What’s New in Windows Server 2022

October 11, 2021 Leave a comment

Get the full lowdown on Windows Server 2022 and its implications for IT admins from expert Microsoft MVPs Andy Syrewicze and Paul Schnackenburg in this unmissable upcoming webinar from Altaro/Hornetsecurity on 13 October. They will explain the full new feature set, security enhancements, editions and license comparisons, where Hyper-V Server has gone, where Azure Stack HCI fits into this discussion, and more!

So, what does this mean for the future of system admins? How will your daily operations change due to the cloud-hosted strategy shift?

The presenters will also be answering all your burning Windows Server 2022 questions so come prepared and make the most out of this event to prepare your organization for the next generation of IT workloads!

Register Now

Categories: Cloud

Azure Resource Visualiser: Visualising Resources in the Azure Portal

August 17, 2021 Leave a comment

I have been working on a series on Architecture Templates for Azure to streamline the Cloud adoption and migration of workloads to Azure. Those templates that I called Resource Zones are pre-defined architecture that considers the workloads and the Azure Services that are enabled for particular customer.

Each Resource Zone essentially represents the common elements, such as app, db, storage, which shares network connectivity, monitoring and IAM across instances of these archetypes and must be in place to ensure that applications have access to the shared components when deployed.

Coincidence or nor, recently, I noted the Azure Resource Visualiser in the Azure Portal. How cool is the new feature! It lets you visualise the Resources deployed on a Resource Group. It is great to visualise the Resources in a Azure Resource Group and identifying their dependencies. You can select which resources to show and save the image.

If you’re a Microsoft 365 administrator…

August 14, 2021 Leave a comment

Backed by Hornetsecurity’s, 365 Threat Monitor is a free mobile app that detects any threats that breach your Office 365 security and enter your system, enabling you to instantly delete them with just one click: Prevent any damage and save the day!

How it works

Use 365 Threat Monitor for free to receive real-time alerts about gaps in your Office 365 security, and delete ransomware, spam and business email compromise attempts. This free email security mobile app gives you real-time alerts when malware infiltrates your system and allows you to delete it remotely, wherever you are.

  • Real-time malware detection and alerting
  • Protection you can count on
  • Instant deletion of malicious emails
  • Threat statistics and reporting

For SysAdmin Day there an interesting contest that might interest you

HornetSecurity is giving away a €20 Amazon voucher if you signup for a for a 30-day free sign up for free to 365 Threat Monitor and set up an account! 

Plus you have a chance to win one of their other grand Prizes.

What are you waiting for? Get your free 365 Threat Monitor App & Win!

Link: https://www.hornetsecurity.com/us/sysadmin-day/?LP=cardoso-sc-Article-SysAdmin2021-EN&Cat=SC&utm_source=cardoso&utm_medium=sc&utm_campaign=SysAdmin2021&utm_content=Article

Note:

Contest entries will be accepted until 15 September, 2021. Only valid Microsoft 365 administrator email addresses will be considered as an eligible entry. Only one entry per individual is permitted. Read full T&Cs.
For any questions related to the SysAdmin Day Contest 2021, please email win@hornetsecurity.com.

Categories: Cloud

ControlCheck: Security and Compliance Assessment

July 26, 2021 Leave a comment

Cyber intrusions can damage the competitive advantages and reputation of affected organisations, and amongst other damages, unnecessarily consume scarce financial and staff resources to respond to such intrusions.

I have been working on a development of a Security and Compliance Assessment app : ControlCheck and this month I have released the 1st version to assess and recommend controls in place and to recommend controls based on security practices.

In the July 2021 version, ControlCheck displays a Dashboard with the available Azure Services per category showing which service are in Compliance as it is as per in place Azure Polices.

What each colour means:

  • RED means the Azure polices are configured for the Azure Service, but not enforced or the service is not configured to meet the policy
  • Yellow means that no Azure policy is defined for the service
  • Green means that Azure polices are configured for the Azure Service, are enforced or the service is configured to meet the policy .

Once you click on the service, it will show you a summary for that specific Policy by Category

You can also see the current applied controls

The Recommended Controls by security best practices

and the health asesssment

#security #compliance #cyber #analytics #msftadvocate #azure

Categories: Cloud

Free complete guide to data protection

February 18, 2021 Leave a comment

Having a reliable and secure backup and disaster recovery strategy could be the most important thing you do.

