Infrastructure + Security: Noteworthy News (April, 2018)

Hi there! Stanislav Belov is here with the next issue of the Infrastructure + Security: Noteworthy News series!  

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis. Enjoy! 

Microsoft Azure
Application Security Groups now generally available in all Azure regions
ASGs enable you to define fine-grained network security policies based on workloads, centralized on applications, instead of explicit IP addresses. Provides the capability to group VMs with monikers and secure applications by filtering traffic from trusted segments of your network.
Azure Availability Zones in select regions
Availability Zones are physically separate locations within an Azure region. Each Availability Zone consists of one or more datacenters equipped with independent power, cooling, and networking. With the introduction of Availability Zones, we now offer a service-level agreement (SLA) of 99.99% for uptime of virtual machines. Availability Zones are generally available in select regions.
Introducing Microsoft Azure Sphere: Secure and power the intelligent edge
Microsoft Azure Sphere is a new solution for creating highly-secured, Internet-connected microcontroller (MCU) devices. Azure Sphere includes three components that work together to protect and power devices at the intelligent edge.
Azure DDoS Protection for virtual networks generally available
Distributed Denial of Service (DDoS) attacks are intended to disrupt a service by exhausting its resources (e.g., bandwidth, memory). DDoS attacks are one of the top availability and security concerns voiced by customers moving their applications to the cloud. With extortion and hacktivism being the common motivations behind DDoS attacks, they have been consistently increasing in type, scale, and frequency of occurrence as they are relatively easy and cheap to launch.
Windows Server
Use performance counters to diagnose app performance problems on Remote Desktop Session Hosts

One of the most difficult problems to diagnose is poor application performance – the applications are running slow or don’t respond. Traditionally, you start your diagnosis by collecting CPU, memory, disk input/output, and other metrics and then use tools like Windows Performance Analyzer to try to figure out what’s causing the problem. Unfortunately in most situations this data doesn’t help you identify the root cause because resource consumption counters have frequent and large variations. This makes it hard to read the data and correlate it with the reported issue.

Announcing Windows Admin Center: Our reimagined management experience

If you’re an IT administrator managing Windows Server and Windows, you probably open dozens of consoles for day-to-day activities, such as Event Viewer, Device Manager, Disk Management, Task Manager, Server Manager – the list goes on and on. Windows Admin Center brings many of these consoles together in a modernized, simplified, integrated, and secure remote management experience.

Windows Client
Update Windows 10 in enterprise deployments
Windows as a service provides a new way to think about building, deploying, and servicing the Windows operating system. The Windows as a service model is focused on continually providing new capabilities and updates while maintaining a high level of hardware and software compatibility. Deploying new versions of Windows is simpler than ever before: Microsoft releases new features two to three times per year rather than the traditional upgrade cycle where new features are only made available every few years. Ultimately, this model replaces the need for traditional Windows deployment projects, which can be disruptive and costly, and spreads the required effort out into a continuous updating process, reducing the overall effort required to maintain Windows 10 devices in your environment. In addition, with the Windows 10 operating system, organizations have the chance to try out “flighted” builds of Windows as Microsoft develops them, gaining insight into new features and the ability to provide continual feedback about them.
Security
Introducing Windows Defender System Guard runtime attestation
With the next update to Windows 10, we are implementing the first phase of Windows Defender System Guard runtime attestation, laying the groundwork for future innovation in this area. This includes developing new OS features to support efforts to move towards a future where violations of security promises are observable and effectively communicated in the event of a full system compromise, such as through a kernel-level exploit.
Conditional Access | Scenarios for Success (1 of 4)
Conditional Access is quickly becoming one of the most popular features our customers want to implement- it allows you to secure your corporate resources (such as Office 365) with quick and simple policies. We have identified several common scenarios that customers implement using conditional access. These scenarios secure your environment from different angles, enabling more holistic coverage. These are by no means the only policies that you can or should implement, but we have found them to be successful in addressing the most common customer scenarios we see.
New capabilities of Windows Defender ATP further maximizing the effectiveness and robustness of endpoint security
Our mission is to empower every person and every organization on the planet to achieve more. A trusted and secure computing environment is a critical component of our approach. When we introduced Windows Defender Advanced Threat Protection (ATP) more than two years ago, our target was to leverage the power of the cloud, built-in Windows security capabilities and artificial intelligence (AI) to enable our customers’ to stay one step ahead of the cyber-challenges. With the next update to Windows 10, we are further expanding Windows Defender ATP to provide richer capabilities for businesses to improve their security posture and solve security incidents more quickly and efficiently.
Incident Management Implementation Guidance for Azure and Office365
This document helps customers to understand how to implement Incident Management for their deployments of Microsoft Azure and Microsoft Office 365.
Secure Your Office 365 Tenant – By Attacking It
The Office 365 Attack Simulator is LIVE! Probe your environment before attackers do. Part 1, Part 2
Secure your backups, not just your data!
In today’s digital world where data is the new currency, protecting this data has become more important than ever before. In 2017, attackers had a huge impact on businesses as we saw a large outbreak of ransomware attacks like WannaCry, Petya and Locky. According to a report from MalwareBytes, ransomware detections were up 90 and 93 percent for businesses and consumers respectively in 2017. When a machine gets attacked by ransomware, backups are usually the last line of defense that customers resort to.
Why Windows Defender Antivirus is the most deployed in the enterprise
Currently, our antivirus capabilities on Windows 10 are repeatedly earning top scores on independent tests, often outperforming the competition. This performance is the result of a complete redesign of our security solution. What’s more, this same technology is available for our Windows 7 customers as well, so that they can remain secure during their transition to Windows 10.
Microsoft Security Intelligence Report volume 23 is now available
As security incidents and events keep making headlines, Microsoft is committed to helping our customers and the rest of the security community to make sense of the risks and offer recommendations. Old and new malware continues to get propagated through massive botnets, attackers are increasing focus on easier attack methods such as phishing, and ransomware attacks have evolved to be more rapid and destructive. The latest Microsoft Security Intelligence Report, which is now available for download at www.microsoft.com/sir, dives deep into each of these key themes and offers insight into additional threat intelligence.
Vulnerabilities and Updates
April 2018 security update release

On April 10 we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically, and for customers running previous versions, we recommend they turn on automatic updates as a best practice. More information about this month’s security updates can be found in the Security Update Guide.

Support Lifecycle
Configuration Manager 2007 approaching end of support: What you need to know
Microsoft System Center Configuration Manager 2007 has a support and servicing lifecycle during which we provide new features, software updates, security fixes, etc. This lifecycle lasts for a minimum of 10 years from the date of the product’s initial release. The end of the lifecycle is known as the product’s end of support. Configuration Manager 2007 reaches the end of its support lifecycle on July 9, 2019. We strongly recommend that you migrate your Configuration Manager 2007 infrastructure as soon as possible to the latest version of Configuration Manager (current branch).
Microsoft Premier Support News
Finally Remove Your Security Blockers: Introducing Project VAST
Has your organization’s security journey been hampered by environmental roadblocks in your infrastructure? Does your organization struggle to effectively measure the return on its security investment?
Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.