30. June 2016 15:06
Azure . Security
Operations Management Suite (OMS) is Microsoft's cloud based IT management
solution that helps you manage and protect your on-premises and cloud
infrastructure. Explore the OMS
Security and Audit dashboard, security domains, and common security queries
then get step-by-step guidance on how to leverage OMS to proactively and
Want more information on OMS? See the Operations Management Suite overview.
22. June 2016 08:06
Virtual machine disks – now with Premium Storage
Customers now have the option to select Azure Premium Storage when provisioning DS-series virtual machines through PowerShell
and the Azure CLI. Premium Storage provides high-performance,
low-latency disk support for virtual machines running I/O-intensive
workloads. VM disks using Premium Storage store data on solid state
drives (SSDs), providing improved performance for the most demanding
applications. More information about this functionality is available here
. Expanded virtual machine image support
In addition to Premium Storage, Azure Government has also been expanded
to include a number of pre-configured VM images. With these images,
customers can quickly provision a VM running pre-installed and
configured software. In addition to the existing VM image portfolio
available today, provisioning of the following image types can be accomplished immediately:
- Windows Server Remote Desktop Session Host on Windows Server 2012 R2
- Windows Server Remote Desktop Session Host with Microsoft Office 365 ProPlus
- SharePoint Server 2016 Trial
- Visual Studio Enterprise 2015 Update 2 with Azure SDK 2.9 on Windows Server 2012 R2
are excited to share these additions. To keep up with the latest Azure
Government news or provide feedback, please follow the Azure Government blog! We look forward to continuing to expand Microsoft Azure Government!
Read more here...
15. June 2016 09:06
Azure . Security
We are very happy to announce today the release of the Azure Security Information site on Azure.com!
The Azure Security Information site is intended to be your one-stop shop for getting information about Azure security services, technologies, and features. In addition to this, we have information about security architecture, best practices and patterns, security in industry verticals, and an array of other security resources.
Prior to this site, you would have had to poke around in the Azure documentation to piece this information together for yourselves.
Since we're talking about security, here's a reminder of some of the other key sites related to Microsoft cloud security:
- Ability to update privacy type—When you create an Office 365 group, users have two privacy options: public (anyone within your organization can access the group’s content) and private (only approved members can access the group’s content). This update enables group owners to change the privacy setting from public to private or vice versa by editing the group properties in Outlook on the web. Administrators can also leverage the Set-UnifiedGroup cmdlets to change the privacy type. Read “Make Office 365 groups public or private” for more information.
Easily edit a group’s privacy setting.
- Multi-domain support—Larger organizations use separate email domains to reflect different parts of their businesses. Office 365 groups that are created by users in one domain will share that domain (as opposed to using a common domain across the tenant). Administrators now also have control to create groups in specific domains of their choosing. Read “Multi-domain support for Office 365 Groups” for more information.
- Guidance to configure Office 365 Groups with on-premises Exchange mailbox users—If you’ve configured a hybrid deployment between your on-premises Exchange organization and Office 365, you can make groups created in Office 365 available to your on-premises users by following the steps outlined in “Configure Office 365 Groups with on-premises Exchange hybrid.”
- Allow users to send as the Office 365 group—If you want to enable your group’s shared mailbox to “Send As,” you can now use the PowerShell cmdlets to configure this. Once you enable this setting, your Office 365 group users can use Outlook or Outlook on the web to send and reply to email as the Office 365 group. Users can go to the group, create a new email and change the “Send As” field to the group’s email address. See “Use PowerShell to manage Office 365 Groups” for more information.
Read more here...
Gartner released their Magic Quadrant for Identity and Access Management as a Service
(IDaaS) for 2016 and Azure Active Directory was placed in the “leaders” quadrant, and positioned very strongly for our completeness of vision.
Read more, and get access to the Gartner report here
2. June 2016 21:06
Blob storage accounts are specialized storage accounts for storing your
unstructured data as blobs (objects) in Azure Storage. With Blob storage
accounts, you can now choose between hot and cool storage access tiers.
And you can switch between hot and cool access tiers any time with a
quick toggle from the Azure portal. The latency for Blob storage
accounts (hot and cool) is in the milliseconds and the scalability and
performance targets are the same as general-purpose storage
accounts. Read more details in the Azure Blob storage documentation
Best practices for using the Azure Blob storage accounts with StorSimple:
set the access tier to hot. Keep the access tier set to hot until any
initial data migrations are complete and the account has a significant
amount of infrequently accessed data. Then consider switching to cool.
your existing usage pattern to determine whether you will benefit from
using a cool storage account. To learn how Azure Storage metrics can
help you to understand your storage usage pattern, click here.
that involve a lot of cloud data access, such as using the StorSimple
Cloud Appliance for dev/test or research, are better suited for hot
- If you expect to clone data often you should choose hot storage.
Read more here..
2. June 2016 21:06
Azure AD Identity Protection has been generating a TON of customer
interest, especially with recent news about hackers selling huge lists
of leaked user credentials. So today Azure AD Identity Protection has just turned on support for federated
identities. This means that our largest customer, most of who use Active
Directory Federation Server with Azure AD, can now get the benefit of
this powerful security service.
Identity Protection detects risk events involving identities in an
Azure Active Directory that indicate that the identities may have been
compromised. For details on risk detection, see Types of risk events detected by Azure Active Directory Identity Protection.
What’s new: Starting today, all of Identity
Protection’s risk event types will be covered for federated identities!
Now you can tell if botnet infections, TOR networks, or location
anomalies are present in your federated sign-ins. [Note that leaked
credentials detection requires that you have enabled password hash sync in your federated tenant.]
Read more here...
25. May 2016 10:05
Azure . Security
Recent news about the 167 million accounts and passwords for LinkedIn that have been put up for sale on the dark web has scared a lot of people - hopefully, you have reset your password by now. Of course, this is just the latest in a long history of accounts being leaked and potentially used for nefarious purposes. What was interesting about this latest breach is that one organization has managed to crack about 117 million of those passwords because users were using weak, easily guessable passwords.
Microsoft is taking action on this problem of users electing to use weak passwords by dynamically blocking those types of passwords for Microsoft Accounts (aka Live IDs). Microsoft has been securing these accounts for years and sees millions of attacks on these accounts every day. Leveraging this experience, machine learning and the compute resources of Azure, we have the ability to solve some of these issues.
Please review this Active Directory Team Blog post
to learn about some interesting statistics, some research we've done on the problem and the solutions we are implementing to protect consumers and customers.
At the Citrix Synergy event in Las Vegas today, there were several exciting announcements about how Microsoft and Citrix are partnering together to accelerate Windows 10 and Office 365 adoption.
- Citrix will leverage Azure to provide a Windows 10 VDI solution for customers with Windows licensed per user.
- Citrix is updating their mobile applications with the Microsoft Intune SDK so they can be managed by Intune and integrated with Office 365 mobile apps.
- Citrix has announced an updated connector for SCCM, allowing organizations to manage Citrix XenApps applications with a single tool.
- Microsoft and Citrix have partnered to optimize the Skype for Business application for use in XenApp and XenDesktop environments
- Citrix and Microsoft are working together to leverage the Citrix NetScaler solution to provide secure, conditional access to on premises applications through the Intune solution
- Citrix is building capabilities into its mobile apps like support for MFA and self-service password reset
Find out more about how the Microsoft and Citrix partnership continues to grow and provide valuable solutions for our customers. All the details are in this Brad Anderson blog post.