Select Page
image001.png

Decrypting the Selection of Supported Kerberos Encryption Types

In recent months Microsoft support has received a lot of questions regarding disabling RC4 for the encryption of Kerberos tickets.  If I had to guess the CIS L1 Baseline and RFC 8429 guidance to disable RC4 is responsible for much ... continue reading
image.png

Autopilot Hybrid Join Over VPN In Azure Lab

As an IT admin you plan to ship new devices to end users which can join the on-premises AD (Active Directory) by leveraging Autopilot with Intune for device management. This post is a walkthrough of evaluating the Autopilot Hybrid join ... continue reading
rogiorda_0-1598447752958.png

The Short and Sweet for Remote Work: Cached Passwords and Device Provisioning

In recent months, we have many changes at architecture design and security, with users, services, and devices. This article attempts to describe the scenarios that could be driven by remote work and could identify possible configurations based on the business requirements.  Keep in mind that for these scenarios the users' accounts must ... continue reading
image001.png

Quickly Setting Up a Sandbox with Azure SQL DB/MI and AAD Synchronization

  Introduction   During the migration journey from SQL Server to Azure SQL Database or Managed Instance, the customers I meet often wondering how to deal with the Integrated Authentication, their applications, especially the legacy ones. The following tutorial will ... continue reading

Calculating Application Availability in the Cloud

When deploying business critical applications in the cloud you want to make sure they are highly available. The good news is that if you plan properly, you can achieve 99.99% (4-nines) of availability or more. However, calculating your true availability ... continue reading
How to Defend Users from Interception Attacks via SMB Client Defense

How to Defend Users from Interception Attacks via SMB Client Defense

Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading
Are You Ready for Cloud Only?

Are You Ready for Cloud Only?

Recently I was approached by a customer on concerns and possibilities around going from on-premises to hybrid to cloud only. The customer had successfully gone through the hybrid scenario and was able to remove all known dependencies with their on-premises ... continue reading
Defending Exchange servers under attack

Defending Exchange servers under attack

Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, ... continue reading
Desired State Configuration code: How to troubleshoot the extension

Desired State Configuration code: How to troubleshoot the extension

Hello folks! If you have made it this far, know I think you’re amazing and one of a kind! If you are just tuning in now and would like to see the full blog series daisy chained together, take note ... continue reading
Failover Clustering Networking Basics and Fundamentals

Failover Clustering Networking Basics and Fundamentals

My name is John Marlin and I am with the High Availability and Storage Team here and today I want to talk about Failover Clustering and Networking. Networking is a fundamental key with Failover Clustering that sometimes is overlooked but ... continue reading