATP), preview these features by simply installing the latest preview build of Windows Server, and onboard it to Windows Defender ATP.

Otherwise, sign up for the Windows Defender ATP trial on Windows Defender Advanced Threat Protection.

Quick Look at Windows Defender ATP for Windows Server 2019

Windows Server 2019 ATP

Using Windows Defender ATP is pretty simple. It is also very simple with Windows Server 2019. After you have onboarded your Windows Server you can already see alerts and recommendations in your dashboard.

Windows Server ATP

To have some active alerts, you can create a test alert. This is also recommended to do after you have onboarded your machine. With that you can see if the connection is working.

Windows Server 2019 ATP Machine Page

You can find alters, events and actions in the machine page in the Windows Defender Security Center.

I hope this just gives you a short overview about Windows Defender ATP for Windows Server 2019. If you have any questions just leave a comment.



Windows Server 2019

Windows Server 2019 – What is coming Next

A while ago Microsoft announced the next key versions Windows Server 2019 and System Center 2019. And a couple of weeks ago, at the Windows Server Summit, Microsoft was taking more about what is new in Windows Server 2019. Microsoft also talked a lot about the positioning of Windows Server and what we can expect in the future. With the news finally released to the public, I can start talking and blogging about the new features and investments. I decided to create a series of blogs, to show the world the great new features. This blog post here, should give you a high level overview about how Microsoft is investing in Windows Server 2019.

Windows Server – The Power behind the Intelligent Cloud and the Intelligent Edge

Intelligent Cloud and Intelligent Edge

Windows Server is not only powering the Intelligent Edge where you have a great Software-Defined Datacenter plaform running Hyper-V or Stroage Spaces Direct, or as application platform. It is also powering the Microsoft Azure Intelligent Cloud. Windows Server is running the foundation of the platform of Azure and also many many services running in Microsoft Azure and Microsoft Azure Stack. If the innovation happening in the Microsoft Public Cloud, we as customers also benefit from that.

Windows Server – Hybrid Cloud in the DNA

Windows Server Hybrid Cloud

Windows Server is a great platform and it runs where ever you are. If you run on-premises in your Software-Defined Datacenter running in on physical hardware or in virtual machines or on Azure Stack, Windows Server is your platform. If you are running in the Public Cloud, Windows Server is not only the platform powering Azure. Windows Server is also a great platform for you to run application in Microsoft Azure or other cloud services providers.

Azure Hybrid Benefit for Windows Server

Azure Hybrid Benefit for Windows Server Reserved Instances

The Azure Hybrid Benefit for Windows Server is also a great option to run Windows Server workloads in the cloud. It allows customer to leverage the licensing they already have. This can bring down cost by a huge factor, and this together with Azure Reserved VM Instances up to 82%.

Windows Server 2019 – Innovation and Investments

Windows Server 2019 Investments

If we have a look at the investments done in Windows Server 2019, we can see that we can categorize them in 4 categories.

  • Hybrid Datacenter Platform
  • Security
  • Application Innovation
  • Hyper-Converged Infrastructure

Unique hybrid datacenter platform

Windows Server 2019 brings new functionality and features to extend your datacenter to Azure to maximize existing investments and gain new hybrid capabilities. To achieve this Microsoft brings improvements to Windows Server 2019 like built-in Azure Active Directory integration, Azure Backup, Azure Site Recovery, Storage Migration Services and many more.

Enhanced security capabilities

One of the key factors in today’s IT landscape is security. Microsoft started the journey by bringing enhanced security features to Windows Server 2016. With Windows Server 2019 Microsoft improves these security features of their server operating system. Microsoft adds new capabilities like Shield Virtual Machines for Linux, Exploit Guard, Encrypted Virtual Networks and under a lot of others. My favorite, the integration of Windows Defender Advanced Thread Protection or Windows Defender ATP.

