Select Page
DagmarHeidecker_0-1633936309439.png

NDES Security Best Practices

Hi, I am Dagmar, working for the Microsoft Compromise Recovery Security Practice team. As NDES (Network Device Enrollment Server) – if misconfigured or not secured and hardened properly – can be a door opener for the compromise of an Active ... continue reading
AZ-800 Study Guide: Administering Windows Server Hybrid Core Infrastructure

AZ-800 Study Guide: Administering Windows Server Hybrid Core Infrastructure

In this exam guide you’ll see which MS Learn modules map against exam functional groups and which docs.microsoft.com articles map against specific exam objective items for the AZ-800 Administering Windows Server Hybrid Core Infrastructure exam. This exam is required for ... continue reading

Windows 11 Insider 22449 update for SMB compression

Heya folks, Ned here again. We released a change to SMB compression for Windows 11 Insider Preview build 22449 & later. TL/DR We stopped being so algorithmically cute: when you request compression, we now just try to do it because ... continue reading
Affinity.png

New Features of Windows Server 2022 Failover Clustering

Greetings again Windows Server and Failover Cluster fans!!  John Marlin here and I own the Failover Clustering feature within the Microsoft product team.  In this blog, I will be giving an overview of the new features in Windows Server 2022 ... continue reading
2021-08-30_17-30-37.png

Windows Server 2022 is full of new file services!

Heya folks, Ned here again. As you’ve heard by now, Windows Server 2022 is available and supported for production deployments. This new OS brings many new features around security, storage, networking, web, containers, applications, virtualization, edge, and Azure hybrid. Today ... continue reading
The five levels of CMMC.

How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud

In 2020, the US Department of Defense (DoD) began the phased rollout of a new framework for protecting their supply chain, known as the defense industrial base (DIB). This new Cybersecurity Maturity Model Certification1 (CMMC) system requires regular audits that ... continue reading
2021-07-29_18-25-55.jpg

Configure SMB Signing with Confidence

Heya folks, Ned here again. Many years ago, we made configuring SMB signing in Windows pretty complicated. Then, years later, we made it even more complicated in an attempt to be less complicated. Today I'm here to explain the SMB ... continue reading
Diagram showing chain of attacks from the LemonDuck and LemonCat infrastructure, detailing specific attacker behavior common to both and highlight behavior unique to each infra

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts ... continue reading
2021-07-20_12-30-39.png

What the heck is the File Server “role” in Windows Server???

Heya folks, Ned here again. Today I clear up an old idiosyncrasy of Windows Server: if the SMB Server service is always installed, why is there a role called "File Server" and what does enabling it do? Let's... role ;) ... continue reading
TelemetryFinal.gif

Log Sensor & Telemetry Services in Isolated Network

Dear IT Pros, We knew that it is normal for Domain Controller and critical servers to be in isolated network without internet access. How could we provide the cloud-based, Azure log analytic services for these objects? The services could originate ... continue reading