IMPORTANT ANNOUNCEMENT FOR OUR READERS!
AskPFEPlat is in the process of a transformation to the new Core Infrastructure and Security TechCommunity, and will be moving June 20, 2019 to our new home at https://aka.ms/CISTechComm (hosted at https://techcommunity.microsoft.com). Please bear with us while we are still under construction!
We will continue bringing you the same great content, from the same great contributors, on our new platform. Until then, you can access our new content on either https://aka.ms/askpfeplat as you do today, or at our new site https://aka.ms/CISTechComm. Please feel free to update your bookmarks accordingly!
Why are we doing this? Simple really; we are looking to expand our team internally in order to provide you even more great content, as well as take on a more proactive role in the future with our readers (more to come on that later)! Since our team encompasses many more roles than Premier Field Engineers these days, we felt it was also time we reflected that initial expansion.
If you have never visited the TechCommunity site, it can be found at https://techcommunity.microsoft.com. On the TechCommunity site, you will find numerous technical communities across many topics, which include discussion areas, along with blog content.
NOTE: In addition to the AskPFEPlat-to-Core Infrastructure and Security transformation, Premier Field Engineers from all technology areas will be working together to expand the TechCommunity site even further, joining together in the technology agnostic Premier Field Engineering TechCommunity (along with Core Infrastructure and Security), which can be found at https://aka.ms/PFETechComm!
As always, thank you for continuing to read the Core Infrastructure and Security (AskPFEPlat) blog, and we look forward to providing you more great content well into the future!
Hi there! Stanislav Belov here, and you are reading the next issue of the Infrastructure + Security: Noteworthy News series!
As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.
|Public Preview: Microsoft adds full IPv6 support for Azure VNets
Dual Stack IPv4/IPv6 Connectivity allows you to bring your private IPv6 space into Azure and enables connectivity over IPv6 within your Virtual Networks. This enables you to address IPv4 depletion, meet regulatory requirements and expand into the growing mobile and IoT markets with your Azure-based applications.
|Azure Cost Management now generally available for Pay-As-You-Go customers
We are excited to announce the general availability of Azure Cost Management features for all Pay-As-You-Go and Azure Government customers that will greatly enhance your ability to analyze and proactively manage your cloud costs. These features will allow you to analyze your cost data, configure budgets to drive accountability for cloud costs, and export pre-configured reports on a schedule to support deeper data analysis within your own systems. This release for Pay-As-You-Go customers also provides invoice reconciliation support in the Azure portal via a usage csv download of all charges applicable to your invoices.
|Announcing Azure Government Secret private preview and expansion of DoD IL5
On April 17, we announced a significant milestone in serving our mission customers from cloud to edge with the initial availability of two new Azure Government Secret regions, now in private preview and pending accreditation. Azure Government Secret delivers comprehensive and mission enabling cloud services to US Federal Civilian, Department of Defense (DoD), Intelligence Community (IC), and US government partners working within Secret enclaves.
|Azure Application Gateway Standard v2 and WAF v2 SKUs generally available
Application Gateway is Azure’s Application Delivery Controller as-a-service offering which provides customers with layer 7 load balancing, security and WAF functionality. Azure Application Gateway Standard v2 and WAF v2 SKUs are now generally available and fully supported with a 99.95 SLA. The v2 SKUs also offer a number of additional capabilities to Application Gateway and WAF.
|First sneak peek of Windows Server, version 1903 Semi-Annual Channel
With the launch of Windows Server 2019 a few months ago, we kicked off a whole new wave of innovation focused on four pillars: Hybrid Cloud, Security, Application Platform, and Hyper-Converged Infrastructure, and it was just the beginning. Today, we’re excited to share with you a few feature areas of the next Windows Server, Semi-Annual Channel release – version 1903.
|It’s time to update your Windows Server management strategy!
We know that you need to manage both individual servers and servers at scale. We also know that each customer is at a different stage in their hybrid journey, so we provide scaled management tools centered in on-premises and scaled management tools for hybrid management in Azure. Whatever your management needs are, we have you covered–including patching, backup, monitoring, governing, and automation, or simply managing an individual server remotely on-premises or in Azure.
|Overview of Windows Autopilot
Windows Autopilot is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use. You can also use Windows Autopilot to reset, repurpose and recover devices. This solution enables an IT department to achieve the above with little to no infrastructure to manage, with a process that’s easy and simple.
|Windows Autopilot: Hybrid Azure AD join and automatic registration
Windows Autopilot is modernizing the way you deploy Windows. It simplifies the process by eliminating the complexity associated with creating, maintaining, and distributing custom images while reducing the overall total cost of ownership. We’re constantly improving Windows Autopilot based on the feedback that we receive from you and our other customers around the world. One of the most popular requests has been, “When will Windows Autopilot support on-premises Active Directory enrollment for Windows 10 devices?”
|3 investments Microsoft is making to improve identity management
As a large enterprise with global reach, Microsoft has the same security risks as its customers. We have a distributed, mobile workforce who access corporate resources from external networks. Many individuals struggle to remember complex passwords or reuse one password across many accounts, which makes them vulnerable to attackers. As Microsoft has embraced digital transformation for our own business, we shifted to a security strategy that places strong employee identities at the center. Many of our customers are on a similar journey and may find value in our current identity management approach.
|Detecting credential theft through memory access modelling with Microsoft Defender ATP
Stealing user credentials is a key step for attackers to move laterally across victim networks. In today’s attacks, we see a range of tools used to achieve credential theft, requiring protections that target the root behavior and not just individual known tools as is often done by traditional antimalware software. Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP), Microsoft’s unified endpoint protection platform, uses multiple approaches to detect credential dumping. In this post, we’ll discuss one of them: a statistical approach that models memory access to the Local Security Authority Subsystem Service (lsass.exe) process.
|Windows Hello FIDO2 certification gets you closer to passwordless
On May 6, the FIDO Alliance announced that, with the upcoming release of Windows 10, version 1903, Windows Hello is a FIDO2 Certified authenticator. FIDO2 enables developers to leverage standards-based protocols and devices to provide users easy authentication to online services—in both mobile and desktop environments. Microsoft is a leading member of the FIDO Alliance and is working closely with alliance members to enable passwordless login for websites supporting FIDO2 authentication. Collectively, these standards enable users to more easily and securely login to online services with FIDO2-compliant security keys and Windows Hello.
|Microsoft Defender ATP third-party solution integrations
On May 5, Microsoft announced the general availability of Microsoft Defender ATP partner integrations – a set of pre-integrated partner solutions that enable customers to streamline, integrate, and orchestrate defenses from other vendors with Microsoft Defender ATP; helping security teams to effectively respond to modern threats.
|Azure Sentinel Insecure Protocols Dashboard Implementation Guide
This guide will help you setup the Azure Sentinel IP Dashboard. The Azure Sentinel IP Dashboard allows you to gain insights into Insecure protocol traffic by collecting and analyzing security events from Microsoft products. You can view analytics and quickly identify use of weak authentication as well as sources of legacy protocol traffic, like NTLM and SMBv1. You will also have the ability to monitor use of weak ciphers, allowing you to find weak spots in your organization’s security.
|Protecting disconnected devices with Microsoft Defender ATP
In an ideal world, all of your critical devices would be seen by, reported on, and protected by Microsoft Defender ATP, however we’re aware that there are legitimate scenarios where devices simply can’t be connected to the Internet or a management service. The good news for those disconnected devices is that we have released a whitepaper with all the info you need to understand how security is impacted by the unique challenges of being disconnected. It talks about the types of disconnected devices, and — most importantly — provides guidance on the various features and protection technologies you can use from Microsoft to protect these disconnected devices.
|A new home and an all-new look for Microsoft Secure Score
Last month we announced that Microsoft 365 Security Center had reached general availability and we provided our readers with a quick end to end tour of the top experiences. Since then it’s been exciting to see the number of new customers using Microsoft Secure Score for the very first time almost tripling while the blog became one of the top viewed items for the month of March. In this month’s blog we’d like to provide additional details on Microsoft Secure Scores’ redesign and new capabilities.
|The evolution of Microsoft Threat Protection, April update
Microsoft Threat Protection continues to energize the threat protection market with our most recent announcements. Customers are excited about the launch of Microsoft Defender Advanced Threat Protection (ATP), which extends Microsoft’s best in class endpoint security to Mac and adds powerful new capabilities of Threat and Vulnerability Management.
|LDAP Reconnaissance – the foundation of Active Directory attacks
When an attacker manages to break into an on-premises domain environment, one of the first steps they normally take is to gather information and perform domain reconnaissance. Reconnaissance involves identifying the users, resources and computers in the domain and then building an understanding of how those resources are used to form your domain environment.
|Microsoft Threat Experts reaches general availability
Microsoft Threat Experts is the managed threat hunting service in Microsoft Defender Advanced Threat Protection (ATP). It provides security operations centers (SOCs) with expert-level oversight and analysis to help ensure that critical threats in their unique environments are identified, investigated, and resolved.
|Vulnerabilities and Updates|
|Microsoft expands BitLocker management capabilities for the enterprise
Microsoft is excited to announce enhancements to BitLocker management capabilities in both Microsoft Intune and System Center Configuration Manager (SCCM), coming in the second half of 2019. Whether your management infrastructure is on-premises or in the cloud, robust BitLocker management is required for today’s enterprises to secure modern endpoints.
|Announcing WSL 2
On May 6, Microsoft unveiled the newest architecture for the Windows Subsystem for Linux: WSL 2! Changes in this new architecture will allow for: dramatic file system performance increases, and full system call compatibility, meaning you can run more Linux apps in WSL 2 such as Docker.
|Prepare for SQL Server 2008 end of support
On July 9, 2019, support for SQL Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don’t let your infrastructure and applications go unprotected. We’re here to help you migrate to current versions for greater security, performance and innovation.
|Windows 7 support will end on January 14, 2020
Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences. The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and automatic updates that help protect your PC will no longer be made available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available.
|Extended Security Updates for SQL Server and Windows Server 2008/2008 R2: Frequently Asked Questions (PDF)
On January 14, 2020, support for Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don’t let your infrastructure and applications go unprotected. We’re here to help you migrate to current versions for greater security, performance and innovation.
|Products reaching End of Support for 2019
Products reaching End of Support for 2020
|Microsoft Premier Support News|
|Security: Modern Workplace Threat Protection (MWTP) – Fundamentals is designed to get you started enabling advanced Windows 10 security technologies. You will learn how to enable and leverage identity and access protection features, along with various threat protection capabilities. An accredited Premier Field Engineer will guide you through understanding key blockers to deploy and enabling critical features and functionality of the product.|
|Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.|