Often the question that comes up during my presentations or while talking with customers is: why should I move to a private cloud? Instead of answering this question, we usually show the “evolution of the data center” and how the traditional operational mode that was done in the past is not effective for today’s needs.
If you look the benefits of each one, it will be easy to notice that the Private Cloud (in this case using IaaS as example) has much more advantages, better scalability and it’s more efficient for the current business needs. If you are still not sure about that, one easy way to find out if your company is ready or not to make this move, is to use the the Microsoft Customer Assessment Tool for Private Cloud.
In four steps this tool will assist you to make a decision about moving to a private cloud or not. This is done by leveraging your knowledge about your business needs, company’s goals and the plan to achieve those goals. It is very worth to take a look on this tool if you are unsure about this move.
Hello Folks,
I hope you all are doing fine, I’m pretty busy with many projects these days, but want to give you a quick update about my engagements for the next three months.
Presentation: Private Cloud Security Location: National Information Security Group - Dallas Chapter More information at: http://dallas.naisg.org/meetings.asp
Presentations at TechED North America 2012:
AAP306: Private Cloud Security Architecture: A Solution for Private Cloud Security Speaker(s): Tom Shinder, Yuri Diogenes Tuesday, June 12 at 1:30 PM - 2:45 PM Architecture & Practices | Breakout Session | 300 - Advanced
Cloud computing introduces new opportunities and new challenges. One of those challenges is how security is approached in the private cloud. While private cloud can share a lot of security issues with traditional datacenters, there are a number of key issues that set private cloud security apart from how security is done in the traditional datacenter. In this session, Dr. Tom Shinder and Yuri Diogenes discusses these issues and wrap them in to a comprehensive discussion on private cloud security architecture. By taking an architectural approach to private cloud security, you will be able to understand the critical concepts, principles and patterns that drive a successful security implementation of private cloud. Read more
WSV320: Understanding and Deploying Hosted Private Cloud: Concepts and Implementation Speaker(s): Joshua Adams, Tom Shinder, Yuri Diogenes Wednesday, June 13 at 5:00 PM - 6:15 PM Windows Server | Breakout Session | 300 – Advanced
The Hosted Private Cloud is a new deployment model that enables an exceptional level of mobility and availability for your private cloud deployments. However, to get the most out of a Hosted Private Cloud solution, you need to understand the core concepts that drive a successful Hosted Private Cloud deployment and then understand what you need to do to implement the solution. In this talk, Dr. Tom Shinder and Yuri Diogenes discuss key Hosted Private Cloud Concepts and then demonstrate critical steps in implementing a hosted Private cloud. Demos show you how to evaluate the Hosted Private Cloud environment and how to configure and validate your Hosted Private Cloud configuration. Read more
Presentations at COMTEC (Fortaleza, Brazil) More information (in Portuguese) here.
Well, besides having to prepare all those presentations, I’m busy updating our Private Cloud documentation and getting things ready for our next milestone (RC). Our From End to Edge and Beyond book is moving pretty smoothly this month we should finish chapter 4. This week I passed the CompTIA Advanced Security Practitioner (CASP) Certification and I truly recommend you to take this one, probably it was the second most difficult exam that I’ve taken (first one was CISSP) but the overall experience of studying and taking the exam were great . Last couple of days I also attended the TakeDownCon here in Dallas and again it was a great conference, thumbs up!
Last but not least, we recorded Episode 19 of From End to Edge and Beyond with Richard Hicks talking about Direct Access on Windows 8, this episode should be live either Friday (5/11) or Monday (5/14), meanwhile visit all other episodes at http://aka.ms/FEEAB
First I would like to thank you all for attending the DFW IT PRO Meeting yesterday (May 3rd) at Microsoft Las Colinas here in Irving, Texas. During our presentation we discussed the Concepts and Implementation of a Private Cloud Infrastructure using Windows Server 2012. As we said, the documentation to build your cloud infrastructure using Windows Server “8” Beta is already available at TechNet. You can read more about this documentation here. Many of you also said that never heard about the TechNet Wiki but do support the community based content. I would like you to read this post to better understand what the TechNet Wiki is all about.
