Category: Hybrid

Certificate-based authentication is generally available!

Microsoft announced today at Ignite 2022 that Certificate-Based Authentication is officially out of preview and ready to use! Why CBA was created? “In May of 2021, the President issued Executive Order 14028, Improving the Nation’s Cybersecurity calling for the Federal Government to modernize…

Continue Reading Certificate-based authentication is generally available!

Conditional access and authentication strength (preview)

First I wanted to mention the link problems inside Azure Portals. For a while and for some people portal.azure.com didn’t show the Authentication strengths in their portal, this has now been fixed in normal Azure portal. Entra portal on the…

Continue Reading Conditional access and authentication strength (preview)

Defender for Cloud security alerts

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

Azure MFA migration tool and how to setup MFA NPS extension

Well, this is nice. Microsoft has released a migration tool to get rid of your On-premises MFA server. Scenarios Moving the registered MFA phone numbers is only part of the migration from MFA Server to Azure AD Multi-Factor Authentication. The…

Continue Reading Azure MFA migration tool and how to setup MFA NPS extension

Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

And onward to the next section in my SC-100 study guide: Note: includes hybrid and multi-cloud scenarios! Design a strategy for access to cloud resources Recommend an identity store (tenants, B2B, B2C, hybrid) Recommend an authentication strategy Recommend an authorization…

Continue Reading Section 3 – Design a Zero Trust strategy and architecture – Design an identity security strategy

Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture

The first section for SC-100 study will contain: Identify the integration points in an architecture by using Microsoft Cybersecurity Reference Architecture (MCRA) Translate business goals into security requirements Translate security requirements into technical capabilities, including security services, security products, and…

Continue Reading Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture

Microsoft Entra Permissions Management

Entra has combined three existing solutions under entra.microsoft.com: Azure Active Directory (Azure AD)  Multicloud identity and access management solution with integrated security.  Microsoft Entra Permissions Management​  One unified model to manage permissions ​of any identity across any cloud.  Microsoft Entra Verified ID​ …

Continue Reading Microsoft Entra Permissions Management

Section 13 – Secure data and applications – Configure security for storage

Configure access control for storage accounts Configure storage account access keys Configure Azure AD authentication for Azure Storage and Azure Files Different Storage Accounts types The Azure Storage platform includes the following data services: Azure Blobs A massively scalable object…

Continue Reading Section 13 – Secure data and applications – Configure security for storage

Azure AD connect version 2.1.1.0 released with bugfixes

Microsoft has released an updated version of AAD Connect om 24th of March and it isn’t available for auto upgrade. Retirement of AAD Connect versions On August 31, 2022, all 1.x versions of Azure AD Connect will be retired because…

Continue Reading Azure AD connect version 2.1.1.0 released with bugfixes

Section 4 – Implement an Identity Management Solution – Implement and manage hybrid identity – AADC, Cloud Sync and PHS

And to the next section from SC-300 study guide, now covering: implement and manage Azure Active Directory Connect (AADC) implement and manage Azure AD Connect cloud sync implement and manage Password Hash Synchronization (PHS) Implement and manage Azure Active Directory…

Continue Reading Section 4 – Implement an Identity Management Solution – Implement and manage hybrid identity – AADC, Cloud Sync and PHS