Select Page

How to deploy a VM template for PAW

First published on TECHNET on Nov 01, 2017 Continuing with the PAW series, after you followed the previous blog to build the PAW device, you can now deploy PAW VMs on it. There are two types of VMs you can ... continue reading
Join Host Guardian Servers to an existing bastion forest

Join Host Guardian Servers to an existing bastion forest

First published on TECHNET on Mar 07, 2017 Shielded VM prevents unauthorized access from the host. To achieve this security assurance, there must be a role separation between the fabric admins (who manage the Guarded Hosts) and the HGS admins ... continue reading

Why you should not enable Credential Guard on Domain Controllers?

First published on TECHNET on Feb 21, 2017 Credential guard protects the credential derivatives like NTLM hash and Kerberos tickets; this TechNet article has a very detailed explanation as well as deployment guidelines. There was a recent change in this ... continue reading

Use Windows Server 2016 to secure a jump server

First published on TECHNET on Feb 02, 2017 When talking to customers about the security features in Windows Server 2016, a common question keeps coming up, how do I secure my jump server? Recently, I worked with a Microsoft internal ... continue reading
Windows Server 2016 security auditing for enhanced threat detection

Windows Server 2016 security auditing for enhanced threat detection

First published on TECHNET on Jan 30, 2017 Windows Server 2016 includes new audit events to help with early detection of malicious activity in your datacenter. You can find the complete list of the events from this reference paper , ... continue reading
Overview of Device Guard in Windows Server 2016

Overview of Device Guard in Windows Server 2016

First published on TECHNET on Sep 20, 2016 With thousands of new malware released every day, it may not be sufficient to only use signature-based detection to fight against malware. Device Guard on Windows Server 2016 changes from a mode ... continue reading

Step by Step: Shielding existing VMs without VMM

First published on TECHNET on Sep 01, 2016 Continuing on the topic of Shielded VMs from my last blog on creating shielded VMs, this blogpost will share my learnings from validating the scenario. This blogpost doesn't dive deep in terminologies ... continue reading

Step-by-step: Quick reference guide to deploying guarded hosts

First published on TECHNET on Jun 08, 2016 My original blog post on the topic of deploying Shielded VMs without VMM included the instructions to deploy guarded hosts. Based on feedback around keeping the blog posts short and scenario-focused, I ... continue reading
Step by Step - Shielded VM Recovery

Step by Step – Shielded VM Recovery

First published on TECHNET on Jun 07, 2016 Shielded VMs protect the data and state of a Virtual Machine against inspection, theft and tampering from malware and datacenter administrators and they do so both at rest and in-flight. One of ... continue reading

Step by step – Creating Shielded VMs without VMM

First published on TECHNET on Jun 06, 2016 Hi, I’m Jane, one of the newest members of the Windows Server Security Product Team. My very first hands-on experience is to deploy Shielded VMs with the minimum amount of hardware. It ... continue reading