If you had a chance to go to TechED US this year and you were one of the 300+ attendees that watched one of our presentations I would like to thank you for stop by and choose our session. There are so many things going on at the same time at TechED that we know how hard it is to pick up the right session, therefore we truly appreciate your time. For the ones that didn’t go to TechED or didn’t go to our presentations but want to watch, here are the on demand version:
Understanding and Deploying Hosted Private Cloud: Concepts and Implementation Date: June 13, 2012 from 5:00PM to 6:15PM Day 3 WSV320 Speakers: Tom Shinder, Yuri Diogenes and Joshua Adams
Slides / WMV File
Private Cloud Security Architecture: A Solution for Private Cloud Security Date: June 12, 2012 from 1:30PM to 2:45PM Day 2 AAP306 Speakers: Tom Shinder, Yuri Diogenes
Again thanks a lot for your time and for you that didn’t see the presentation yet I hope you enjoy!
What about getting a FREE gift one week prior to TechEd North America? That’s right, today Microsoft Press released the “Introducing Windows Server 2012” eBook:
Me and my friend Tom Shinder wrote a side bar for this eBook, starting on page 77:
…and finishing on page 79:
I would like to thank Microsoft Press and the author Mitch Tulloch for having us on this project. It was great to participate reviewing chapter 2.
Go ahead and download the eBook from here or you can order the hard copy from here.
Today Microsoft announced the availability of Windows 8 Release Preview as well as Windows Server 2012 Release Candidate. But what I really would like to point it out is the new Documentation around Security Features that we are releasing for this milestone. Check it out this list:
Access it from here: http://technet.microsoft.com/en-us/library/hh832031 and also make sure to check it out the Windows Server 2012 Release Candidate documentation for Server Roles and Technologies at Microsoft TechNet Library.
Explore, test it and make sure to leave your feedback!
Yesterday me and Tom had a chance to participate in the May meeting of NAISG (National Information Security Group) - Dallas Chapter and we delivered a presentation about Private Cloud Security. First I would like to thanks NAISG Dallas for having us and also to all Security Professionals that were there.
The presentation that we delivered is available here.
Besides the sessions that I will co-present with my friend Tom Shinder at TechED North America 2012, we will also be signing our books at the Microsoft Press booth on Tuesday, June 12th at 3pm and on Wednesday, June 13th at 10:30 AM at Server and Cloud Division Information Experience Booth. If you have a copy of one of our books, bring it and will be glad to sign. If you don’t have it, use the discount code below to get 40% off on your printed version for those books:
We hope to see you there !
Often the question that comes up during my presentations or while talking with customers is: why should I move to a private cloud? Instead of answering this question, we usually show the “evolution of the data center” and how the traditional operational mode that was done in the past is not effective for today’s needs.
If you look the benefits of each one, it will be easy to notice that the Private Cloud (in this case using IaaS as example) has much more advantages, better scalability and it’s more efficient for the current business needs. If you are still not sure about that, one easy way to find out if your company is ready or not to make this move, is to use the the Microsoft Customer Assessment Tool for Private Cloud.
In four steps this tool will assist you to make a decision about moving to a private cloud or not. This is done by leveraging your knowledge about your business needs, company’s goals and the plan to achieve those goals. It is very worth to take a look on this tool if you are unsure about this move.
I hope you all are doing fine, I’m pretty busy with many projects these days, but want to give you a quick update about my engagements for the next three months.
