Microsoft Defender Secure Score Recommended Action (RA) – Turn on Safe Attachments in block mode
As part of Microsoft Defender Secure Score's recommended actions, enabling the “Turn on Safe Attachments in block mode” feature is paramount in fortifying your organization's email security. Let's bolster your defense against malicious email attachments and stay ahead...
Microsoft Defender Secure Score Recommended Action (RA) – Create Safe Links policies for email messages
Welcome to my latest blog post! Today, we delve into the world of cybersecurity with a focus on enhancing email security. Specifically, we'll explore the implementation of a crucial Microsoft Defender Secure Score recommended action: 'Create Safe Links policies for...
Microsoft Defender Secure Score Recommended Action (RA) – Enable Microsoft Entra ID Identity Protection sign-in risk policies
Today we configure the Microsoft Defender Secure Score Recommended Action (RA) “Enable Microsoft Entra ID Identity Protection sign-in risk policies". This is a strategic action to battle against unauthorized access and identity breaches. Note: “Recommended action”...
KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932
This Blog Post intends to highlight a “proceed with caution” towards implementation of Microsoft KB5025885 associated with CVE-2023-24932 introduced in April 2024. KB5025885 is not routine and must be acted upon with convincing knowledge of its content and with...
Microsoft Defender Secure Score Recommended Action (RA) – Enable Conditional Access policies to block legacy authentication
This blog post reviews the essential recommended actions provided by Microsoft 365 Defender Secure Score: Enabling Conditional Access policies to block legacy authentication. Legacy authentication methods, often less secure than modern alternatives, can be a weak link...
Advanced Troubleshooting Failed Replacement of Physical Disk Storage Spaces Direct S2D / Azure Stack HCI
Troubleshooting Active Directory Account Lockouts with Lockoutstatus.exe
Hey Checkyourlogs Fans, Today, let's tackle a frustrating issue: recurring user account lockouts. This headache can affect any website or app lacking proper security measures. Recently, we ran into this problem with a fictional user named Dave at one of our clients'...
Troubleshooting Remote Connectivity Using netsh wlan show wlanreport
Hey Checkyourlogs Fans, In the modern landscape of remote work, maintaining seamless connectivity is paramount. However, as anyone grappling with VPN or wireless issues can attest, troubleshooting connectivity problems for remote users can be daunting. Enter netsh...
Real Time Logging using PowerShell (TAIL)
Hey Checkyourlogs Fans, Having the right tools is crucial in server troubleshooting. PowerShell is a go-to for many administrators, offering commands like Get-Content -Tail -Wait, which can be incredibly helpful, especially when monitoring real-time log files....
Microsoft Defender Secure Score Recommended Action (RA) – Ensure all forms of mail forwarding are blocked and/or disabled
In the intricate landscape of organizational cybersecurity, one often overlooked vector for data leakage and unauthorized access is the seemingly innocuous feature of mail forwarding. Microsoft Defender's Secure Score, a dynamic metric designed to evaluate and enhance...
Microsoft Defender Secure Score Recommended Action (RA) – Block users who reached the message limit
Good day security-aware colleagues. There is more on our agendas today than the Solar Eclipse. That being Security. In the realm of cybersecurity, maintaining a robust defensive posture is key to protecting an organization's digital assets. Microsoft Defender's Secure...
Split Brain DNS no problem with PortProxy NAT rules on Windows Servers
Hey Checkyourlogs Fans, In the intricate world of IT troubleshooting, encountering peculiar challenges is par for the course. Recently, I had the opportunity to assist a client grappling with a DNS Split Brain issue – a perplexing dilemma that had plagued their...
Unveiling S2D and Azure Stack HCI Monitoring with PowerShell
Hey Checkyourlogs Fans, Dave Kawula here, thrilled to share an invaluable insight into monitoring S2D (Storage Spaces Direct) and Azure Stack HCI environments. As an operator of these solutions, I understand the challenges of identifying and efficiently...
How to fix Veeam backup error-host is either not a cluster or has its cluster services unavailable
Today I am going to show you how to fix Veeam backup failed and showed host is either not a cluster or has its cluster services unavailable error message.
Bulk Delete SPAM Subscribers from WordPress
Hey Checkyourlogs Fans, Dave Kawula here, dropping in with a quick yet invaluable tip for all of you managing your WordPress sites. Picture this: you're diligently running your blog, pouring your heart and soul into crafting engaging content, only to find your efforts...
Microsoft Defender Secure Score Recommended Action (RA) – Ensure that intelligence for impersonation protection is enabled
Hey there, fellow tech aficionados! Steve here, back with another insightful blog post. Today, we're diving deepinto the realm of Microsoft Defender to explore a crucial recommended action: ensuring that intelligence for impersonation protection is enabled. This...
Introducing Steve Labeau: Navigating Microsoft Defender and Beyond
Greetings, tech enthusiasts! Today marks the beginning of an exciting journey into the world of Microsoft Defender and all things Microsoft Server and Hybrid related. I'm thrilled to kick off my inaugural blog post, sharing insights gained from over 30 years of...
Leveraging the Microsoft Defender Portal for Continuous Security Assessment and Action
In the realm of cybersecurity, vigilance is not just a practice, it's a necessity. For IT professionals charged with safeguarding digital infrastructure, continuous security assessment and action form the bedrock of a robust defense strategy. Enter the Microsoft...
Co-Pilot for Security 1st Look Integration with Microsoft Defender
Hey Checkyourlogs Fans, As we look at the 1st set of integration with our Microsoft Co-Pilot for Security with Defender, we can see a brand new Copilot option in the UI Not only this I’ve noticed now that the Co-Pilot integration happens automatically when reviewing...
Remediating CVE-2024-21404 .NET Denial of Service Vulnerability – Veeam Servers
Hey Checkyoulogs Fans, Today, we are going to look at vulnerability remediation for CVE-2024-21404. This is related to required updates of .Net and ASP.NET Core. This alert is currently tripping on Defender Endpoint with the following: Microsoft has instructions here...
Getting Started with Co-Pilot for Security
Hey Checkyourlogs Fans, Today, we are going to have at Microsoft’s newest flagship offering now in GA called Security for Co-Pilot. I felt that what a better way to celebrate the integration of AI and the Defender Suite than taking it for a test drive. Step 1 – will...
How to Configure Custom Safe Links Policies in Microsoft Defender for Office 365
Safe Links is a feature in Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or ATP) that helps protect your organization from malicious hyperlinks in email messages. When an email contains a hyperlink, Safe Links checks the URL against a list of known malicious links. If the link is safe, the user can access the website normally. However, if the link is malicious, Safe Links blocks access to the website and alerts the user and administrators.
Migrate Physical Machine to Microsoft Failover Cluster
Let’s walk through the steps to perform a Physical to Virtual machine (P2V) conversion using Veeam Backup and Replication (VBR) to migrate a physical server to a Cluster virtual machine.
How to create custom Safe Attachments policies in Microsoft Defender for Office 365
In Microsoft Defender for Office 365, Safe Attachments is a feature that helps protect your organization from malicious email attachments. It automatically scans email attachments for potential threats, such as malware or viruses, before delivering them to recipients’ mailboxes.
How to create a Custom Quarantine Policy in Microsoft Deferent for Office 365
Creating a custom quarantine policy in Microsoft Defender for Office 365 involves configuring advanced threat protection settings to protect your organization’s email environment.
How to use the Microsoft Defender portal to assign Strict preset security policies to users
Strict preset security policies typically refer to predefined rules and guidelines designed to enhance security measures within an organization or system. These policies safeguard sensitive data, prevent unauthorized access, and mitigate potential security threats.
How to use the Microsoft Defender portal to assign Standard preset security policies to users
Microsoft Defender for Office 365 provides preset security policies to help organizations protect their Office 365 environment from various threats. These preset policies are designed to offer baseline protection and can be customized according to the organization’s specific requirements.
Navigating Compliance and Privacy in Microsoft Cloud Services
As the digital transformation accelerates, compliance and privacy have become cornerstones of any IT strategy. With organizations migrating to the cloud at an unprecedented pace, understanding the compliance and privacy aspects of Microsoft Cloud Services is critical....
Understanding the Impact of Artificial Intelligence on Cybersecurity with Microsoft AI
The role of Artificial Intelligence (AI) in cybersecurity has grown exponentially, and Microsoft’s Copilot for Security AI is at the forefront of this technological revolution. As IT professionals, understanding how AI can bolster cybersecurity efforts is paramount....
Microsoft Defender for Office 365-Find the Domain Name of the Trusted ARC Sealers from the Message Header
An email message internet header is a metadata set containing information about the sender, recipient, routing, and delivery of an email. It can help you find the domain name of the trusted ARC sealers. The domain name must match the domain specified in the d value of the ARC-Seal and ARC-Message-Signature headers in affected messages.
Microsoft Defender for Office 365-Configure trusted ARC sealers email authentication for Microsoft 365 Custom domains
Authenticated Received Chain (ARC) is a mechanism used in email authentication protocols to address the issues of message forwarding and intermediary handling of emails. It is designed to improve the reliability and security of email authentication systems like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
Microsoft Defender for Office 365 – Configure DMARC email authentication for Microsoft 365 Custom Domains
Domain-based Message Authentication, Reporting, and Conformance (DMARC) builds upon SPF and DKIM to give domain owners greater control over how recipient servers handle their email messages. With DMARC, domain owners can specify policies instructing recipient servers on how to handle emails that fail SPF or DKIM checks. DMARC also enables domain owners to receive reports on email authentication results, allowing them to monitor and improve their email security posture.
Microsoft Defender for Office 365 – Configure DKIM email authentication for Microsoft 365 Custom domains
DomainKeys Identified Mail (DKIM) allows email senders to sign their outgoing emails digitally using cryptographic signatures. These signatures are stored as DKIM records in the domain’s DNS settings. Recipients’ mail servers can then use these signatures to verify that the email content has not been tampered with and originated from an authorized sender.
Microsoft Defender for Office 365-Configure SPF email authentication for Microsoft 365 domains
Microsoft Defender for Office 365 is a cloud-based email filtering service that helps protect businesses against advanced threats such as phishing and malware in emails, links, and collaboration tools like Microsoft Teams, SharePoint, and OneDrive. Formerly known as Office 365 Advanced Threat Protection (ATP), Microsoft Defender for Office 365 provides several features to enhance the security posture of an organization’s email and collaboration environment.
Exploring the Benefits of Windows Hello for Business in Cybersecurity
As IT professionals, we always look for innovative solutions that can enhance our organization’s cybersecurity posture. One such solution is Windows Hello for Business, a feature that has redefined secure authentication in the enterprise setting. In this blog post, we...
Understanding the Role of Azure Sentinel in Modern Cybersecurity
In today's digital landscape, the proliferation of sophisticated cyber threats has necessitated more advanced and dynamic cybersecurity measures. Microsoft's Azure Sentinel stands at the forefront of this shift, serving as a scalable, cloud-native solution that...
Video: Introducing Windows Autopatch – A Leap Towards Automated Security
Introducing Windows Autopatch - A Leap Towards Automated Security In the dynamic world of IT, patch management may not be the most glamorous task, but it stands as the cornerstone of a robust cybersecurity strategy. As threats evolve and vulnerabilities become...
Optimizing Resource Allocation in Hyper-V Clusters
Resource allocation is at the core of efficient Hyper-V cluster management, dictating virtualized workloads' performance, scalability, and resilience. However, imbalances in resource allocation, encompassing CPU, memory, and storage, can precipitate performance...
Storage Failures in Hyper-V Cluster Management
Within the intricate web of Hyper-V cluster management, storage serves as the lifeblood, facilitating the seamless operation of virtualized workloads. However, the spectre of storage failures looms large, encompassing various issues ranging from disk failures to...
Navigating Network Configuration Challenges in Hyper-V Cluster Management
Network configuration stands as the foundational pillar of any virtualized environment, and this rings especially true in the realm of managing Hyper-V clusters. As organizations increasingly rely on Hyper-V clusters to support their critical workloads, the...
Mastering Cluster Quorum Management in Hyper-V Clusters: Ensuring Resilience and Availability
Cluster quorum serves as the cornerstone of resilience and availability in Hyper-V clusters, governing their ability to sustain operations in the face of node failures. However, the intricacies of quorum configurations present unique challenges, with misconfigurations...
Achieving Flexibility and Scalability: Unlocking the Power of Hybrid Cloud Solutions
In today's rapidly evolving digital landscape, businesses are constantly seeking ways to enhance flexibility and scalability while optimizing their IT infrastructure. Hybrid cloud solutions have emerged as a compelling strategy, offering organizations the ability to...
Leveraging Microsoft Defender for Endpoint Security Tips and Tricks
Everyone working in IT knows cyber threats are constantly evolving, so the need for robust endpoint security cannot be overstated. Microsoft Defender for Endpoint is a leading solution towards accomplishing a robust security strategy, offering an enterprise-grade...
Fix VBR 12.1.1 Backup Configuration Warning Failed to connect to Red Hat Virtualization plug-in…
This is a very interesting warning. I migrated many VBR servers, and it’s the first time I’ve encountered this warning.
The detailed warning message is below:
Warning Failed to connect to Red Hat Virtualization plug-in: Failed to login to platform service: The remote certificate is invalid according to the validation procedure.
How to upgrade to Citrix Virtual Apps 7 2311
Citrix released Virtual Apps 7 2311 on December 20, 2023. I will show you how to upgrade the existing Citrix Virtual Apps servers to Citrix Virtual Apps 7 2311.
CVE-2024-20253 Cisco Unified Communications Products Remote Code Execution Vulnerability
A flaw in some Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to run arbitrary code on a vulnerable device.
If your customers use the products below, Please update the software ASAP.
