Infrastructure + Security: Noteworthy News (March, 2019)

___________________________________________________________________________________________________________________________

IMPORTANT ANNOUNCEMENT FOR OUR READERS!

AskPFEPlat is in the process of a transformation to the new Core Infrastructure and Security TechCommunity, and will be moving by the end of March 2019 to our new home at https://aka.ms/CISTechComm (hosted at https://techcommunity.microsoft.com). Please bear with us while we are still under construction!

We will continue bringing you the same great content, from the same great contributors, on our new platform. Until then, you can access our new content on either https://aka.ms/askpfeplat as you do today, or at our new site https://aka.ms/CISTechComm. Please feel free to update your bookmarks accordingly!

Why are we doing this? Simple really; we are looking to expand our team internally in order to provide you even more great content, as well as take on a more proactive role in the future with our readers (more to come on that later)! Since our team encompasses many more roles than Premier Field Engineers these days, we felt it was also time we reflected that initial expansion.

If you have never visited the TechCommunity site, it can be found at https://techcommunity.microsoft.com. On the TechCommunity site, you will find numerous technical communities across many topics, which include discussion areas, along with blog content.

NOTE: In addition to the AskPFEPlat-to-Core Infrastructure and Security transformation, Premier Field Engineers from all technology areas will be working together to expand the TechCommunity site even further, joining together in the technology agnostic Premier Field Engineering TechCommunity (along with Core Infrastructure and Security), which can be found at https://aka.ms/PFETechComm!

As always, thank you for continuing to read the Core Infrastructure and Security (AskPFEPlat) blog, and we look forward to providing you more great content well into the future!

__________________________________________________________________________________________________________________________

Hi there! Stanislav Belov here again to bring you the next issue of the Infrastructure + Security: Noteworthy News series! 

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.

Microsoft Azure
Introducing the Azure portal “how to” video series
A new video weekly series highlights specific aspects of the Azure portal so you can be more efficient and productive while deploying your cloud workloads from the portal.
Announcing the general availability of Azure Lab Services
With Azure Lab Services, you can easily set up and provide on-demand access to preconfigured virtual machines (VMs) to teach a class, train professionals, run hackathons or hands-on labs, and more. Simply input what you need in a lab and let the service roll it out to your audience. Your users go to a single place to access all their VMs across multiple labs, and connect from there to learn, explore, and innovate.
Simplifying your environment setup while meeting compliance needs with built-in Azure Blueprints
To help our customers simplify the creation of their environments in Azure while successfully interpreting US and international governance requirements, we are announcing a series of built-in Blueprints Architectures that can be leveraged during your cloud-adoption journey. Azure Blueprints is a free service that helps customers deploy and update cloud environments in a repeatable manner using composable artifacts such as policies, deployment templates, and role-based access controls. This service is built to help customers set up governed Azure environments and can scale to support production implementations for large-scale migrations.
Instantly restore your Azure Virtual Machines using Azure Backup
Instant Restore helps Azure Backup customers quickly recover VMs from the snapshots stored along with the disks. In addition, users get complete flexibility in configuring the retention range of snapshots at the backup policy level depending on the requirements and criticality of the virtual machines associated, giving users more granular control over their resources.
Windows Server
Announcing Windows Admin Center Preview 1902

This preview release builds on the previous 1812 version and adds new functionality including all-new software defined networking tools in the HCI solution, and one of the top-requested customer features: shared connection lists. For folks that use RDCman, we have published a small script that you may use to export your saved RDCman connections to a .CSV file which you can then import with PowerShell to maintain all your RDCman grouping hierarchy using tags.

Windows Client
Making the transition to Windows 10 and Office 365

End of support means that your Windows 7 or Office 2010 software will no longer receive updates, including security updates. But, there’s good news – Windows 10 is the most secure Windows ever and Office 365 delivers the latest in personal productivity. Together they make a perfect pair to help you do everything you were doing before – safer, faster and easier.

Remote Server Administration Tools for Windows 10

Starting with Windows 10 October 2018 Update, RSAT is included as a set of “Features on Demand” right from Windows 10. Just go to “Manage optional features” in Settings and click “Add a feature” to see the list of available RSAT tools. Select and install the specific RSAT tools you need.

Security
The evolution of Microsoft Threat Protection, RSA edition

Microsoft Threat Protection is on a journey to provide organizations seamless, integrated, and comprehensive security across multiple attack vectors. In this RSA edition, we want to share where we are in this journey, the most recent new capabilities launched, and the vision of where we’re going as we continue executing toward our goal of offering best-in-class security for modern organizations.

Part 1 | Part 2

Microsoft Cloud App Security @RSAC 2019

Microsoft at RSA conference announced more than 15 new product capabilities for Microsoft Cloud App Security (MCAS). They are oriented around 4 major themes, as we continue to deliver a unique Cloud Access Security Broker (CASB) that is designed with security professionals in mind and continues to push industry boundaries by providing cutting edge capabilities, simplicity of deployment, centralized management, and innovative automation capabilities.

Announcing new cloud-based technology to empower cyber defenders

Cybersecurity is about people. The frontline defenders who stand between the promise of digital transformation and the daily reality of cyber-attacks need our help. At Microsoft, we’ve made it our mission to empower every person and organization on the planet to achieve more. Today that mission is focused on defenders. We are unveiling two new cloud-based technologies in Microsoft Azure Sentinel and Microsoft Threat Experts that empower security operations teams by reducing the noise, false alarms, time consuming tasks and complexity that are weighing them down. Let me start by sharing some insight into the modern defender experience.