I’m sure you’ve heard many data loss horror stories that have crippled organizations costing thousands, if not millions, of dollars. This free eBook from Altaro will make sure you’re not the next horror story victim.

https://www.altaro.com/ebook/backup-bible.php?LP=cardoso-sc-Article-ebook-backup-bible-complete-EN&Cat=SC&ALP=ebook-ebook-backup-bible-complete-cardoso-sc-article&utm_source=cardoso&utm_medium=sc&utm_campaign=ebook-backup-bible-complete&utm_content=Article

The Backup Bible Complete Edition, written by backup expert and Microsoft MVP Eric Siron, is comprised of 200+ pages of actionable content divided into 3 core parts, including 11 customizable templates enabling you to create your own personalized backup strategy.

Part 1 and 2 are updated versions of previously released eBooks (Creating a Backup & Disaster Recovery Strategy and Backup Best Practices in Action) but Part 3 is a brand-new section on disaster recovery (Disaster Recovery & Business Continuity Blueprint) that includes tons of valuable insights into the process of gathering organizational information required to build a DR plan and how to carry it out in practical terms.

One of the most useful features of The Backup Bible is the customizable templates and lists that enable the reader to put the theory into practice. These are found in the appendix but are linked in the text at the end of each relevant chapter. If you are going to read this book cover to cover it would be a good idea to fill out the templates and lists as you go through it, so by the time you’ve finished reading you’ll have a fully personalized backup action plan ready for you to carry out!

The Backup Bible Complete Edition also works as a great reference guide for all IT admins and anyone with an interest in protecting organizational data. And the best thing of all: it’s free!

Download your copy now!

Categories: Cloud

A Voucher for you and a donation for those in need

December 7, 2020 Leave a comment

‘Tis the season to be caring – caring for your loved ones, for each other, and yes, even your data and mailboxes. The arrival of the Holiday Season is a great time to recognize all the challenges we’ve survived this year, to be thankful for all we have and to share.

Let’s Celebrate: All you have to do is sign up for a 30-day free trial of either Altaro VM Backup or Altaro Office 365 Backup – it’s your choice!

How does it work?

· Trial Altaro V­M Backup or Altaro Office 365 Backup

· Get a guaranteed $10 Amazon voucher & a chance to win one of the Grand Prizes

· Altaro will make a $10 donation to One Laptop per Child for every valid entry What are you waiting for? Sign up now!

Categories: Cloud

Notes for deploying Acronis Virtual Firewall

November 30, 2020 Leave a comment

Components:

You can use either the setup application which will install all components or use MSI installer packages for unattended installations:

  • Management Service: installed on the host(s) or designated VM(s) that will be set as Management Server for the entire Windows Server/HyperV environment. (Note: multiple management servers could be deployed to provide disaster recovery function)
  • Virtual Router Management Service: installed on Virtual Router.
  • Management Console: installed on each host/VM that will be used by administrators to operate and control the system security/compliance rules application

Firewall Rules

(if deploying in Azure, make configure the NSG rules) :

Management ServerFirewall rules
from virtual router• TCP 8939 – 5nine.Antivirus.UpdateService endpoint
• TCP 8534 – Antivirus (AV) management endpoint
• TCP 8790 – vFirewall management endpoint
• TCP 8939 – IDS update service endpoint
• TCP 8183 – For signature updates of Snort Intrusion Detection System (IDS)
from Management Console• TCP 8789 – Client
to SQL Server DatabaseTCP 1433 (default) or other port defined in SQL configuration
to internet• TCP 80 – Snort IDS / AV update over HTTP
to DHCP server (if applicable)• UDP 68
Outbound to DNS server• UDP 53
to Syslog Server (if applicable)• UDP 514
to additional Cloud Security Management Services (if applicable)• TCP 8790
to Virtual Router• TCP 8533
• TCP 8788
Virtual RouterFirewall rules
from management server• TCP 8533 – AV management
• TCP 8788 – vFirewall management
from Azure VMs• TCP 8489 – AP agent communication
• TCP 3187, TCP 8943 – AP agent update service communication.
to management server• TCP 8534 – Antivirus (AV) management endpoint
• TCP port 8183 – For Cisco Snort Intrusion Detection System (IDS)
• TCP 8790 – vFirewall management endpoint
to internetTCP 80 – AV update over HTTP
to Azure VMsTCP 8287 – AP management endpoint
Azure Virtual MachinesFirewall rules
to virtual router• TCP 8489 – AP agent communication endpoint
• TCP 3187, TCP 8943 – AP agent update service
from virtual router• TCP 8287 – AP management endpoint
Management ConsoleFirewall rules
to management server• TCP 8789 – Client

Configuration for High Availability
For HA scenarios, you will need to install a separate instance of Management Service onto each server in the windows failover cluster pair, pointing to the same data source (SQL server). SQL server may also be set for high availability. From this point you will have to use cluster failover role IP address/FQDN instead of a standalone IP address/FQDN as a management service address when you need to connect to the management service.
When configuring high availability in the failover clustering, you will have to select the Generic Service option for Cloud Security Management Service and proceed with setup in a standard way.