Thanks again for your time yesterday and I hope to see you all again soon!
Today ISSA released the ISSA Journal May 2012 issue featuring one article written by me and Tom Shinder.
If you are ISSA Member make sure to logon here and access the whole content of this issue. If you want to read our article you can access here.
We hope you enjoy !
Introduction
If you were at Share Cloud Dallas last month in our presentation about Private Cloud Security you probably remember one topic that we discussed called “Cloud Security Challenges Secondary to Cloud Essential Characteristics”. This series of post that I’m going to write (at least one per week) will explain how Private Cloud with System Center 2012 can assist you to address those concerns.
Cloud Security Challenge 1 – Resource Pooling
Problem Statement as described in the Private Cloud Security Paper: As the consumer (tenant) of the services offered by a private cloud in my enterprise, I want to be sure that the data in my application is secure, that no-on else can access it, and that it is safe if something untoward occurs.
How System Center 2012 can assist you with this Challenge?
System Center 2012 Role-Based Access Control and User Role features can assist you with that. Partitioning and Role Based Access Control (RBAC) also applies to your administrators, who should not have automatic access to tenant data. In the case where an administrator does require access to tenant data, then that access must be carefully audited.
With the User Role Wizard you can even customize the user role for that particular cloud as shown below:
When creating a User Role you can also determine the scope for the User, in other words, which Cloud that user (or users) will be able to perform those pre-defined actions:
For a full demonstration on how to perform those actions use the video below (skip to minute 33:03):
If you are part of the DFW IT PRO Group, make sure to add to your calendar our presentation “Understanding and Deploying Hosted Private Cloud: Concepts & Implementation”. More information here:
http://www.dfwitprofessionals.com/event-calendar/icalrepeat.detail/2012/05/03/359/-/-dfw-it-pros-may-3rd-meeting-understanding-and-deploying-hosted-private-cloud-concepts-a-implementation
See you there!
Hi Folks,
I’m going to try to give you some updates about how our new book (announced here) is coming along. This month we started handing over some chapters to Syngress and we are really excited with this project. We are using the same formula that we used in our previous books, in other words, we split the chapter in two parts and each one write half of the chapter. This gives us the opportunity to write every single chapter, equally split the work and leverage our areas of expertise within the technology. There are two recent news that I would like to echo here: as announced today by Richard Hicks his blog, he will be the Technical Reviewer for this book and as we known Richard for a long time we are very pleased to have him onboard to help us on this project. As I announced last Saturday (via Twitter – see below), Syngrees will be handing over to us the draft book cover and we will be showing it during our sessions at TechED US in June. I hope to see you there !
My last post was 18 days ago when I talked about the Cloud Infrastructure using Windows Server “8” Beta. On the same token I would like to let you know that soon (probably in the next couple of days) we will release Episode 17 of From End to Edge and Beyond where we interviewed Josh Adams. Josh will talk about this document that we wrote and will demonstrate how to build a cloud infrastructure using Windows Server “8” Beta.
Stay tune in this channel!
Since we are talking about cloud, yesterday me and Tom Shinder delivered a presentation at Share Cloud Dallas about Private Cloud Security. We had a great time not only presenting but also networking with other IT PROs from DFW area.
You can download the presentation from here and you can access the Private Cloud Blog for more information about some of the scenarios that we discussed during this session.
As my friend Tom Shinder recently announced on his blog, he is leading the Private Cloud initiative and one of the projects that we are working together is the Cloud Infrastructure with Windows Server “8” Beta. You can find these technical scenarios in the Windows Server “8” Beta page in the location shown below:
…or you can directly access the Building Your Cloud Infrastructure scenario from here.
Stay tuned for more exciting stuff about Windows Server “8” Beta at Windows Server Blog.
One year ago we were launching the video below where I talk about the TechNet Wiki:
Lots of things happened throughout this one year and the TechNet Wiki platform got even stronger than it was. A great example of that is the recent publication of an article related to Windows Server “8” Beta directly from product team. This really shows the commitment that Microsoft has with this platform. In order to assist you to evangelize others IT PROs/DEVs on how to use this platform, I’m making available a slide deck that I used in many events where I want to call for engagement on this platform, download the deck from here. I would like also to congratulate the Brazilian community for growing from a couple of hundred articles to more one thousand articles in nine months period. Great job guys!
