Today we are releasing part one out of five in this new series called “Microsoft Private Cloud Solutions for IT Managers”. I hope you enjoy me, Tom Shinder and Kevin Remde talking about Cloud Computing from all angles.
Today I have two good news about our upcoming Windows Server 2012 Security Book. Last month Deb Shinder joined us as a co-author of this book, she is already producing some great piece of content and we are just very happy to have her onboard. The other good news is that we reached 70% of the book, we are getting very close to the end (probably will be done writing by December).
If you are playing around with SMB3 and is trying to find more details on network traffic using Microsoft Network Monitor you may find out that SMB3 is not on the protocol’s list as shown below:
Before moving forward, it is important to emphasize that this behavior is expected. There are a couple of thing that you need to understand about this:
More info about Protocol parse see http://blogs.technet.com/netmon and for more information about SMB 3 Protocol specification see http://msdn.microsoft.com/en-us/library/cc246482%28prot.20%29.aspx
Today at RSA Conference in Europe, Microsoft launched the Cloud Security Reediness Tool. Here how it works:
Go check it out now at: http://technet.microsoft.com/en-us/security/jj554736
Today Josh Adams published at the TechNet Gallery two great set of PowerShell scripts that can help you automating your Windows Server 2012 Cloud Infrastructure. Check it out what each one does:
We hope you enjoy!
Note: make sure to rate and leave your comment on each one of those articles.
I’m not sure if you notice, but the Windows 8 Security Guide is already available:
It comes with the SCM 3.0 Beta (watch this interview for more information on SCM 3.0 Beta) and download it from here. Once you install this tool, browse through the path below and download the DOC file:
Note: the Windows Server2012 Security Guide is also there, under Windows Server 2012 option.
Last September 29th Microsoft updated the definitions to 1.137.726.0 by adding support detection for the Trojan Win32/Sofilblock.A. At any point in time if you face the screen below do not proceed with payment process. Update your Microsoft antivirus for the latest definition, scan your computer and remove the threat.
Image Source: Microsoft Malware Protection Center Facebook Page.
Just want to bring awareness of a new article that me, Tom Shinder and the Windows Server Team put together. This article explains the following points about designing your cloud infrastructure:
We embedded lots of security considerations in this design based on our security background and we hope you like it:
Last week I was in Redmond for a business trip and I had a chance to record the Episode 22 of From End to Edge and Beyond with Jose Maldonado, Senior Program Manager from Solutions Accelerators Team:
This week we will release this great interview at http://aka.ms/FEEAB
While the interview is not live yet I would like to briefly talk about this new release of the SCM. The SCM 3.0 (Beta) bring new security compliance baselines such as:
Another important point of this release is that it also updates the Threats and Countermeasure sections for Windows Server 2012 and Windows 8.
Got get a copy of the SCM 3.0 Beta here and stay tuned to our Security Talk channel.
Beware of a fake antivirus on the wild that looks like this:
(image from MMPC)
Microsoft detects this as Win32/Winwebsec and you can find more info about other variants here.
Recently I received an interesting e-mail (in Portuguese) and it was clearly a phishing e-mail, however I got curious to understand what it was and decided to investigate further. The e-mail content is shown below:
The destination URL shows up in the screenshot above because I pointed the cursor to the link and clearly it shows that it was not a valid link for the purpose of the e-mail content. I copied the URL and pasted in a isolated workstation in my lab environment. In this lab environment I have Forefront TMG in the edge which is also isolated from my production network. Once I pasted this link in the browser this is what TMG showed to me:
I’m not going to reveal the full URL, but this is a free cloud storage service. As this is a free cloud storage service (and valid one), TMG (leveraging Microsoft Reputation Services) categorize this as Personal Network Storage as shown below:
Since it passed through this filter successfully it landed in the user’s workstation with the following message:
Notice that the name of the file is actually the name of the domain trying to appear as a valid GOV domain (since the content has to do with GOV document). Using IDA PRO to disassembler the file was possible to see that the executable file as build using Borland Delphi:
There was some calls to verify disk space:
…and some other things, which are not part of the scope of this post. The goal here is to show the following points:
So where everything started? A phishing e-mail persuading the user to click on something. While we all know that the end user is the weakest point in the security chain, we need to continually work in a defense in depth approach where all points are mitigated. Technology can help until certain point and educate the users can complement that. In an article that I wrote almost one year ago I explain why is important to invest in Security Awareness training and the same thing stands true today.
Note: I originally wrote this text as part of an article about Cloud Storage Services Security to the 7th Edition of the Brazilian Portuguese Magazine called “Segurança Digital” (Digital Security). The full magazine (in PDF and Portuguese) is available here (the article is on page 39).