Presentation: Private Cloud Security Location: National Information Security Group - Dallas Chapter More information at: http://dallas.naisg.org/meetings.asp
Presentations at TechED North America 2012:
AAP306: Private Cloud Security Architecture: A Solution for Private Cloud Security Speaker(s): Tom Shinder, Yuri Diogenes Tuesday, June 12 at 1:30 PM - 2:45 PM Architecture & Practices | Breakout Session | 300 - Advanced
Cloud computing introduces new opportunities and new challenges. One of those challenges is how security is approached in the private cloud. While private cloud can share a lot of security issues with traditional datacenters, there are a number of key issues that set private cloud security apart from how security is done in the traditional datacenter. In this session, Dr. Tom Shinder and Yuri Diogenes discusses these issues and wrap them in to a comprehensive discussion on private cloud security architecture. By taking an architectural approach to private cloud security, you will be able to understand the critical concepts, principles and patterns that drive a successful security implementation of private cloud. Read more
WSV320: Understanding and Deploying Hosted Private Cloud: Concepts and Implementation Speaker(s): Joshua Adams, Tom Shinder, Yuri Diogenes Wednesday, June 13 at 5:00 PM - 6:15 PM Windows Server | Breakout Session | 300 – Advanced
The Hosted Private Cloud is a new deployment model that enables an exceptional level of mobility and availability for your private cloud deployments. However, to get the most out of a Hosted Private Cloud solution, you need to understand the core concepts that drive a successful Hosted Private Cloud deployment and then understand what you need to do to implement the solution. In this talk, Dr. Tom Shinder and Yuri Diogenes discuss key Hosted Private Cloud Concepts and then demonstrate critical steps in implementing a hosted Private cloud. Demos show you how to evaluate the Hosted Private Cloud environment and how to configure and validate your Hosted Private Cloud configuration. Read more
Presentations at COMTEC (Fortaleza, Brazil) More information (in Portuguese) here.
Well, besides having to prepare all those presentations, I’m busy updating our Private Cloud documentation and getting things ready for our next milestone (RC). Our From End to Edge and Beyond book is moving pretty smoothly this month we should finish chapter 4. This week I passed the CompTIA Advanced Security Practitioner (CASP) Certification and I truly recommend you to take this one, probably it was the second most difficult exam that I’ve taken (first one was CISSP) but the overall experience of studying and taking the exam were great . Last couple of days I also attended the TakeDownCon here in Dallas and again it was a great conference, thumbs up!
Last but not least, we recorded Episode 19 of From End to Edge and Beyond with Richard Hicks talking about Direct Access on Windows 8, this episode should be live either Friday (5/11) or Monday (5/14), meanwhile visit all other episodes at http://aka.ms/FEEAB
First I would like to thank you all for attending the DFW IT PRO Meeting yesterday (May 3rd) at Microsoft Las Colinas here in Irving, Texas. During our presentation we discussed the Concepts and Implementation of a Private Cloud Infrastructure using Windows Server 2012. As we said, the documentation to build your cloud infrastructure using Windows Server “8” Beta is already available at TechNet. You can read more about this documentation here. Many of you also said that never heard about the TechNet Wiki but do support the community based content. I would like you to read this post to better understand what the TechNet Wiki is all about.
Thanks again for your time yesterday and I hope to see you all again soon!
Today ISSA released the ISSA Journal May 2012 issue featuring one article written by me and Tom Shinder.
If you are ISSA Member make sure to logon here and access the whole content of this issue. If you want to read our article you can access here.
We hope you enjoy !
If you were at Share Cloud Dallas last month in our presentation about Private Cloud Security you probably remember one topic that we discussed called “Cloud Security Challenges Secondary to Cloud Essential Characteristics”. This series of post that I’m going to write (at least one per week) will explain how Private Cloud with System Center 2012 can assist you to address those concerns.
Cloud Security Challenge 1 – Resource Pooling
Problem Statement as described in the Private Cloud Security Paper: As the consumer (tenant) of the services offered by a private cloud in my enterprise, I want to be sure that the data in my application is secure, that no-on else can access it, and that it is safe if something untoward occurs.
How System Center 2012 can assist you with this Challenge?
System Center 2012 Role-Based Access Control and User Role features can assist you with that. Partitioning and Role Based Access Control (RBAC) also applies to your administrators, who should not have automatic access to tenant data. In the case where an administrator does require access to tenant data, then that access must be carefully audited.
With the User Role Wizard you can even customize the user role for that particular cloud as shown below:
When creating a User Role you can also determine the scope for the User, in other words, which Cloud that user (or users) will be able to perform those pre-defined actions:
For a full demonstration on how to perform those actions use the video below (skip to minute 33:03):
If you are part of the DFW IT PRO Group, make sure to add to your calendar our presentation “Understanding and Deploying Hosted Private Cloud: Concepts & Implementation”. More information here:
See you there!
I’m going to try to give you some updates about how our new book (announced here) is coming along. This month we started handing over some chapters to Syngress and we are really excited with this project. We are using the same formula that we used in our previous books, in other words, we split the chapter in two parts and each one write half of the chapter. This gives us the opportunity to write every single chapter, equally split the work and leverage our areas of expertise within the technology. There are two recent news that I would like to echo here: as announced today by Richard Hicks his blog, he will be the Technical Reviewer for this book and as we known Richard for a long time we are very pleased to have him onboard to help us on this project. As I announced last Saturday (via Twitter – see below), Syngrees will be handing over to us the draft book cover and we will be showing it during our sessions at TechED US in June. I hope to see you there !
My last post was 18 days ago when I talked about the Cloud Infrastructure using Windows Server “8” Beta. On the same token I would like to let you know that soon (probably in the next couple of days) we will release Episode 17 of From End to Edge and Beyond where we interviewed Josh Adams. Josh will talk about this document that we wrote and will demonstrate how to build a cloud infrastructure using Windows Server “8” Beta.
Stay tune in this channel!
Since we are talking about cloud, yesterday me and Tom Shinder delivered a presentation at Share Cloud Dallas about Private Cloud Security. We had a great time not only presenting but also networking with other IT PROs from DFW area.
You can download the presentation from here and you can access the Private Cloud Blog for more information about some of the scenarios that we discussed during this session.
As my friend Tom Shinder recently announced on his blog, he is leading the Private Cloud initiative and one of the projects that we are working together is the Cloud Infrastructure with Windows Server “8” Beta. You can find these technical scenarios in the Windows Server “8” Beta page in the location shown below:
…or you can directly access the Building Your Cloud Infrastructure scenario from here.
Stay tuned for more exciting stuff about Windows Server “8” Beta at Windows Server Blog.
One year ago we were launching the video below where I talk about the TechNet Wiki:
Lots of things happened throughout this one year and the TechNet Wiki platform got even stronger than it was. A great example of that is the recent publication of an article related to Windows Server “8” Beta directly from product team. This really shows the commitment that Microsoft has with this platform. In order to assist you to evangelize others IT PROs/DEVs on how to use this platform, I’m making available a slide deck that I used in many events where I want to call for engagement on this platform, download the deck from here. I would like also to congratulate the Brazilian community for growing from a couple of hundred articles to more one thousand articles in nine months period. Great job guys!
Other important links:
Let’s keep up the great work and evangelize others to use the platform!
Today we released the first WSUS on Windows Server “8” Beta blog post at WSUS CSS Team Blog. This post focus on the WSUS Role installation on Windows Server “8” Beta using the new Server Manager experience. Make sure to stop by the link below and review the article:
There you will also find links to the WSUS on Windows Server “8” Beta TechNet Library page. There are plans to release more blog posts and the next one will be about WSUS role installation using PowerShell.
Stay tuned to the Windows Server Blog for future announcements related to Windows Server “8” Beta !
What a great way to start a leap day and see that lots of hours of hard work are now available to public consumption: Windows Server “8” Beta is available for download here. The new Windows Server “8” Beta page at TechNet Library was also launched:
In this page you will find tons of information about this release, such as the new WSUS, enhancements in Security and Protection, enhancements and new networking features, Active Directory Rights Management Services and much more.
Go ahead and start download Windows Server “8” Beta, play with it, connect with others to discuss about this release and give your feedback.
Hello folks, a quick post here just to let you know that me and my friend Tom Shinder will be presenting at TechEd US (in Orlando) and TechEd Europe (in Amsterdam). We will deliver the same session in both events, which is Understanding and Deploying Hosted Cloud: Concepts and Implementation. We will also use this opportunity to network with the IT PRO / SEC Community and record an episode for our Security Talk Show (From End to Edge and Beyond) with your participate, so I really hope to see you there !