Resolving Intune Enrollment Issues with Domain-Joined Workstations: A Novel Approach
Navigating the complexities of Microsoft-based platforms, IT professionals frequently encounter challenges in Intune enrollment, particularly with domain-joined workstations. This post aims to provide a clear and detailed solution to these issues, building upon the...
FIX KB5034439 – Failed to install 0x80070643 – January 2024 – CVE-2024-20666
Hey checkyourlogs fans, Earlier this month, it was reported that Windows Server 2022 Security Update KB5034439 was failing. This update was part of patch Tuesday and a fix for a BitLocker encryption bypass that allows users to access encrypted data CVE-2024-20666. If...
CVE-2024-20272 Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability
Cisco Security Advisory was released today about the Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability.
The Evolution of Cybersecurity Insights from Microsoft’s 2023 Digital Defense Report
In the realm of IT, where the only constant is change, Microsoft's 2023 Digital Defense Report emerges as a vital resource, offering a panoramic view of cybersecurity's evolution. In this blog, I’ll distill its insights into actionable strategies for C-suite...
Securing IoT Devices with Azure Sphere A Step-by-Step Approach
Securing devices is a top priority for IT professionals in the Internet of Things (IoT) era. With threats evolving and multiplying, it's essential to employ robust security measures. Azure Sphere from Microsoft is a solution designed to secure IoT devices at every...
How to use QNAP as object storage for Veeam Backup and Replication 12.1 with Immutability Backup
QNAP QuObjects application is free and certificated for objects with immutability, which means you can use it as object storage within Veeam for a backup repository that supports their immutability feature.
The Future of Cybersecurity Predictions Based on Microsoft’s Research
Cybersecurity stands as one of the most pressing concerns for any organization today. With the rapid evolution of technology and an increasing dependence on digital infrastructure, the scope and scale of cyber threats continue to grow. Based on the latest...
Best Practices for Secure Remote Work Using Teams
In the era of remote work, security concerns around collaboration tools have skyrocketed. Microsoft Teams, a cornerstone for many remote work environments, is no exception. As IT pros, we enable and secure the digital workspace. In this blog, I provide a strategic...
Fix Sending e-mail report issue after upgrade to Veeam Backup and Replication 12.1
The email notifications are not working after upgrading from v11 to v12 (v12.1), including sending the test email.
There are warnings on the backup jobs: ” Sending e-mail report Details: The remote certificate is invalid according to the validation procedure. “
Deploying Microsoft Defender for Identity to Protect Against Advanced Threats
In today's threat landscape, advanced and targeted cyberattacks have become the norm rather than the exception. As IT pros, it's imperative to have tools and strategies in place to protect against these sophisticated threats. One such tool is Microsoft Defender for...
Free Workshop: Introducing Winget
I know this isn't much of a blog article, but since Winget is a niche technology, I felt it would help to get the word out about a three-hour workshop I am doing on February 7 for Winget. The high-level agenda is as follows:...
How to Cutover the Client Access namespace to Exchange 2019
To transition the client access namespace to Exchange Server 2019, change the DNS record for the client access namespace to the Exchange Server 2019 environment.
The case of C:\ProgramData\Microsoft\Crypto\SystemKeys blocking upgrade of Windows Server 2016 to 2019
Hey Checkyourlogs Fans, I recently had a case of a stalled Windows upgrade that ended up being caused by a bug in the Manage Engine Desktop Central Distribution Server component. This was a poorly written application creating 3 million+ files in...
MDE and DUO Status Report – #PowerShell #MDE
Hey Checkyourlogs Fans, Today I was asked by a client to verify the deployment of MDE and Cisco DUO in an infrastructure. As many servers are being added and removed, I felt it would be best to run this as a PowerShell Script scheduled Daily. This was an easy script...
Enhancing Your Security Posture with Microsoft Secure Score
Securing your organization's data and infrastructure is paramount in the digital age. As an IT professional, you're on the front lines of this effort, and one of the most effective tools at your disposal is the Microsoft Secure Score. This metric, provided within the...
How to fix Feature S2D is not supported – #AZ800 #AZ801 #S2D #HCI #WindowsServer2022
Hey Checkyourlogs Fans, Today, I was working with one of my students in my Master Storage Spaces Direct class, and they had inadvertently installed Windows Server 2022 Standard into their LAB HCI Nodes. He is currently studying for his AZ800 and AZ801 hybrid Windows...
How to Use Entra ID for Identity and Access Management
The Identity and Access Management (IAM) landscape is constantly evolving, and Microsoft's Entra ID is at the forefront of this transformation. Entra ID, part of the Microsoft Entra suite, is a robust identity and access management solution that IT professionals must...
Automating Security Responses with Power Automate
In the dynamic realm of cybersecurity, rapid response to threats can be the difference between a minor incident and a catastrophic breach. This is where automation becomes a game-changer. Microsoft Power Automate, formerly known as Microsoft Flow, empowers IT...
Troubleshooting Failed to get VM (GUID) config Path WMI empty Result – #Veeam #VeeamVanguard #S2D
Hey Checkyourlogs Fans, Today, I was asked to troubleshoot some failing Veeam Replica jobs for a couple of VMs inside of a 4-node S2D Cluster. The issue presented itself as failing jobs for a couple of VMs giving the following error message: Failed to process...
Fix failed to create website error on installing Veeam Backup Enterprise Manager 12.1 with Microsoft Defender Advanced Threat Protection
When you try to install or upgrade the Veeam Backup Enterprise Manager 12.1, it might fail to create a website, and the error code is 0x80070020.
How to Install Backup for Microsoft 365 v7a
Veeam released the version of Veeam Backup for Microsoft 7a on December 5, 2023. The Cumulative patches contain Veeam Backup and replication v12.1 compatibility and the ability to set email notifications with Google and M365 accounts in Veeam Explorers.
Determining Original OS Install Date – S2D HCI AZHCI
Hey Checkyourlogs Fans, A client recently asked me if we could tell when a couple of S2D HCI Nodes were installed. We are in the process of upgrading and replacing them, but we were wondering about the original install date. This is easy to determine. You can open an...
Find WDS Servers deployed in your infrastructure – #PowerShell
Hey Checkyourlogs Fans, A client asked me today to find rogue WDS Servers serving up PXE offers to clients on subnets. This was interesting because we use WDS quite a bit to re-image Fabric Nodes and S2D/AZHCI nodes. It is entirely possible that one was left running....
How to Install Veeam Backup Enterprise Manager 12.1
Veeam Backup Enterprise Manager is a centralized management and reporting tool designed by Veeam Software for overseeing Veeam Backup & Replication deployments. It allows administrators to control and monitor their backup infrastructure through a web-based...
Veeam Failing back to a previous generation Hyper-V Host new in V12.
Hey Checkyourlogs Fans, One of the little-known feature updates with Veeam V12 was the ability to fail back to an older Hyper-V Host finally. Listed here in the what's new in Veeam V12 document - https://www.veeam.com/veeam_backup_12_0_whats_new_wn.pdf The...