Latest Microsoft Security Intelligence Report is available

The threat landscape is constantly changing. Stay on top of the latest trends that matter to you with our interactive security insights. Our threat researchers are sharing new data every month. On February 28, 2019 at 6 am PST, Microsoft published volume 24 of the Microsoft Security Intelligence Report(SIR).

IT Expert Roundtable: How Microsoft secures elevated access with tools and privileged credentials
Microsoft has been working to establish secure, isolated environments, credential management services and policies, and secure admin workstations to help protect mission-critical systems and services—including those used to manage cloud services, like Azure. Listen in as our experts answer questions about the strategies we use to help secure critical corporate assets and increase protection against emerging pass-the-hash attacks, credential theft, and credential reuse scenarios.
Windows Defender ATP’s EDR capability for Windows 7 and Windows 8.1 now generally available
With Windows 10 we’ve built the most secure Windows ever, by hardening the platform itself and by developing Windows Defender ATP – a unified endpoint security platform for preventative protection, post-breach detection, and automated investigation & response. To help customers stay secure while upgrading to Windows 10, we’ve built an EDR solution for Windows 7 and Windows 8.1 that is simple to deploy and seamless to end-users, providing behavioral based threat detection, investigation and response capabilities. Windows Defender ATP for Windows 7, and Windows 8.1 provides deep visibility on activities that are happening on endpoints, including process, file, network, registry and memory activities, providing security teams with rich, correlated insights into activities and threats happening on older versions of Windows.
Lessons learned from the Microsoft SOC—Part 1: Organization
We’re frequently asked how we operate our Security Operations Center (SOC) at Microsoft (particularly as organizations are integrating cloud into their enterprise estate). This is the first in a three part blog series designed to share our approach and experience, so you can use what we learned to improve your SOC.
New steps to protect Europe from continued cyber threats
On February 20th we expanded Microsoft AccountGuard to twelve new markets across Europe, providing comprehensive threat detection and notification to eligible organizations at no additional cost and customized help to secure their systems.
Securing privileged access for hybrid and cloud deployments in Azure AD
Traditional approaches that focus on securing the entrance and exit points of a network as the primary security perimeter are less effective due to the rise in the use of SaaS apps and personal devices on the Internet. The natural replacement for the network security perimeter in a complex modern enterprise is the authentication and authorization controls in an organization’s identity layer. Privileged administrative accounts are effectively in control of this new “security perimeter.” It’s critical to protect privileged access, regardless of whether the environment is on-premises, cloud, or hybrid on-premises and cloud hosted services. Protecting administrative access against determined adversaries requires you to take a complete and thoughtful approach to isolating your organization’s systems from risks.
Vulnerabilities and Updates
2019 SHA-2 Code Signing Support requirement for Windows and WSUS

To protect your security, Windows operating system updates are dual-signed using both the SHA-1 and SHA-2 hash algorithms to authenticate that updates come directly from Microsoft and were not tampered with during delivery. Due to weaknesses in the SHA-1 algorithm and to align to industry standards Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively. Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Windows Server Update Services (WSUS) 3.0 SP2 will receive SHA-2 support to properly deliver SHA-2 signed updates. Refer to the Product Updates section for the migration timeline.

Now available: Microsoft System Center 2019!

As of March 14, 2019, we are pleased to let you know that System Center 2019 is generally available. Customers with a valid license of System Center 2019 can download media from the Volume Licensing Service Center (VLSC). We will also have the System Center 2019 evaluation available on the Microsoft Evaluation Center.

Support Lifecycle
Windows 10, version 1607 end of servicing on April 9, 2019

Windows 10, version 1607 for Education, Enterprise, and IoT Enterprise will reach the end of servicing on April 9, 2019. This means that version 1607, for these editions, will no longer receive security updates. Customers who contact Microsoft Support after the March update will be directed to the latest version of Windows 10 to remain supported.

Windows 7 support will end on January 14, 2020

Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences. The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and automatic updates that help protect your PC will no longer be made available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.

Extended Security Updates for SQL Server and Windows Server 2008/2008 R2: Frequently Asked Questions (PDF)

On January 14, 2020, support for Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don’t let your infrastructure and applications go unprotected. We’re here to help you migrate to current versions for greater security, performance and innovation.

Products reaching End of Support for 2019

Products reaching End of Support for 2020

Microsoft Premier Support News
WorkshopPLUS – Windows PowerShell Azure Resource Manager introduces you to the basics of common Microsoft Azure workloads, provides guidance and education for your IT engineers, using the power of PowerShell. This 3-day engagement includes an education sessions to help enhance your team’s technical and operational skills and help drive operational readiness, along with hands-on labs developed by Microsoft engineer, who works with you to create a working Proof of Concept (PoC) in your environment using AzureRM PowerShell commands.
The Windows Server 2019: New Features and Upgrade workshop provides students with a comprehensive introduction to the wide range of new and improved features in Windows Server 2019. Throughout the modules, we will provide a broad understanding on new or updated features and roles in Windows Server 2019.
Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.