Faster innovation for applications

With the Semi-Annual Channel releases of Windows Server, Microsoft already released some great investments to enable developers and IT pros. These allow them to create cloud native apps or modernize their traditional apps using containers and micro-services. In Windows Server 2019, Microsoft goes one step further and releases the SAC Improvement s like Linux Containers on Windows Server and the Windows Subsystem for Linux on Windows Server to the LTSC release. Microsoft also invest heavily to improve the container experience on Windows Server, by optimizing the container images for Server Core and Nano Server, a new Windows Container Image and better integration into orchestrators like Kubernetes and Service Fabric.

Unprecedented Hyper-converged Infrastructure

Microsoft is also improving your software-defined datacenter experience to achieve greater efficiency and security. With Windows Admin Center, Microsoft introduced a new web-based management UI which will be a perfect solution to manage your Windows Server 2019 servers. However, Microsoft is also investing in more hardware support like Storage Class Memory support. But also, on adding scale, resilience and performance improvements to your Storage Spaces Direct deployments. This includes improvements like Cluster Sets, improved performance for Mirror-accelerated parity volumes and much more.

In the next couple of days and weeks I will release some blog posts. These will covering the new features and improvements in Windows Server 2019 with a little more technical depth. And I am sure we will even have more to share after Microsoft Ignite. So ,stay tuned and follow my blog 🙂



Windows Server Banner

Microsoft Windows Server Summit – Online Summit

On Tuesday, June 26, 2018 Microsoft will held the Windows Server Summit Online, a virtual experience to learn tips and tricks for modernizing your infrastructure and applications—regardless of whether you’re running it on-premises or in the cloud. And you can bet you will also get some new information on Windows Server 2019.

Learn how to build the future with Windows Server

Microsoft will talk about the roadmap for Windows Server, and let you discover new skills and best practices, and get your questions answered in conversations with the Microsoft experts behind our products.

This online summit will focus on 4 key areas of Windows Server:

  • Hybrid – Learn how Windows Server helps you integrate Azure services into your on-premises environment and how to better run Windows Server in Azure.
  • Security – Better security starts with the Operating System. Learn how Windows Server helps you elevate your company’s security posture.
  • Hyper-converged infrastructure (HCI) – Windows Server 2016 introduced new HCI capabilities that are game-changers. Now, check what’s new around HCI for Windows Server 2019.
  • Application platform – Containers are changing the way developers and operations teams run applications. Learn how Windows Server helps you modernize yours.

So if you want to know more, join the Microsoft online event!

 



ThomasMaurer HTTPS

ThomasMaurer.ch now forcing https SSL encryption

Well this time it is just a small post about this blog here. ThomasMaurer.ch is available using SSL encryption (https) for quite a while, it was available for most of the content but it was not forced and not all of the content was available through SSL. This has changed a couple of days ago. ThomasMaurer.ch is now not only reachable using https, it is also forced to use https://www.thomasmaurer.ch.

This has several reasons, but mostly it should protect your data while visiting my website.

Since this was not as easy as you might think, there could be still some issues with the site. If you find any issues or have any problems accessing the site, leave a comment or use the contact form to contact me.



Windows Defender PowerShell

How to disable and configure Windows Defender on Windows Server 2016 using PowerShell

Windows Server 2016 comes standard with built-in Anti-Malware called Windows Defender like Windows 10 Client. And per default, Windows Defender is active and has also turned on Real-Time Protection by default. In Windows Server 2016 Desktop Experience you can disable and configure Windows Defender using the UI or PowerShell, in the Windows Server 2016 Core version or on Nano Server you only have PowerShell available. Here are some quick command how you can configure or disable Windows Defender on Windows Server using PowerShell.

Check the Defender configuration and settings:

 
Get-MpPreference

Turn off Windows Defender Real-Time Protection using PowerShell

 
Set-MpPreference -DisableRealtimeMonitoring $true

Turn on Windows Defender Real-Time Protection using PowerShell

 
Set-MpPreference -DisableRealtimeMonitoring $false

Add a File path exclusion:

 
Set-MpPreference -ExclusionPath "C:\temp", "C:\VMs", "C:\NanoServer"

Add process exclusion

 
Set-MpPreference -ExclusionProcess "vmms.exe", "Vmwp.exe"

 

I hope this helps you to easily configure Windows Defender on Windows Server 2016. Btw. This also works on Defender on Windows 10.