Troubleshooting Veeam and Hyper-V Key Protector could not be unwrapped on Replica Failover
Hey Checkyourlogs Fans, Today I was doing some maintenance and planned failovers using Veeam between a Server 2019 and 2022 S2D Cluster and ran into the following trying to start one of the VM's. The key protector could not be unwrapped. Details are included in the...
How to Install Veeam Backup and Replication Console 12.1
When you install Veeam Backup & Replication v12.1, the Veeam Backup & Replication console 12.1 is automatically installed on the backup server. If you want to remotely access Veeam Backup & Replication v12.1, install the Veeam Backup & Replication console 12.1 on a dedicated machine.
How to Install Veeam Backup and Replication 12.1
When you install Veeam Backup & Replication v12.1, the Veeam Backup & Replication console is automatically installed on the backup server. If you want to access Veeam Backup & Replication remotely, you can install the Veeam Backup & Replication console on a dedicated machine.
How to Install Hyper-V integration services in the ubuntu Linux VM
Today, I will show you how to install Hyper-V integration services in the Ubuntu Linux VM of Hyper-V. If the Hyper-V integration services are not installed, you cannot restore any data from Veeam Backup.
FIX Veeam VBM365 backup with “There is an error in XML document” Error
Veeam Backup for Microsoft 365 has an error in one of the mailboxes. The error message is “There is an error in XML document…The specified type was not recognized: name=’SharingMessage’.
Fix Windows Server 2022 (2019) Recovery partition to prevent C drive extend volume issues
When you try to extend the C drive from the Disk Manager tool but the Extend volume greys out, the recovery partition prevents the C drive from extending the volume.
How to upgrade Veeam Backup for Microsoft 365 to v7a
Veeam released version of Veeam Backup for Microsoft 7a on December 5, 2023. The Cumulative patches contain Veeam Backup and replication v12.1 compatibility and the ability to set email notifications with Google and M365 accounts in Veeam Explorers.
Defender Endpoint Recommendation – Change service executable path to a common protected location
Hey Checkyourlogs Fans, Today, we will look at a Security Recommendation regarding a Service Executable Path not being in a safe location via Microsoft Defender Endpoint. Changing the service executable path to a common protected location is a crucial aspect of...
Fixing ODBC CVE-2023-36730 and more on Veeam Servers #Veeam #Veeam Vanguard
Hey Check Your Logs Fans, Recently, Microsoft Defender Endpoint has identified a bunch of CVEs related to Microsoft ODBC, which is installed on Veeam VBR and Console Servers. These need to be updated, and this post serves as a process to fix the following CVE's: With...
Fixing OLEDB CVE-2023-36417 and more on Veeam Servers
Hey Checkyourlogs Fans, We are continuing with our recent fixes for CVEs released for Veeam Servers. The next one in this series deals with OLEDB versions that can be exploited. We will focus on the latest one in this list as, once again, patching the latest CVE...
Fixing CVE-2023-36558 Veeam Servers #Veeam #VeeamVanguard
Hey Check your logs fans, Today, we will work on new vulnerabilities on some of our Veeam VBR/Veeam One/VBO - Servers. When the product is installed, some .net core dependencies get installed. Like anything on our application servers, these are vulnerable to...
Coming Back Home Migrating away from Mimecast to Native Office 365
We have been a faithful customer of Mimecast for the past 4-5 years, and the experience has been good for us. At the time of our moving to Mimecast, Microsoft didn't have all of the Defender for Office 365 features readily available, and we were getting bombarded with...
How to Upgrade Veeam Backup and Replication with Hardened Repository to v12.1
Veeam Backup & Replication 12.1 is the newer build of version 12, and the major new features and enhancements were added in Veeam Backup & Replication v12.1. e.g. Detect and identify cyber threats, Respond and recover faster from malware, Ensure security and compliance, Veeam App for ServiceNow, Backup of object storage, Veeam CDP enhancements, Veeam AI Assistant, etc.
Using Microsoft’s Cybersecurity Reference Architectures for Your Organization’s Security Strategy
In the constantly evolving world of cybersecurity, developing a robust security strategy is a challenging yet vital task for every organization. Microsoft’s Cybersecurity Reference Architectures provide a valuable framework for creating comprehensive security plans....
Implementing Zero Trust with Microsoft 365 A Practical Guide
Today, I want to delve into a security model that's been garnering a lot of attention: Zero Trust, specifically within the ecosystem of Microsoft 365. Introduction to Zero Trust Zero Trust is not just a buzzword; it's a shift from the traditional "trust but verify"...
CVE-2023-28388 – Intel Chipset Driver Software – Impacting Intel Servers #S2D #Veeam
Hey Checkyourlogs Fans, On November 16th a CVE was issued for Intel Chipset Device Software Version prior to 10.1.19444.8378. Microsoft Defender Endpoint is reporting on this as well and it is immediately advised to update your intel servers....
How to Test the Client Access Namespaces for Exchange 2019 Server
Testing the client access namespaces after configuring them ensures clients can connect to the Exchange Server 2019 services without issues.
Entra Verified ID
Why!? Talking about emerging technologies is tricky because you never know if you are "catching it early" or is it something with very limited shelf life as another solution comes along. I've found the decentralized approach to identity as a potential use case the...
Restore VM Files at Veeam Backup and Replication v12
You can restore VM files (XML, VMCX, VMRS, VMGS, VHD, VHDX) if they become corrupted. This option is an excellent alternative to restoring the entire VM. You can only restore a single VM file.
Secure Restore the Entire VM to the New Location at Veeam Backup and Replication v12
Existing jobs do not need to be updated that process the original/recovered VMs if you restore them to the same host and choose to preserve VM UUIDs. If you configure restore differently and want to process the recovered VMs, you must edit existing jobs or create new ones.
How to configure the Client Access Namespaces for Exchange 2019 Server
Configuring the client access namespaces ensures clients can connect to Exchange Server 2019 using the correct URLs for each service. They help to ensure a smooth user experience and avoid issues such as certificate errors and connection failures.
How to Configure the Autodiscover Services Connection Point (SCP) for Exchange 2019 Server
The Autodiscover service connection point (SCP) provides information to domain-joined Outlook clients on connecting to the Autodiscover service for automatic client configuration.
How to restore the Entire VM to the Original Location with Secure Restore at Veeam Backup and Replication v12
If the original VM fails, you can use Veeam Backup & Replication to restore an entire VM from a backup file to the most recent state or a previous point.
How to Install SSL Certificate for Exchange Server 2019
We can reuse the existing SSL certificate for the new Exchange 2019 server.
How to fix Veeam FLR error -Secondary GPT header LBA 209715199 exceeds the size of the disk (86401630720) at Veeam Backup and replication v12
VBR v12 guest file restore—happen error message is as below:
Secondary GPT header LBA 209715199 exceeds the size of the disk (86401630720)
Agent failed to process method {Mount.GenericMount)
How to Install Exchange Server 2019 Mailbox Role server
The Exchange Server 2019 Mailbox role server manages mailbox databases, which store user mailboxes and public folders. It also manages message transport and performs functions like filtering, antivirus and antispam protection, and content indexing.