Silent Install from MSI Packages
To install Cloud Security components silently from the command line, run the Setup Launcher Application and copy the MSI package files to c:\Setup or to another location as once the launcher application is closed the directory and contents will be deleted.

Example – Setup Router Service:
msiexec /i RouterServiceSetup.msi /qn /norestart /l* info.log
MANAGEMENT_SERVER=[Cloud Security FQDN name]
WINLOGIN=[DOMAIN\Administrator] WINPASS=[Password]

Note: To install the management console on the server where multiple users with different privileges work, the best practice is to select the option Use default credentials so that each time the management console is started the necessary privileges are granted on it. The same applies to tenants’ setup, the user that is currently running the management console instance must match the user, set to connect to the management service in order to get the right privileges. Refer to the Global Administrator and Tenants section

Adding Microsoft Azure Tenant Account
The main thing to do before starting anything with 5nine Cloud Security is to add Microsoft Azure Tenant Account. Click on Azure Connection Settings dialog by selecting Settings – Add Azure Tenant main menu option.

Global Administrator and Tenants
The User Management feature is designed to set permissions on 5nine Cloud Security objects (virtual machines) and operations performed through the management console.

It is crucial to set them appropriately. These permissions are unrelated to users’ permissions that are set in Windows or Active Directory (AD); they apply users’ rights solely for Cloud Security objects and operations.

The most important users that have to be created (added) in User Management are Global Users, particularly Global Administrator. This user will be able to see all the virtual machines that are managed by Cloud Security and to perform all the operations through the management console: set global rules, create/delete tenants , operate the antivirus feature and set permissions for other users.

Note: Before the Global Administrator is created, there are no permissions set and any user operating management console is considered as Global Administrator.

Categories: Cloud

SysAdmin Horror Stories

October 23, 2020 Leave a comment

We all know that a SysAdmin’s job is no easy task, and apart from constantly having systems to update, bugs to fix and users to please, SysAdmins encounter all sorts of situations throughout their careers. From tech situations to funny anecdotes, terrible mishaps or incidents with colleagues, this eBook includes real stories of what SysAdmins go through on a daily basis.

It’s very easy to download as no registration is required. Click on Download and it’s yours. It includes more than 20 short stories but this one is my personal favourite 😊.

Categories: Cloud

Azure Sentinel with built-in behavioural analytics powered by UEBA platform

October 23, 2020 Leave a comment

This latest innovation helps identify anomalies and extract behavioural insights for threat hunting and detection. Insights are aggregated across multiple data sources to provide a unified host or user profile.

Image source: https://techcommunity.microsoft.com/t5/azure-sentinel/stay-ahead-of-threats-with-new-innovations-from-azure-sentinel/ba-p/1693166

Other innovations include:

  • Integration with Azure Machine Learning Jupyter notebooks which offers a framework and cloud-scale data pipeline for ML using Azure Databricks.
  • Ability to search, add and track threat indicators, and create watchlists for threat hunting and detection (e.g., restricted IPs, trusted systems, critical assets, risky users, vulnerable hosts).
  • New data connectors, including for Microsoft Teams, Microsoft 365, and other clouds and data collection pipelines.

Categories: Cloud

Celebrating SysAdmin day

August 5, 2020 Leave a comment

Despite all challenges thrown our way this year, the hard work of SysAdmin made it possible for all of us to keep going, so Altaro are taking this opportunity to thank you:

If you are an Office 365, Hyper-V or VMware user, sign up for a 30-day free trial of either Altaro VM Backup or Altaro Office 365 Backup and receive a €/£/$20 Amazon voucher when you use your trial of Altaro Office 365 Backup or Altaro VM Backup.

Plus, get the chance to also win one of their Grand Prizes by sharing your greatest 2020 victory with Altaro in an up to 60-seconds video.

What are you waiting for? Sign up now!

Categories: Cloud Tags: