RSS

Category Archives: Security

Microsoft Ignite 2015 : huge collection of information enhanced with more detailed resources to get you up-to-date with less time and effort

As some of you might know already, the Microsoft Ignite 2015 conference has started where Microsoft talks about where they’re going and what they’re doing. I watched the keynote, took many notes and added other relevant information which I’m sharing with you. Since so much was told and shown it’s certain I’ve missed stuff. As time goes by I will update the information in this post so it can be used as a reference.

I hope it’s useful. If you find any errors or have other useful resources or feedback, please leave a comment.

Update log:

-05-05-2015: Created Initial version including the keynote and additional information.

Advertisements
 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cloud – ITpreneurs CCC Professional Cloud Solutions Architect course

At the beginning of September I had the opportunity to attend the first ever Cloud Credential Council (CCC) Professional Cloud Solutions Architect (PCSA) course from ITpreneurs. The trainer was Mark Skilton and I really loved the training. But before telling you more about my experience, I’ll first first explain both the certification and the course in a bit more detail.

What is the CCC Professional Cloud Solutions Architect (PCSA) certification and who is it for ?

The PCSA certification is a globally recognized certification for technology architects. Solution Architects need to understand the impact that cloud is having on business and information architecture, application design, data management and security architecture and be very familiar with the topology and ecosystems that are being created as a result of increasing adoption of cloud technologies and operating models The certification is designed for senior technology professionals who are architecting and designing the future generation of technology solutions. Being PCSA-certified showcases your cloud architecting experience, skills and knowledge, and demonstrates you are capable to manage the various stakeholders within the enterprise. For more information, please take a look at the website: http://www.cloudcredential.org/en/certifications/professional-level/cloud-solutions-architect

What is the ITpreneurs CCC Professional Cloud Solutions Architect (PCSA) course ?

The ITpreneurs CCC PCSA course is a 3-day instructor led course that provides attendees with the required knowledge and skills for the CCC Professional Cloud Solutions Architect (PCSA) certification. The course material was created by lead author Mark Skilton and peer reviewers Vladimir Baranek and RajaGopalan Varadan. For more information, contact ITpreneurs and/or take a look at the course description: http://www.itpreneurs.com/cloud/CCC-courses/cloud-solutions-architect-VCC1310-itpreneurs.pdf

My experiences with and opinion about the ITpreneurs CCC PCSA course

Like I said at the beginning, I really loved the CCC PCSA course because:

  • It covers an important current topic that I believe will become even more important in the future.
  • The course materials are very complete and of great quality.
  • There’s a good balance between theoretical and practical knowledge.
  • The cases are mini workshops that force you to apply your knowledge, which provides more insight. They are also consistent with cases from previous cloud courses from ITpreneurs.
  • There is a lot of interaction between the trainer and the students.
  • Mark Skilton presented the course with a lot of enthusiasm and modified the course content on the go to focus more on the interests of the audience. 

One of the difficult parts of cloud computing is that it’s a very broad definition. As such, different interpretations and explanations are used for the same word/technology by different people and companies. So during the course there were some discussions. I thought this was good, because this will happen in real-life as well. It also stresses the importance of clear definitions and verifying correct understanding of all involved parties.

The special version of the course I attended was only two days, while the regular course will be three days. Since there was so much information to take in and because there were many discussions, the two days unfortunately weren’t enough to cover everything. ITpreneurs and Mark Skilton modified the course on the fly to cover the most important things, but I would have loved to go into more detail during the course if there had been time. Unfortunately this wasn’t the case, but since the course materials are of great quality I’ll be reading them at home instead.

As always there’s room for improvement. Our class provided a lot of feedback that Mark Skilton and ITpreneurs took to heart. They seemed to be really committed to improving the course so I expect the course to become even better since the course materials are currently being reassessed and restructured.

I hope you enjoyed reading about my course experience. For those interested in it, I added some more information about ITpreneurs and the Cloud Credential Council at the end of this blog post.

Thanks

I’d like to thank Corjan Bast and ITpreneurs for providing me with the opportunity to attend this course free of charge. I also want to thank Mark Skilton and all other great people involved in this course for their participation, valuable input and hard work.

Read the rest of this entry »

 
 

Tags: , , , , , , , , , , , , , , , , ,

Microsoft – Resources to get more familiar with Active Directory Federation Services (ADFS)

Nowadays more and more work, communication and collaboration involves multiple external parties. This can involve by example employees, customers, partners, suppliers, cloud providers/platforms/applications.

This means it is becoming increasingly important to have proper authentication and authorization methods in place for single sign on (SSO) so users can be more productive. Besides the ease-of-use It can also lead to better security.

Microsoft’s Active Directory Federation Services (ADFS) will make this possible. For more information on ADFS, here are some resources. Keep in mind though that while some information may be outdated, it will give you a broad idea of the concept and the inner workings. The current version of ADFS in Windows Server 2012 is 2.1 , while Windows Server 2008 uses 2.0

PS: Microsoft is moving more and more towards claims based authentication. Examples include Windows Server 2012 Dynamic Access Control and also SharePoint 2013 that has switched to claims based authentication by default now.

If you have some other resources that might be useful, please let me know so I can add them as well.

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Microsoft – Security Compliance Manager 3.0 (SCM) has been released

Microsoft has released the Security Compliance Manager 3.0 (SCM). This version includes support for Windows Server 2012, Windows 8, and Internet Explorer 10.

SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager. It provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing you to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications.

Basically in SCM 3.0 you can use predefined baselines, customize them or create completely new ones. Then you can export it from SCM 3.0 and apply it using an Active Directory GPO. To do this, create a new GPO in Group Policy Management, right click the GPO, import settings and complete the wizard.

You can also export existing GPO and then import it into SCM 3.0 and compare the differences.

 

Tags: , , , , , , , , , , , , , , , , , , , , ,

Event – Free Microsoft IT Camps

On a regular basis Microsoft and its partners host Free IT Camps. In the past I’ve blogged about them because I really think they’re a good way to quickly get up-to-date on products and technologies. Besides that it’s also a good way to get to know other people.

On the Microsoft Events website you can see which future events are available and not just IT Camps events.

Also should you not be able to attend an IT Camp, for Server 2012 you can also use IT Camps On-Demand.

 

Tags: , , , , , , , , , , , , ,

Security – Java releases update for major Java vulnerability

Last sunday I warned about a major vulnerability in Java.

It wasn’t expected that Java would come have an update available this quickly, but it is good that they did. So be sure to update to Java 7 Update 11 : http://java.com

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Security – Major Java vulnerability, don’t become a victim

[EDIT 14-01-2013]

Oracle release Java 7 Update 11 to fix this security issue. Be sure to update: http://java.com/

[EDIT]

Normally when I read about security vulnerabilities, I don’t really get a sense of urgency.

With the current Java vulnerability however, I do feel like people have to act quick because there are so many respected companies and even countries actively taking action:

Apparently this vulnerability is actively being exploited already and Oracle hasn’t released a Java fix yet. You might want to consider a combination of the options below:

Personally I like the way FireFox is handling the issue because it blocks by default, but allows users to easily override this behavior for specific sites. Also I’m getting quite fed up with all these Java security vulnerabilities lately 😦

I’d like to know what you’ll be doing. Have you or are you going to disable Java ? Which methods will you use ? Why ?

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

 
%d bloggers like this: