Windows Backups Failing with Associated VSS 8193 Errors

  Hi, this is Michael Koeppl again. I’m with the Premier Mission Critical (PMC) Team and assisting customers when they hit OS issues in their critical infrastructure, and today I wanted to talk with you about an interesting Windows Backup issue I encountered. My customer realized that his System State Backups (https://technet.microsoft.com/en-us/library/cc938537.aspx) on one of… Read more

Securing RDP with IPSec

Hi Everyone, this is Jerry Devore back with a follow-up topic from my previous post on Privileged Administrative Workstations (PAW) which is a hardened device configuration used to protect privileged credentials. In that post, I mentioned that it is possible to use IPsec to ensure an admin can only make a RDP connection to Tier… Read more

Hey Dude, Where’s My Winlogon.log?

Hi this is Michael from the PMC PFE Team, I recently helped a customer during the implementation of their Windows Server 2016 systems. When checking the Event viewer, we spotted a well-known Event ID: Log Name:      Application Source:        SceCli Date:          08.03.2017 17:49:21 Event ID:      1202 Task Category: None Level:         Warning Keywords:      Classic User:          N/A Computer:     … Read more

How to Secure an ARM-based Windows Virtual Machine RDP access in Azure

  Hi, Mark Rowe here, and I am the creator of Augmented Living, a Developer/Architect for Microsoft’s Modern Applications Solution Center as a senior consultant, and a long-time Microsoft fanboy and blogger. One of the most hit aspects of security is RDP on the default ports with poor password governance. People are busy, we all… Read more

Basic Network Capture Methods

Hi everyone. This is Michael Rendino, a Premier Field Engineer from Charlotte, NC and former member of the CTS networking support team. With my networking background, I have spent years reviewing network captures. One thing I always run into with my customers is that they often don’t know the best or easiest solution to get… Read more

Announcing Extended Support for WSUS 3.0 SP2

Hi everyone! Brandon Wilson here just passing along a friendly note that consumers of WSUS will probably be jumping for joy to hear. Nathan Mercer and Michael Niehaus have published some useful news in this blog post (contents can also be read below). So, without further delay….here it is in Nathan and Michael’s words: —–… Read more

Securing Credentials for Privileged Access

  Hello, Paul Bergson back again. I have been on the road a bit more than normal doing security training/POC deliveries (POP-SLAM *1) for our customers related to Pass-the-Hash and credential protection. I have noticed an alarming trend in how credential protection is thought to resolve a customer’s credentials from being compromised. Enterprises that are… Read more

A Bit About the Windows Servicing Model

Hello, Paul Bergson back again with a discussion on the upcoming changes to our monthly patch releases to align down-level supported operating systems, updating practices to coincide with the Windows 10 Service Model. This includes Windows 7/8/8.1 and Windows Server 2008 R2/2012/2012R2. “From October 2016 onwards, Windows will release a single Monthly Rollup that addresses… Read more

Using PowerShell Runspaces to Generate GPO Reports

Stephen Mathews here to talk to you about generating Group Policy Object reports quickly and efficiently. I had a customer ask me if there was an easy way to find all the RunOnce GUIDs in their GPOs. The customer was concerned that they would generate duplicate GUIDs in their deployment of Group Policy Preferences. Yes,… Read more

WPT: Peeking at Logon Delays

Hi everyone, Randolph Reyes (Randy) here with another blog contribution. In this particular engagement, I was working doing an Active Directory Offline Security Assessment (awesome delivery), and one employee with knowledge of using Windows Performance Toolkit stopped me on my way to lunch. Customer: Can we see how long takes an employee to type their… Read more