DNS

First Issuance manual, with automated renewals

Hey all Rob Greene again. Seems like I have been on this PKI kick lately, and today is not going to be any different. Occasionally, I will get a customer who must get certificates issued for things like Web sites, and they must have custom Subject Alternative Name (SAN) DNS values on the issued certificate.  […]

First Issuance manual, with automated renewals Continue Reading

Setting up Sentinel for Kubernetes Monitoring

A guide to using Microsoft Sentinel for monitoring the security of your containerized applications and orchestration platforms. Part 3 of 3 part series about security monitoring of your Kubernetes Clusters and CI/CD pipelines by @singhabhi  and @Umesh_Nagdev , Security GBB Introduction  In part 1 and part 2 of this series, we discussed the type of log sources you should consider

Setting up Sentinel for Kubernetes Monitoring Continue Reading

Azure Firewall: Comprehensive Comparison & Best Practices

Azure Firewall, a managed, cloud-based network security service, is an essential component of Azure’s security offerings. It comes in three different versions – Basic, Standard, and Premium – each designed to cater to a wide range of customer use cases and preferences. This blog post will provide a comprehensive comparison of these versions, discuss best

Azure Firewall: Comprehensive Comparison & Best Practices Continue Reading

We need to discuss the Microsoft Certification Authority Web Enrollment (CAWE) Role

Hello everyone, this is Rob Greene. I recently had a case where a customer was having trouble with the CAWE pages. I realized that we do not have much useful information on how outdated these web pages are. Customers have been using different default browsers, and while security has been evolving in the Windows environment,

We need to discuss the Microsoft Certification Authority Web Enrollment (CAWE) Role Continue Reading

Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs

This is the first article in a series: Stop Worrying and Love the Outage, Vol I: Group Policy and Sharing Violations Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs Hello, it’s Chris Cartwright from the Directory Services support team again.  This is the second entry in a series where I

Stop Worrying and Love the Outage, Vol II: DCs, custom ports, and Firewalls/ACLs Continue Reading

Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team

Organizations everywhere are on a lightning-fast learning trajectory to understand the potential of generative AI and its implications for their security, their workforce, and the industry at large. AI is quickly becoming a force multiplier—presenting significant opportunities for security teams to increase productivity, save time, upskill resources, and more. News and information about “the age

Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team Continue Reading

Firewall considerations for gMSA on Azure Kubernetes Service

This week I spent some time helping a customer with a gMSA environment on which they were finding some issues in deploying their app. The issues started when they were trying to figure out why the Kerberos ticket was not being issues for the Window pod with gMSA configured in AKS. I decided to write

Firewall considerations for gMSA on Azure Kubernetes Service Continue Reading

SDN: Migrating from Rest Name to Static IP | Remove worries of DNS!

[Special Thanks to Adam Rudell, our Sr. Support Escalation Engineer, for putting together an excellent video and tutorial] Hello SDN Community!  Today, when you deploy Software Defined Networking via SDNExpress or Windows Admin Center (WAC), you must provide a REST DNS name.  This is often referred to as a Dynamic DNS deployment.    The northbound

SDN: Migrating from Rest Name to Static IP | Remove worries of DNS! Continue Reading

SMB over QUIC client access control now supported in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25977 (Canary Channel) and Windows Server Preview Build 25997, SMB over QUIC now supports access control for clients. Today I’ll explain how this works, what the advantages are, and how to set it up. SMB over QUIC SMB over QUIC introduced an alternative to TCP and

SMB over QUIC client access control now supported in Windows Insider Continue Reading

Unwrapping the 2023 holiday season: A deep dive into Azure’s DDoS attack landscape

As the holiday season of 2023 unfolded, it brought not only cheer and celebration but also a surge in Distributed Denial-of-Service (DDoS) attacks. This year’s trends in DDoS attacks reveal a complex and evolving threat landscape. From misconfigured Docker API endpoints enabling botnet delivery to the emergence of NKAbuse malware exploiting blockchain technology for DDoS

Unwrapping the 2023 holiday season: A deep dive into Azure’s DDoS attack landscape Continue Reading