I was away from here for a long time, but for a good cause. During the month of July I traveled to deliver some presentations in Brazil and I want to share some of these moments with you today:
Presentation at COMTEC Fortaleza about Building a Private Cloud with Windows Server 2012 (the Demo that I presented is here in English)
Security+ Book signing with my co-author Daniel Mauser (black shirt) and the Technical Reviewer Alberto Oliveira at DeVry University (Fortaleza/Brazil).
Interview about Information Security and Windows 8 Security to a Brazilian TV Channel (Fortaleza/Brazil). The interview (in Portuguese) is here.
Presentation about Windows Server 2012 Security Features at Qualitek Security Day (Natal/Brazil).
As you can see it was a busy month but now I’m back to my normal pace and shortly I will publish a post about an interesting experience that I had recently.
This week my friend Tom Shinder is in Amsterdam to deliver the same set of presentations that we delivered together at TechED US. Unfortunately I couldn’t go with him and have some fun. But, be sure to not only watch his presentations but also stop by Microsoft Press booth tomorrow (Tuesday) 7:30PM to get a copy of you Forefront book signed by Tom. We did that two weeks ago at TechED US and it was a great experience. Here are some pictures from the book signing in Orlando:
The line to get the signed copy of our Forefront books.
I was signing the Forefront TMG Administrator’s Companion
…and now it was Tom’s time to sign
As announced last week at TechED North America, here it is the book cover for the upcoming book that me and Tom Shinder are writing for Syngress:
We are having an amazing time writing this book and we are looking forward to release it next year.
If you had a chance to go to TechED US this year and you were one of the 300+ attendees that watched one of our presentations I would like to thank you for stop by and choose our session. There are so many things going on at the same time at TechED that we know how hard it is to pick up the right session, therefore we truly appreciate your time. For the ones that didn’t go to TechED or didn’t go to our presentations but want to watch, here are the on demand version:
Understanding and Deploying Hosted Private Cloud: Concepts and Implementation Date: June 13, 2012 from 5:00PM to 6:15PM Day 3 WSV320 Speakers: Tom Shinder, Yuri Diogenes and Joshua Adams
Slides / WMV File
Private Cloud Security Architecture: A Solution for Private Cloud Security Date: June 12, 2012 from 1:30PM to 2:45PM Day 2 AAP306 Speakers: Tom Shinder, Yuri Diogenes
Again thanks a lot for your time and for you that didn’t see the presentation yet I hope you enjoy!
What about getting a FREE gift one week prior to TechEd North America? That’s right, today Microsoft Press released the “Introducing Windows Server 2012” eBook:
Me and my friend Tom Shinder wrote a side bar for this eBook, starting on page 77:
…and finishing on page 79:
I would like to thank Microsoft Press and the author Mitch Tulloch for having us on this project. It was great to participate reviewing chapter 2.
Go ahead and download the eBook from here or you can order the hard copy from here.
Today Microsoft announced the availability of Windows 8 Release Preview as well as Windows Server 2012 Release Candidate. But what I really would like to point it out is the new Documentation around Security Features that we are releasing for this milestone. Check it out this list:
Access it from here: http://technet.microsoft.com/en-us/library/hh832031 and also make sure to check it out the Windows Server 2012 Release Candidate documentation for Server Roles and Technologies at Microsoft TechNet Library.
Explore, test it and make sure to leave your feedback!
Yesterday me and Tom had a chance to participate in the May meeting of NAISG (National Information Security Group) - Dallas Chapter and we delivered a presentation about Private Cloud Security. First I would like to thanks NAISG Dallas for having us and also to all Security Professionals that were there.
The presentation that we delivered is available here.
Besides the sessions that I will co-present with my friend Tom Shinder at TechED North America 2012, we will also be signing our books at the Microsoft Press booth on Tuesday, June 12th at 3pm and on Wednesday, June 13th at 10:30 AM at Server and Cloud Division Information Experience Booth. If you have a copy of one of our books, bring it and will be glad to sign. If you don’t have it, use the discount code below to get 40% off on your printed version for those books:
We hope to see you there !
Often the question that comes up during my presentations or while talking with customers is: why should I move to a private cloud? Instead of answering this question, we usually show the “evolution of the data center” and how the traditional operational mode that was done in the past is not effective for today’s needs.
If you look the benefits of each one, it will be easy to notice that the Private Cloud (in this case using IaaS as example) has much more advantages, better scalability and it’s more efficient for the current business needs. If you are still not sure about that, one easy way to find out if your company is ready or not to make this move, is to use the the Microsoft Customer Assessment Tool for Private Cloud.
In four steps this tool will assist you to make a decision about moving to a private cloud or not. This is done by leveraging your knowledge about your business needs, company’s goals and the plan to achieve those goals. It is very worth to take a look on this tool if you are unsure about this move.
I hope you all are doing fine, I’m pretty busy with many projects these days, but want to give you a quick update about my engagements for the next three months.