How to permanent failover of the virtual machine at Veeam Backup and Replication v12
Permanent failover is one method of completing failover. Permanent failover means permanently switching from the original VM to its replica.
The VM replica ceases to be a replica due to permanent failover and becomes the production VM.
How to prepare Active Directory for deployment Exchange Server 2019
Preparing Active Directory for Exchange Server 2019 involves several important steps to ensure your organization’s environment is ready to support Exchange Server.
How to failback to the specified location of the Production Site at Veeam Backup and Replication v12
For the Failback to the specified location, Veeam Backup & Replication must transfer the entire VM data, including its configuration and virtual disc content. Choose this option if you cannot use the original VM or restore it from a backup.
How to upgrade Citrix NetScaler (ADC) to 14.1
Citrix released the new NetScaler 14.1 build version on September 26, 2023.
I will show you how to upgrade the existing Citrix NetScaler to Citrix NetScaler 14.1.
How to failback to the original virtual machine restored in a different location at Veeam Backup and Replication v12
Because Veeam Backup & Replication only needs to transfer differences between the original/recovered VM and VM replica, the failback to the original virtual machine restored in a different location option helps reduce recovery time and network traffic.
Expanding a 3-Way Mirror Volume in S2D or AZHCI in Depth #S2D #AZHCI #PowerShell
Hey Checkyourlogs Fans, Quick post here: a customer asked me to expand a Virtual Disk inside a 4-node S2D Cluster running Server 2019 today. I thought I had this documented online, but I couldn't find it, so here is a fresh post on how to do this with PowerShell. The...
How to upgrade to Citrix Virtual Apps 7 2308
Citrix released Virtual Apps 7 2308 on September 14,2023.
I will show you how to upgrade the existing Citrix Virtual Apps servers to Citrix Virtual Apps 7 2308.
How to failback to the original virtual machine of the Production Site at Veeam Backup and Replication v12
Failback is returning operations to the primary site after a disaster recovery event. It reverses the failover process by replicating any changes made to the virtual machine during the Failover state back to the primary site and then redirecting users and applications back to the primary site.
How to Migrate Microsoft Entra Connect (Azure AD Connect) to v2
Today, I will show you how to migrate Microsoft Entra Connect (Azure AD Connect) to v2.
How to fix Content Security Policy (CSP) Missing
The Content Security Policy provides a valuable safety net that protects your website from malicious cross-site scripting (XSS) attacks. A well configured policy will stop an attacker attempting to inject their code, or references to other malicious content, into your website. Without a Content Security Policy, it’s easy for website developers to make mistakes that allow an attacker to inject content that changes the way the website behaves.
How to Plan Failover virtual machine to Disaster Recover Site at Veeam Backup and Replication v12
Planned failover is the smooth manual switching from a primary VM to its replica with minor downtime. Planned failover is proper when you know primary VMs are planning to go offline, and you need to switch the workload from the original VMs to their replicas as soon as possible. For example, you can use planned failover to perform data center migration, maintenance, or software upgrades on primary VMs. You can also perform planned failover if you see signs of an impending disaster.
How to fix installing Microsoft Entra Connect V2 (Azure AD Connect V2) error code 2503, 2502
When you try to install the Microsoft Entra Connect V2 (Azure AD Connect V2) and it happens the installer has encountered an unexpected error installing this package. The error code is 2503 and 2502.
How to undo failover the virtual machine to Production Site at Veeam Backup and Replication v12
One method for completing failover is to use failover undo. When you undo failover, you return to the original VM from a VM replica. When a virtual machine replica is in the Failover state, Veeam Backup & Replication discards all changes made to the replica. This is because the Failover state is intended to be a temporary state used to restore the virtual machine to operation quickly in the event of a disaster.
How to Failover virtual machine to Disaster Recovery Site at Veeam Backup and Replication v12
Failing over a virtual machine to a disaster recovery site involves replicating the virtual machine and its data to the disaster recovery site and then activating the replicated copy in the event of a disaster or other disruptive event that renders the original virtual machine unavailable.
How to Install Microsoft 365 Apps on a Microsoft Remote Desktop Service Server
Microsoft 365 Apps are installed on a machine is set up as a Remote Desktop Session Host server. This allows several users to connect to this computer remotely. Users can operate Office programs like Word or Excel at the same time. The overall procedure for the Project and Visio desktop programs is the same.
How to create a Replication job with seeding to the Disaster Recovery Site at Veeam Backup and Replication v12
This procedure creates a replication job with seeding to replicate the specified VMs to the disaster recovery site. If a disaster strikes and the production VM stops working properly, you can fail over to its replica.
How to create a Replication job to replicate the specified VMs to the Disaster Recovery Site at Veeam Backup and Replication v12
This procedure creates a replication job to replicate the specified VMs to the disaster recovery site. If a disaster strikes and the production VM stops working properly, you can fail over to its replica.
How to create a Replication job to replicate the specified VMs at Veeam Backup and Replication v12
This procedure creates a replication job to replicate the specified production virtual machines at the same production site.
How to create a Backup Copy Job with Periodic copy from the backup job workload at Veeam Backup and Replication v12
Periodic copy jobs can be scheduled to run during non-business hours or low-activity periods, reducing the impact on production systems. This allows you to efficiently manage backup and copy operations without causing disruption.
How to create a Backup Copy Job with Immediate copy from the backup job workload at Veeam Backup and Replication v12
Immediate copies help reduce your RPO, which is the maximum allowable data loss in the event of a disaster. By creating copies as soon as new data is backed up, you ensure that your data loss is minimal.
How to create a Backup job to backup the VMS portion of the Hyper-V Host at Veeam Backup and Replication v12
This process creates a backup job to backup the VMS of the Hyper-V host but not all of them.
Microsoft Unveils FIDO2 Passkey Authentication for Windows Users
September 26, 2023 - In a significant move to bolster cybersecurity while enhancing user experience, Microsoft has recently introduced support for passkeys in Windows 11 and Windows 10, which is a revolutionary authentication method that is set to change the way users...
How to Install Cumulative Patches P20230718 for Veeam Backup & Replication Console 12
You also need to install Cumulative Patches P20230718 for Veeam Backup & Replication Console 12 after installation to Veeam Backup & Replication 12 management server.
How to Install Veeam Backup & Replication 12 Cumulative Patches P20230718
Veeam Backup & Replication 12 cumulative patch P20230718 was released on March 07, 2023, and last modified on August 03, 2023.
How to Install Exchange 2019 Mailbox Server Role Prerequisites
Microsoft provides detailed documentation and tools to assist with the deployment process, but consulting with an experienced Exchange consultant or engineer is recommended to ensure a successful deployment.
The specific steps and requirements for deploying Exchange Server 2019 may vary depending on your environment and business needs.
How to create a Backup job to backup all VMS of the Hyper-V Host at Veeam Backup and Replication v12
This procedure creates a backup job to back up all VMS of the production Hyper-V host. The new VMS will be backed up automatically after the backup job is created. You don’t need to modify the backup job settings.