Other important links:
Let’s keep up the great work and evangelize others to use the platform!
Today we released the first WSUS on Windows Server “8” Beta blog post at WSUS CSS Team Blog. This post focus on the WSUS Role installation on Windows Server “8” Beta using the new Server Manager experience. Make sure to stop by the link below and review the article:
http://blogs.technet.com/b/sus/archive/2012/03/02/getting-started-with-wsus-on-the-windows-server-8-beta-installing-the-wsus-role-using-the-new-server-manager.aspx
There you will also find links to the WSUS on Windows Server “8” Beta TechNet Library page. There are plans to release more blog posts and the next one will be about WSUS role installation using PowerShell.
Stay tuned to the Windows Server Blog for future announcements related to Windows Server “8” Beta !
What a great way to start a leap day and see that lots of hours of hard work are now available to public consumption: Windows Server “8” Beta is available for download here. The new Windows Server “8” Beta page at TechNet Library was also launched:
See http://technet.microsoft.com/en-us/windowsserver/hh534429
In this page you will find tons of information about this release, such as the new WSUS, enhancements in Security and Protection, enhancements and new networking features, Active Directory Rights Management Services and much more.
Go ahead and start download Windows Server “8” Beta, play with it, connect with others to discuss about this release and give your feedback.
Hello folks, a quick post here just to let you know that me and my friend Tom Shinder will be presenting at TechEd US (in Orlando) and TechEd Europe (in Amsterdam). We will deliver the same session in both events, which is Understanding and Deploying Hosted Cloud: Concepts and Implementation. We will also use this opportunity to network with the IT PRO / SEC Community and record an episode for our Security Talk Show (From End to Edge and Beyond) with your participate, so I really hope to see you there !
Here it is why you can’t miss TechED 2012.
Recently I saw this thread on the TMG Forum and found it very interesting as it was quiet easy to repro. Yesterday Microsoft released a signature update that address this issue. The problem that TMG’s administrators were facing is documented here:
From: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3aJS%2fBlacole.BW
Make sure to go to TMG Update Center and force an update (in case Malware Inspection is not showing as 1.119.1988.0). If it is higher than that you should be fine as shown below:
Today I received an email from a friend with the subject: Remove my photo from FACEBOOK. On the body of the email it says:
“Hey, who gave you permission to post my photo at Facebook??? Be aware that I didn’t like that and I would like you to remove ASAP. Are you playing around with me?”
Under this paragraph a link pretending to be to the Facebook picture. Here it is the original email (in Portuguese):
Well, when I saw that I knew it was fake e-mail (a typical social engineering e-mail) and I also knew that if I wait a little bit, probably Hotmail will be redirecting this to my Junk Mail. But I was curious to understand what this was about, so I copied the URL to a lab environment that I have (isolated from my production network).
What happened?
I configured my TMG’s live logging to watch the particular client where I was doing the test and here it is what I saw:
1. A redirect from the short URL:
2. Another redirect from the target (notice my friend’s email address is on the GET Request:
3. Right after that this is what I see on my client workstation:
4. Immediately FEP 2010 opened the window below on the client workstation:
5. When I clicked show details this is what I got:
A severe threat (Trojan) that was trying to land into my system. I was luck to have FEP 2010 fully updated and ready to mitigate such risk, however some users might not have that.
What about your friend?
The best thing you can do if you believe your friend is sending compromised content (probably because he was compromised) is to take an action to inform Hotmail that this happened. From Hotmail web interface you can flag that message saying that your friend was hacked:
…or you can also send the message to Junk folder and flag that your friend was hacked:
Keep yourself and your friends safe!
Me and my friend Tom Shinder, along with John Weston will be speaking at Shared Cloud Dallas 2012 in March. Me and Tom will share the stage to talk about Private Cloud Security and we will also use this opportunity to record an special edition of our Security Talk Show – From End to Edge and Beyond. If you are going to attend to this event, come meet us and chat about Private Cloud Security. We will also give away some Forefront books during our presentation.
See you there !
You might not have noticed but this month (last January 10th) ISA Server 2006 Mainstream Support ended as shown in the table below:
Source: http://support.microsoft.com/lifecycle/?p1=11928
The question that you might have is: what about this extended support that goes until January 2017? Extended support means the following:
The Extended Support phase follows Mainstream Support for Business and Developer products. At the supported service pack level, Extended Support includes:
Source: http://support.microsoft.com/lifecycle/
Better to start planning your migration as part of your new year’s resolution.
Yesterday we released a new version of the Private Cloud Security Hub at TechNet Wiki, you can access it from here:
http://social.technet.microsoft.com/wiki/contents/articles/6642.a-solution-for-private-cloud-security.aspx
The good news with this release is that you can also access the full set of DOCs (3) that corresponds to those TechNet Wiki articles from one single place. That’s right, we compiled everything in a single ZIP file that you can download from here:
http://gallery.technet.microsoft.com/A-Solution-for-Private-67209ab1
These papers will guide you through the design of private cloud security, the understanding of the security blueprint and the secure service operation of a private cloud. Feel free to leave your comments and feedbacks, they are very important to us.
Today we have some new KB Articles published for Forefront TMG 2010. If you are experience any of those issues, make sure to read these articles and apply the new update called Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 . All articles are available at http://support.microsoft.com/kb/2649961
Me and my great friend Tom Shinder are very pleased to announce that we signed a contract with Syngress to write our next book, which will be about Windows 8 Security. This is our greatest project for 2012 and we are very excited about this new partnership with Syngress. If you take a look on Syngress’s website you will see that their infosec portfolio cover many areas such as:
Note: you will also find in one of these pages the book that our friend Tim “Thor” Mullen wrote (watch Episode 10 for more details).
While we can’t reveal too many details about what we will cover in this book, you can definitely expect broad and deep coverage of many security features that are coming with Windows 8 as well as Cloud implementations.
Stay tune also on Tom’s blog, he will bring some more details about the project.
Hello folks and Happy New Year for you all !!
If you are running Forefront TMG 2010 and has NIS (Network Inspection System) enabled and updated, you probably notice a new signature that was released to assist you protecting against CVE-2011-3414 (part of MS11-100) as shown below:
Notice also that the response it is already setup to “Block” and it is already enabled. If you open the properties for this signature and review the Details tab you will see it is classified as a high business impact:
The good news is: if an attacker tries to exploit this vulnerability against a server that was not patched yet and the traffic is crossing TMG then NIS will identify the traffic and it will block it. Although you have this additional layer of protection to mitigate attempts to exploit this particular vulnerability, it is strongly recommended that you update your servers with MS11-100 as quick as possible (mainly the ones that are exposed to the Internet).
Stay Safe in 2012 and have a great year !
If you are following this blog since 2008 when I started you probably noticed that troubleshooting is a subject that I love it. Troubleshooting using tools like Perfmon and Windbg is amazing. In my new role at Microsoft I don’t deal with this on the daily basis anymore (like I used to on CSS Forefront Edge Team), however the love did not go away. I’m still quiet involved with troubleshooting and researching about new things and hot to fix it when it is not working. This week for example me and Tom recorded the Episode 13 of our Security Talk show. This episode was called Demo Day and I demonstrated how to use Perfmon and Windbg to troubleshoot a performance issue on TMG.
The video is available here or you can watch below:
I hope you like it!
You can’t deny that social networks today are part of the vast majority of the people’s life. It is everywhere, you go to a supermarket and you see: “Like Us on Facebook at <URL>”…it’s on TV, on the streets….everywhere. Now, the questions are: do people know how to behave on social network? Do they know about the risks of revealing too much? Does your company have a security policy about social network usage? Did you have a security awareness training when you joined your current company? Was social network one of the topics of this training?