Presentation: Private Cloud Security Location: National Information Security Group - Dallas Chapter More information at: http://dallas.naisg.org/meetings.asp
Presentations at TechED North America 2012:
AAP306: Private Cloud Security Architecture: A Solution for Private Cloud Security Speaker(s): Tom Shinder, Yuri Diogenes Tuesday, June 12 at 1:30 PM - 2:45 PM Architecture & Practices | Breakout Session | 300 - Advanced
Cloud computing introduces new opportunities and new challenges. One of those challenges is how security is approached in the private cloud. While private cloud can share a lot of security issues with traditional datacenters, there are a number of key issues that set private cloud security apart from how security is done in the traditional datacenter. In this session, Dr. Tom Shinder and Yuri Diogenes discusses these issues and wrap them in to a comprehensive discussion on private cloud security architecture. By taking an architectural approach to private cloud security, you will be able to understand the critical concepts, principles and patterns that drive a successful security implementation of private cloud. Read more
WSV320: Understanding and Deploying Hosted Private Cloud: Concepts and Implementation Speaker(s): Joshua Adams, Tom Shinder, Yuri Diogenes Wednesday, June 13 at 5:00 PM - 6:15 PM Windows Server | Breakout Session | 300 – Advanced
The Hosted Private Cloud is a new deployment model that enables an exceptional level of mobility and availability for your private cloud deployments. However, to get the most out of a Hosted Private Cloud solution, you need to understand the core concepts that drive a successful Hosted Private Cloud deployment and then understand what you need to do to implement the solution. In this talk, Dr. Tom Shinder and Yuri Diogenes discuss key Hosted Private Cloud Concepts and then demonstrate critical steps in implementing a hosted Private cloud. Demos show you how to evaluate the Hosted Private Cloud environment and how to configure and validate your Hosted Private Cloud configuration. Read more
Presentations at COMTEC (Fortaleza, Brazil) More information (in Portuguese) here.
Well, besides having to prepare all those presentations, I’m busy updating our Private Cloud documentation and getting things ready for our next milestone (RC). Our From End to Edge and Beyond book is moving pretty smoothly this month we should finish chapter 4. This week I passed the CompTIA Advanced Security Practitioner (CASP) Certification and I truly recommend you to take this one, probably it was the second most difficult exam that I’ve taken (first one was CISSP) but the overall experience of studying and taking the exam were great . Last couple of days I also attended the TakeDownCon here in Dallas and again it was a great conference, thumbs up!
Last but not least, we recorded Episode 19 of From End to Edge and Beyond with Richard Hicks talking about Direct Access on Windows 8, this episode should be live either Friday (5/11) or Monday (5/14), meanwhile visit all other episodes at http://aka.ms/FEEAB
First I would like to thank you all for attending the DFW IT PRO Meeting yesterday (May 3rd) at Microsoft Las Colinas here in Irving, Texas. During our presentation we discussed the Concepts and Implementation of a Private Cloud Infrastructure using Windows Server 2012. As we said, the documentation to build your cloud infrastructure using Windows Server “8” Beta is already available at TechNet. You can read more about this documentation here. Many of you also said that never heard about the TechNet Wiki but do support the community based content. I would like you to read this post to better understand what the TechNet Wiki is all about.
Thanks again for your time yesterday and I hope to see you all again soon!
Today ISSA released the ISSA Journal May 2012 issue featuring one article written by me and Tom Shinder.
If you are ISSA Member make sure to logon here and access the whole content of this issue. If you want to read our article you can access here.
We hope you enjoy !
If you were at Share Cloud Dallas last month in our presentation about Private Cloud Security you probably remember one topic that we discussed called “Cloud Security Challenges Secondary to Cloud Essential Characteristics”. This series of post that I’m going to write (at least one per week) will explain how Private Cloud with System Center 2012 can assist you to address those concerns.
Cloud Security Challenge 1 – Resource Pooling
Problem Statement as described in the Private Cloud Security Paper: As the consumer (tenant) of the services offered by a private cloud in my enterprise, I want to be sure that the data in my application is secure, that no-on else can access it, and that it is safe if something untoward occurs.
How System Center 2012 can assist you with this Challenge?
System Center 2012 Role-Based Access Control and User Role features can assist you with that. Partitioning and Role Based Access Control (RBAC) also applies to your administrators, who should not have automatic access to tenant data. In the case where an administrator does require access to tenant data, then that access must be carefully audited.
With the User Role Wizard you can even customize the user role for that particular cloud as shown below:
When creating a User Role you can also determine the scope for the User, in other words, which Cloud that user (or users) will be able to perform those pre-defined actions:
For a full demonstration on how to perform those actions use the video below (skip to minute 33:03):
If you are part of the DFW IT PRO Group, make sure to add to your calendar our presentation “Understanding and Deploying Hosted Private Cloud: Concepts & Implementation”. More information here:
See you there!