How to create a Backup job to backup the specified Physical Machines (Managed by Agent Mode) at Veeam Backup and Replication v12
This procedure uses the managed by agent mode to create a backup job to back up the specific physical production machines.
How to create a Backup job to backup the specified Physical Machines (Managed by Backup Server Mode) at Veeam Backup and Replication v12
This procedure uses the managed backup server mode to create a backup job to back up the specific physical production machines.
How to create an Immutable Backup job to backup the specified VMs at Veeam Backup and Replication v12
Immutable Backup is a Veeam Backup & Replication feature that protects against ransomware attacks by preventing malicious software from modifying or deleting backup data.
Immutable backup means that once data is written to a backup repository, it cannot be modified, overwritten, or deleted until a specified retention period has passed. This can prevent ransomware from corrupting or encrypting backup data because the malware cannot modify or delete the backup files.
How to create a Backup job to backup the specified VMs at Veeam Backup and Replication v12
To backup VMs, you must first create a backup job. The backup job specifies how, where, and when VM data should be backed up. A single job can process one or more virtual machines. Jobs can be started by hand or scheduled for a specific time.
How to Configure Best Practices Analyzer at Veeam Backup and Replication v12
Veeam Backup & Replication includes a built-in tool that checks your backup server configuration to ensure it adheres to the Microsoft Windows Server operating system and Veeam backup infrastructure components security best practices.
How to enable Configuration Backup at Veeam Backup and Replication v12
The configuration database of Veeam Backup & Replication can be backed up and restored. If the backup server fails, you can quickly reinstall it and restore its configuration from a backup configuration.
You can also use configuration backups to restore the configuration from one backup server to another in the backup infrastructure. Veeam Backup & Replication exports configuration data from the database and saves it to the backup repository during configuration backup.
How to configure Notification with Microsoft 365 MFA Account at Veeam Backup and Replication v12
You can configure Microsoft Office 365 MFA account for notification settings if you want Veeam Backup & Replication to send email notifications about backup job results.
How to configure Notification with Microsoft 365 NON-MFA Account at Veeam Backup and Replication v12
You can configure Microsoft 365 non-MFA account for notification settings if you want Veeam Backup & Replication to send email notifications about backup job results.
How to configure Notification with Free SendGrid Account of Azure at Veeam Backup and Replication v12
You can configure the SendGrid account as an SMTP relay for notification settings if you want Veeam Backup & Replication to send email notifications about backup job results.
Using Microsoft’s Entra Registration Campaigns to Motivate Users to Set Up Microsoft Authenticator
In the rapidly evolving digital landscape, the security of user accounts and organizational data has never been more critical. As IT professionals, we constantly seek innovative solutions to bolster our cybersecurity defenses without complicating the user experience....
How to configure Group Managed Service Accounts (gMSA) at Veeam Backup and Replication v12
A Group Managed Service Account (gMSA) is a domain account that can be configured on the server. The Microsoft Windows operating system manages the password, so the administrator does not need to manage the password. Complex passwords are generated randomly and changed every 30 days, reducing the risk of brute force and dictionary attacks.
Upcoming Changes to Windows Printer Driver Distribution and Support
Introduction You'll not often find me talking about device drivers with passion, but printers are likely consuming significant IT resources supporting and managing printing. As a result, there are substantial changes to how print drivers will be distributed and...
How to configure Multi-Factor Authentication for Users at Veeam Backup and Replication v12
Multi-factor authentication (MFA) is supported by Veeam Backup & Replication for additional user verification. A one-time password (OTP) generated in the mobile authenticator application is a secondary verification method. With login and password credentials, it creates a more secure environment and keeps user accounts safe.
How to add the Microsoft Windows Server’s Rotated Drive as a Backup Repository at Veeam Backup and Replication v12
This scenario is useful if you want to store backups on multiple external hard drives that you intend to move between locations. The drives that are rotated can be detachable USB or eSATA hard drives.
How to add the Network Attached Storage (SMB or CIFS Shares) as a Backup Repository at Veeam Backup and Replication v12
You can use network-attached storage (SMB or CIFS Shares) as backup repositories with Veeam Backup and Replication. A network-attached storage (NAS) device can be a shared folder on your computer or any other physical device accessed via the Server Message Block (SMB) protocol.
How to add the Linux Server’s local directory as a Hardened Backup Repository at Veeam Backup and Replication v12
You can add a hardened repository based on a Linux server to your backup infrastructure to protect your backup files from loss due to malware activity or unplanned actions.
How to add the Linux Server’s local directory as a Backup Repository at Veeam Backup and Replication v12
You can add the following types of storage to the Linux server as a backup repository
How to add the Microsoft Windows Server’s local directory as a Backup Repository at Veeam Backup and Replication v12
You can add the following types of storage to the Microsoft Windows server as a backup repository
How to add Veeam Agent to On-Premises Linux Physical machines at Veeam Backup and Replication v12
ou can back up and restore the On-Premises physical machines running Linux operating systems. Backup agents are installed on each computer by Veeam Backup & Replication.
How to add Veeam Agent to On-Premises Microsoft Windows Physical machines at Veeam Backup and Replication v12
You can back up and restore the On-Premises physical machines running Windows operating systems. Backup agents are installed on each computer by Veeam Backup & Replication.
How to add WAN Acceleration to Veeam Backup and Replication v12
Veeam’s WAN acceleration technology optimizes data transfer to remote locations. It is explicitly designed for off-site backup copy and replication jobs. You must deploy a pair of WAN accelerators in your backup infrastructure to enable WAN acceleration and data deduplication technologies.
How to add Off-Host Backup proxy servers to Veeam Backup and Replication v12
Off-Host Backup proxy servers will retrieve VM data from the source datastore, process it and transfer it to the destination. The off-host backup proxy removes unwanted overhead on the production Hyper-V host.
How to Add Linux Server for a hardened repository to Veeam Backup and Replication v12
Suppose you plan to use backup infrastructure components and servers that you plan to use for various types of restore operations. In that case, you must add the Linux servers to the backup infrastructure.
How to add Microsoft Windows Servers to Veeam Backup and Replication v12
Suppose you plan to use as backup infrastructure components and servers that you plan to use for various types of restore operations. In that case, you must add the Microsoft Windows servers to the backup infrastructure.
How to add Microsoft SMB3 Servers to Veeam Backup and Replication v12
Veeam Backup & Replication can perform backup, replication, and file copy operations on Microsoft Hyper-V VMs whose discs are located on Microsoft SMB3 file shares.
How to add Microsoft Hyper-V Clusters to Veeam Backup and Replication v12
You must add the Microsoft Hyper-V clusters you plan to use as source and target for backup, replication and other activities.
How to add Microsoft Hyper-V Standalone Servers to Veeam Backup and Replication v12
ou must add the Microsoft Hyper-V standalone hosts you plan to use as source and target for backup, replication and other activities.
How to upgrade to Veeam Backup and Replication Console 12
To gain remote access to Veeam Backup & Replication v12, you must first upgrade the Veeam Backup & Replication console to v12 on a dedicated machine.