Here it is why you can’t miss TechED 2012.
Recently I saw this thread on the TMG Forum and found it very interesting as it was quiet easy to repro. Yesterday Microsoft released a signature update that address this issue. The problem that TMG’s administrators were facing is documented here:
Make sure to go to TMG Update Center and force an update (in case Malware Inspection is not showing as 1.119.1988.0). If it is higher than that you should be fine as shown below:
Today I received an email from a friend with the subject: Remove my photo from FACEBOOK. On the body of the email it says:
“Hey, who gave you permission to post my photo at Facebook??? Be aware that I didn’t like that and I would like you to remove ASAP. Are you playing around with me?”
Under this paragraph a link pretending to be to the Facebook picture. Here it is the original email (in Portuguese):
Well, when I saw that I knew it was fake e-mail (a typical social engineering e-mail) and I also knew that if I wait a little bit, probably Hotmail will be redirecting this to my Junk Mail. But I was curious to understand what this was about, so I copied the URL to a lab environment that I have (isolated from my production network).
I configured my TMG’s live logging to watch the particular client where I was doing the test and here it is what I saw:
1. A redirect from the short URL:
2. Another redirect from the target (notice my friend’s email address is on the GET Request:
3. Right after that this is what I see on my client workstation:
4. Immediately FEP 2010 opened the window below on the client workstation:
5. When I clicked show details this is what I got:
A severe threat (Trojan) that was trying to land into my system. I was luck to have FEP 2010 fully updated and ready to mitigate such risk, however some users might not have that.
What about your friend?
The best thing you can do if you believe your friend is sending compromised content (probably because he was compromised) is to take an action to inform Hotmail that this happened. From Hotmail web interface you can flag that message saying that your friend was hacked:
…or you can also send the message to Junk folder and flag that your friend was hacked:
Keep yourself and your friends safe!
Me and my friend Tom Shinder, along with John Weston will be speaking at Shared Cloud Dallas 2012 in March. Me and Tom will share the stage to talk about Private Cloud Security and we will also use this opportunity to record an special edition of our Security Talk Show – From End to Edge and Beyond. If you are going to attend to this event, come meet us and chat about Private Cloud Security. We will also give away some Forefront books during our presentation.
See you there !
You might not have noticed but this month (last January 10th) ISA Server 2006 Mainstream Support ended as shown in the table below:
The question that you might have is: what about this extended support that goes until January 2017? Extended support means the following:
The Extended Support phase follows Mainstream Support for Business and Developer products. At the supported service pack level, Extended Support includes:
Better to start planning your migration as part of your new year’s resolution.
Yesterday we released a new version of the Private Cloud Security Hub at TechNet Wiki, you can access it from here:
The good news with this release is that you can also access the full set of DOCs (3) that corresponds to those TechNet Wiki articles from one single place. That’s right, we compiled everything in a single ZIP file that you can download from here:
These papers will guide you through the design of private cloud security, the understanding of the security blueprint and the secure service operation of a private cloud. Feel free to leave your comments and feedbacks, they are very important to us.
Today we have some new KB Articles published for Forefront TMG 2010. If you are experience any of those issues, make sure to read these articles and apply the new update called Rollup 1 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 2 . All articles are available at http://support.microsoft.com/kb/2649961
Me and my great friend Tom Shinder are very pleased to announce that we signed a contract with Syngress to write our next book, which will be about Windows 8 Security. This is our greatest project for 2012 and we are very excited about this new partnership with Syngress. If you take a look on Syngress’s website you will see that their infosec portfolio cover many areas such as:
Note: you will also find in one of these pages the book that our friend Tim “Thor” Mullen wrote (watch Episode 10 for more details).
While we can’t reveal too many details about what we will cover in this book, you can definitely expect broad and deep coverage of many security features that are coming with Windows 8 as well as Cloud implementations.
Stay tune also on Tom’s blog, he will bring some more details about the project.