Incorrect usage of social network can cause harm not only to the individual but also to the company. Employees must be trained to correctly use social network, mainly when they are using it to advertise their work and sometimes exposing company’s information. Here in US we have a recent case where an employee was fired for ranted about his company on Facebook. As I’m not here to share something that you already know, just click here and see for yourself the security risks of social networks.
What I do want to share with you is something that happened this month in Brazil and I wrote about in my blog (in Portuguese). Matter of fact there were two recent episodes in Brazil that caught my attention. The first one (I originally wrote in Portuguese here) was about a student that used to brag about being rich by posting photos on Facebook to show the nice things that he had. His posts caught the attention of someone that was on his friend’s list. This person was able to get the key of the student’s house and handed over to thieves in order to robber those objects that were posted on Facebook. They did, they broke in to the student’s house looking for the stuff he said he had, however they found nothing other than mobile phone, some jewelry and cash. It turns out that the student was not rich, he was only bragging those things to call the attention of his friends on school.
For this particular case it is very important to understand that you need to educate your kids on how to safely use social network and other Internet resources. Here are some resources that you can start using for that:
The second case is even scarier in my opinion. While the first was about a kid saying things that he shouldn’t say but he was a minor and not fully educated to deal with such technology, the second case is about adult’s behavior. With the proliferation of social network integration with geographic service location we pretty much know everything that our friends are doing and where they are in such moment of time. While this can look as cool as it can be, it is also very dangerous. Last week I wrote in my blog (in Portuguese) about this case that happened in Brazil where someone left on vacation and posted: “I’m leaving on a trip”. When they got back home they didn’t have TV, computers and other electronics, all gone. The robbers left a note in a piece of paper saying: “Next time that you leave on a trip let us know”. Now that’s very serious….but I see that all the time. People are integrating all the social tools without be concert about privacy settings and when they post one thing in one place it is propagated everywhere. Sometimes those posts are wide open on Twitter and available for anyone with malicious intentions to take advantage of that.
Be careful, make sure to watch what you’re saying on social networks, make sure to not reveal too much, make sure to use the privacy settings that those platforms have available to at least create some restrictions on your profile. Be aware that everything that you write on a social network platform can (and might) be used against you in one way or another.
Stay safe!
Back in 1999 I was working in one of the largest telecom company in Brazil, there I was responsible to maintain the core Windows NT 4 Servers and some of the services running on top of it (such as Exchange 5.5). Some days when I was scanning my badge to get into the datacenter I used to think: geez, we have so many servers on this datacenter, soon we will have to physically expand it just to be able to keep up the same level of services to our customers. Then I start thinking on the network infrastructure and all those VLANs to manage, the headache to move servers across VLANs, all the dependencies, etc. Not only that, but when we were stroke by “ILOVEYOU” I thought the world was coming to an end when I was trying to clean all those mailboxes. Fortunately this is past and the evolution of the datacenter is upon us. Do you want to know what I’m talking about? If you do, take your time and watch the video below from BUILD Conference to see what’s coming on this regard:
Make sure to watch the whole video before you think you can’t achieve secure isolation in the cloud at the same time that you build a low cost datacenter with powerful management tools.
Even I can’t believe that last time that I wrote here was 18 days ago, I think I was never away from here for so long. Although I’m away from here, I’ve been writing in many other places, recording episodes for our Security Talk Show and working on my regular activities at Microsoft (which is Win8 Security stuff)….so, it’s quiet busy these days. Here are some of my updates for this past month:
New Articles at TechNet Wiki
New Episodes of From End to Edge and Beyond
What’s coming next?
There are lots of things coming next and as soon as I can I will be announcing here a new project that me and Tom Shinder will work in 2012. For my Brazilians friends I can tell you that a new book about information security in Portuguese is also coming in 2012, it will be again published by Editora NovaTerra (more info soon) and the second edition of my Security+ book in Portuguese should also be out next year.
Our Security Talk Show is also going to finish the year with two more great episodes (13 and 14) that are planned to be released in December. In Episode 13 (called “Demo Day”), me and Tom Shinder will demonstrate some cool scenarios (probably related to DA and TMG) and on Episode 14 we will have the TechNet Guy talking about Cloud and Office 365.
See ya around !