How to install Veeam Backup and Replication Console 12
When you install Veeam Backup & Replication, the Veeam Backup & Replication console is automatically installed on the backup server. If you want to access Veeam Backup & Replication remotely, you can install the Veeam Backup & Replication console on a dedicated machine.
How to migrate the Existing Veeam Backup and Replication to the new server with Microsoft SQL
Microsoft SQL Server (or Express), either locally on the backup manager server or remotely.
Microsoft SQL Server Express has a configuration data storage limit of 10 GB. The Express Edition is sufficient for the evaluation and small environments (500 VMs).
How to migrate the Existing Veeam Backup and Replication to the new server with PostgreSQL
PostgreSQL is free and has no size limit or compute restrictions has improved performance over SQL Express.
How to upgrade the Existing Veeam Backup and Replication to v12
Veeam Backup and Replication v12 launched on Feb 14, 2023. If you are still using an older version, it is time to upgrade it to v12. To upgrade Veeam Backup & Replication to version 12, you must have version 10a (build 10.0.1.4854) or later installed on the supported operating system.
How to install Veeam Backup and Replication v12 with Microsoft SQL (or Express)
You can choose Microsoft SQL as a Veeam Backup & Replication database. You were installing a Microsoft SQL Server (or Express), either locally on the backup manager server or remotely. If Microsoft SQL Server is not already installed. In that case, the Veeam Backup & Replication won’t install the Microsoft SQL Server Express Edition on the backup server automatically. You must install it before installing Veeam Backup and Replication v12 version.
How to install Veeam Backup and Replication v12 with PostgreSQL
When you install Veeam Backup & Replication, the Veeam Backup & Replication console is automatically installed on the backup server.
You can choose PostgreSQL as a Veeam Backup & Replication database. It has no size limit or computes restrictions and has improved performance over SQL Express.
Installing Winget on Windows 10
Introduction In many ways the installation of Winget can be transparent to the user if they use the Windows store but for newly provisioned or older Windows 10 devices the installation for Winget via a script isn’t quite as simple as it should be. In this blog post...
Techmentor 2023: Redmond
This conference offers a unique opportunity to interact, learn, and problem-solve with a broad cross-section of technology professionals, but it goes far beyond that. Techmentor emphasizes practical application, with sessions that dive deep into technical details and...
Fix issues with sign-in to Microsoft 365 apps account on RDS Server
When using your work or school account to access Microsoft/Office365 apps on RDS Server, it shows an error message “Your account was not set up on this device because device management could not be enabled.”
Configuring Intel DataCenter Manager to Monitor Servers
DataON Storage Spaces Direct (S2D) servers running Server 2022 can be monitored using Intel Data Center Manager (DCM), which provides detailed metrics and performance data for server hardware components. This blog post will cover how to monitor DataON S2D servers...
500 Internal Error in MPControl.log on Configuration Manager
Twice in the past year I've had someone reach out to me with Management Point issues in Configuration Manager, where Inventories weren't processing and the mpcontrol.log was riddled with HTTP 500 errors. This is not a typical production issue with ConfigMgr, and in...
Enabling App & Browser Control with Intune
After configuring all the Endpoint Protection settings in Intune, we've noticed that endpoints are still showing a warning on the Windows Security icon. Opening Windows Security Center shows that App & browser control is still turned off. The App it's referring to...
Configuring Google Chrome to use Modern Auth for Conditional Access
There's a common Conditional Access policy, referred to as Block Legacy Authentication, that prevents access to Microsoft365 if the user's session is not using a Modern Authentication method. Although Edge Chromium supports modern auth by default, Google Chrome does...
The Value of Center for Internet Security Benchmarks
The Center for Internet Security (CIS) has developed a set of security benchmarks to help organizations improve their security posture. These benchmarks are a collection of best practices that cover a wide range of security controls, including access control, network...
A Deeper Look into ChatGPT 4.0: Harnessing AI for Building Test Environments in Hyper-V
Editor's Note: The below article is unedited and generated from a prompt mentioned in the previous article on GPT. While this article, I feel, is a more accurate response than the 3.5 LLM response, the GPT 4 script was much worse. My personal views on the tool were...
Pros and Cons of Using ChatGPT 3.5 for PowerShell Scripting in Hyper-V Test Environments
Editor's Note: The below article is unedited and generated from a prompt mentioned in the previous article on GPT. If it appears contradictory or incorrect, it probably is. My personal views on the tool were shared in the previous post… Welcome back to our discussion...
Will ChatGPT Replace the IT Administrator? A closer look at some Hyper-V and AD PowerShell with ChatGPT 3.5 and 4
Like everyone else in the connected world, I've been hearing a lot about ChatGPT and how it's going to replace the workforce. To test this out, I put on the hat of an Active Directory administrator and chose to use the tool to build my lab. First, a little background....
Troubleshooting MDE ATP Agent Issues
As an IT administrator, it's essential to ensure that all devices in your organization are protected with the latest security tools and updates. Microsoft Defender for Endpoint (MDE) is a powerful security tool that helps protect endpoints and servers from various...
Creating Conditional Access Policies and Break Glass Accounts
Here is the process to create emergency access (Break Glass) accounts in your environment and Conditional Access policies as recommended by Microsoft. These policies should be first created in Report-only mode, then assessed for impact prior to fully enabling the...
Unraveling Legacy Microsoft Technologies: A Consultant’s Perspective on DNS and Active Directory Sites and Services
As a consultant, I've had the opportunity to work with various organizations, helping them optimize their IT infrastructures. One thing I've consistently observed is the pivotal role that legacy technologies, such as Domain Name System (DNS) and Active Directory Sites...
What Limitations? Hybrid Autopilot in Intune with Provisioning Task Sequence in Configuration Manager
Recently announced is the ability to deploy the Configuration Manager Client through Intune without going through the process of packaging the MSI. The process involves going into the Co-management Settings tile under Devices -> Enroll Devices in Intune, and...
Uninstalling Microsoft Store Apps in Intune
With the recent feature update that allows admins to deploy UWP apps via the System Context in Intune, we have to ensure that a UWP app isn't already installed for the user. If this is the case, unlike deploying an existing Win32 app in Intune, the app will not come...
Deploying UWP apps using the System Context
As the new Microsoft store gets further ready for production, we now have the much-awaited option to deploy UWP applications using the System Context via Intune. As UWP applications, by design, install in the user's context, the app will be automatically installed for...
Building a Highly Available database with PowerShell, without shared storage. Part 2: Database migration and availability
In Part 1 of this guide, we created a 2-node VM cluster on Windows Server 2022 and installed SQL Standard 2022 on both nodes. Now that SQL is installed, we will proceed with getting it ready, migrating the databases and configuring availability on the SQL side. If you...
Building a highly available database with PowerShell, without shared storage. Part 1: Before database migration
We have an existing physical SQL database cluster that needs a hardware refresh, but with a new virtual infrastructure we decided to place the new cluster on VMs instead. The application requirements state that its database cannot be accessed directly from multiple...
