Microsoft Defender ATP’s diary: From a SecAdmin’s Perspective

This blog post is an introduction of a series of blogs to cover the game changing risk-based approach Microsoft Defender ATP offers to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.

As mentioned in “The evolution of Microsoft Threat Protection” by Debraj Ghosh, PM of Microsoft Threat Protection, security comes
in general with two responsibilities: 1) Security Operations (SecOps) and 2) Security Administrations (SecAdmins).

SecOps act by incident response via a centralized alert view and powerful hunting capabilities enabling ad-hoc investigations.

SecAdmins will gain the visibility, control, and guidance necessary to understand and act on the threats currently impacting their organization, as well as information on past and future threats.

In this series of blogs I will focus exclusively on the responsibility of a SecAdmin and all aspects that Microsoft Defender ATP has to offer in regards. Therefore we kick off this serie starting with Configuration Management and Threat & Vulnerability Management.

Continue reading “Microsoft Defender ATP’s diary: From a SecAdmin’s Perspective”

Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.

image

In case you missed it, Microsoft recently announced the Microsoft Intune Company Portal app for iOS will be updated. Why this might be important to you?

Why updating?

As Apple releases new versions of iOS, they release new functionality, so there is a lack of functionality available on older iOS versions. Ending support for these older versions and encouraging end users to upgrade leads to a better end-user experience and allows us to prioritize the release new functionality for customers. This adjustment to support iOS 8.0 and later brings the iOS Company Portal app into alignment with the version support of the Office apps and many other Microsoft (and non-Microsoft) apps

Continue reading “Important! Updated Microsoft Intune Company Portal app for iOS supports only iOS 8.0 or higher.”

Intune Extensions install process improved /w April Service Update

Last week Microsoft updated their Intune cloud services with the April service update. This April service update (5.0.5118.0) introduces a lot of new features which were recently announced by the Microsoft Intune team. More details on this can be found here.

image

Most of you are familiar with the fact it can take up to 24-hours until the Intune extensions finally comes down in your Configuration Manager 2012 R2 instance. Initially there is no method for forcing the extensions to come down. Especially working with customers engagements (proof of concepts) it is very annoying to have to wait a day before you can enable these extensions.

The Microsoft Intune Product Team did a great job to speed up this process, which comes with the April update. The time it takes when Intune extensions comes down into your Configuration Manager 2012 R2 instance is significantly improved. By shorten the interval at the backend new tenants should be able to see extensions within 10 mins after connector role has been setup successfully. For the extensions published after installation, it is up to 6 hours.

Continue reading “Intune Extensions install process improved /w April Service Update”

Troubleshooting Microsoft (Windows) Intune Extensions

Most of you are problably aware of Microsoft (Windows) Intune extensions and using them briefly without any issue(s). New extensions becomes automatically available through the Microsoft Intune connector and new updates are merged or installed to introduce new features taking benefits of the Microsoft Intune cloud services platform.

So far so good…but if you’ve bad luck extensions comes partly down or becomes not available at all to your Configuration Manager instance! Unfortunately there is no way to force a trigger of the tenant discovery process and thus the installation of Microsoft Intune extensions. In normal circumstances it will take up to 24 hours after registering your Intune subscription untill the Intune extensions comes down to your Configuration Manager instance. This pitty if you would speed up the process of installing new deployments or you’re in a disaster recovery scenario. Hereby some guidelines for troubleshooting Microsoft Intune extensions, logs locations(s), Certificate Thumbprint ID, SQL query and validating the connectivity with Microsoft Intune.

Continue reading “Troubleshooting Microsoft (Windows) Intune Extensions”

iOS 8 Support for System Center 2012 R2 Configuration Manager

Just drop you a quick line support for iOS 8 is now available for System Center 2012 R2 Configuration Manager! Support for iOS 8 on System Center 2012 R2 Configuration Manager was announced recently by the Configuration Manager Team but finally comes down to your Configuration Manager instance.

Standalone Windows Intune was already supporting iOS 8 from day 0 when iOS 8 was released on September 17, 2014.

image

Continue reading “iOS 8 Support for System Center 2012 R2 Configuration Manager”

Forefront Unified Access Gateway 2010 Service Pack 2 is available for download

Microsoft has recently released Microsoft Forefront UAG 2010 Service Pack 2 which is available for download from the Microsoft Download Center, as an upgrade from UAG Service Pack 1 Update 1. Besides improved support for Microsoft SharePoint 2010, Active Directory Federation Services 2.0 and mobile device supoort (Windows Phone 7.5, iOS 5.x, Andriod) with this service pack 25 issues are solved in Forefront UAG 2010.

Here are some details about what is included in Service Pack 2 for UAG 2010:

  • Improved SharePoint 2010 support

    Forefront UAG 2010 SP2 enables users to authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.

  • Improved Active Directory Federation Services (AD FS) 2.0 support

    You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled.

    • AD FS Multi-Namespace support: Multi-namespace support with AD FS 2.0 enables you to use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server sts.contoso.com. In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG.
    • Use the AD FS Proxy to publish the AD FS 2.0 Server: The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices.
    • Enable complex topologies: For example, by using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site
  • Added client devices

    Forefront UAG 2010 SP2 enables users to connect with the following mobile devices:

    • Windows Phone 7.5
    • iOS 5.x on iPad and iPhone
    • Android 4.x on tablets and phones
  • Updated support for UAG’s endpoint detection capabilities
  • Fixes included in UAG SP2

Download the Forefront Unified Access Gateway (UAG) 2010 Service Pack 2 package now, and learn more about UAG SP2 by visiting our TechNet Library.