How to Fix Stopping Services Failed at Install Exchange Cumulative Updates
This error is common if the Exchange Servers use Antivirus endpoint software or a backup agent. The antivirus software or backup agent will impact the stopping services process.
PowerShell Script to Backup Azure Firewall Configuration
Here is an updated PowerShell script to backup the configuration of an Azure Firewall and make it exportable, including all rule collections, DNAT rules, network rules, and application rules: # Variables $firewallName = "<firewall-name>"...
How to Fix PowerShell Has Open Files Error at Installing the Exchange 2016 Cumulative Update 23
When I tried to prepare the AD schema for installing Exchange 2016 CU23, and it happened the error message is below.
“Setup can’t continue with the upgrade because the powershell has open files” error message.
Let’s fix it.
How to Fix Prepare AD Schema Error at Installing the Exchange 2016 Cumulative Update 23
Today, I helped a client migrate Exchange from 2010 to 2019. As you know, Exchange 2010 can’t migrate to 2019 directly. You need to migrate Exchange from 2010 to 2016 and then 2019.
When I tried to prepare the AD schema for installing Exchange 2016 CU23, and it happened the error message is below.
“One or more servers in the existing organization are running Exchange 2000 Server or Exchange Server 2003”.
The error is because they were not uninstalled Exchange 2000 or 2003 completed. Let’s fix it.
Configuring Azure Firewall to protect Azure Virtual Desktop
As more and more organizations move to the cloud, ensuring that your cloud environment is adequately secured is critical. One of the best ways to secure your environment in Azure is by using Azure Firewall. This blog post will explore how to configure Azure Firewall...
Operational Process for Isolating a Machine in Microsoft Defender Endpoint ATP
As cyber threats continue to grow in frequency and sophistication, organizations must take proactive measures to protect their assets from potential security breaches. One such measure is implementing an effective incident response plan that outlines the steps to be...
Microsoft Security Operations Analyst Exam SC-200 Prep
Microsoft's SC-200 Exam: Microsoft Security Operations Analyst is designed to test the skills and knowledge of security professionals in analyzing, detecting, and responding to security incidents. This exam is intended for security professionals who work with...
Troubleshooting Microsoft Identity Agent (MIA)
Microsoft Identity Agent (MIA) is an agent that enables on-premises Active Directory Domain Services (AD DS) deployment to leverage Azure AD for a variety of scenarios, including password hash synchronization and seamless single sign-on (SSO) capabilities. MIA...
The do’s and don’ts of Azure Immutable Storage
Azure Immutable Storage has been in the market for a while, and this was one of my more anticipated capabilities. In this blog post I want to give you some insight to it’s use as it’s been in place for a while now and we see a lot of ecosystem and independent software...
Ensuring that you have a Secure Azure Files Migration
As the CIO of DIVECORP, you have requested a full security review of the upcoming Azure Files Migration Project. Naturally, your primary concern is ensuring no sensitive data is accidentally exposed during migration. This blog post will provide step-by-step guidance...
Deploying MDE ATP to 600 Endpoints Notes from the Field
As an IT professional at DIVECORP, I recently led a project to deploy 600 Microsoft Defender for Endpoint (MDE) Advanced Threat Protection (ATP) agents to servers and desktops in our environment. The goal was to ensure that all devices in our organization were...
Top 10 Cyber Insurance Gotchas for 2023
Cyber insurance is a crucial investment for businesses that want to protect themselves from cyber threats. However, businesses should be aware of some potential "gotcha's" when selecting and utilizing their cyber insurance policy. This blog post will discuss the top...
Upgrading from Server 2019 Hyper-V to Server 2022
Microsoft recently released the latest version of its server operating system, Windows Server 2022. One of the most significant improvements in this new version is the Hyper-V virtualization platform. If you're currently running Server 2019 Hyper-V and considering...
How to install patches for Storage Space Direct Cluster Servers without Downtime
Microsoft released Windows patches on the second Tuesday of every month. This procedure installs Microsoft Windows server patches for the production cluster servers without an outage.
Women in IT preparing to learn Microsoft Azure
Microsoft Azure has quickly become one of the world's most popular cloud computing platforms. With businesses of all sizes moving their applications and infrastructure to the cloud, IT professionals must have the skills to manage and maintain Azure environments. This...
Cyber Attack Sample Root Cause Analysis – DIVECORP
In today's blog post, I will walk you through a scenario in which a Root Cause Analysis was performed on a fictitious company called DIVECORP. This type of exercise is required if a security breach occurs, and this also serves as a good template for a Root Cause...
Getting Started with Azure Hybrid AZ800: Top 10 Study Items
Azure Hybrid AZ800 is a certification exam designed for professionals who want to prove their expertise in building and managing hybrid cloud environments using Microsoft Azure. This certification exam is a great way to validate your skills and knowledge in hybrid...
Sample Incident Response Plan for a Cyber Ransomware Attack
Cybersecurity threats such as ransomware attacks have become more frequent and sophisticated, and organizations must be prepared to respond to them effectively. An incident response plan is critical to minimize the damage and recover quickly from a ransomware attack....
How to Rebuild a Gridstore Host via Virtual Media
There are many ways to rebuild the Hyper-V host, but I will show you how to rebuild a Microsoft Hyper-V host via Virtual Media. These screens captured were for Windows Server 2019, but not for Windows Server 2019 only. You can use Windows Server 2022 ISO image file too.
How to Install Veeam Backup & Replication 12 Cumulative Patches P20230223
Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam released new patches to fix this vulnerability on March 7, 2023. No Hosts restart is required after installing this patch.
Cyber Attack breached Exchange 2016 Sample Root Cause Analysis – DIVECORP
Cyber attacks are on the rise today, and no organization is immune to them. DIVECORP, a global organization with offices in Florida, Bali, and Mexico, was no exception. The company experienced a security breach when its Exchange 2016 On-Prem Server was compromised due...
How to Install Veeam Backup & Replication 11a Cumulative Patches P20230227
Vulnerability in this Veeam Backup & Replication component allows unauthorized users to obtain encrypted credentials stored in the configuration database. The vulnerability may lead to these unauthorized users gaining access to backup infrastructure hosts. The vulnerable process Veeam.Backup.Service.exe (TCP 9401 by default) allows unauthenticated users to request encrypted credentials.
Veeam releases new patches to fix this vulnerability. No Hosts restart is required after installing this patch.
Fixed Vulnerability CVE-2023-27530 in Veeam Backup & Replication component
Veeam release the patches to fix the Vulnerability in this Veeam Backup & Replication component and send an email to customers, but they are using the wrong KB# for v11a (or not update the KB),
Cyber Attack breached SQL 2014 Server Sample Root Cause Analysis – DIVECORP
DIVECORP, a global company with offices in Florida, Bali, and Mexico, experienced a severe security incident when an SQL 2014 server running on Windows Server 2012 R2 was compromised. The attackers could access the server using the SA credentials, which were never...
