Security Best Practices for Microsoft Azure Applications
|
|
- Willis Patterson
- 8 years ago
- Views:
Transcription
1 Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT
2 Service Lines Application Security Infrastructure Security Customized Solutions & Training 10+ years of tailored best practices and specialized intellectual property Microsoft Internal MSIT MSN Microsoft.com Product Groups Service Channels Microsoft External MCS Premier Acquisitions Global and Strategic Partners Unique knowledge transfer and value-add for Microsoft and its customers, partners and acquisitions Functional Capacity Specialization Totals Canada Global Delivery India Application Security 30 Infrastructure Security Dedicated PMs Total US- Redmond, ACE HQ United States Mission: to protect key assets by lowering overall information security risk for Microsoft and its customers through advisory services
3 Comprehensive Approach Security Program Security Architect Led & Program Manager Supported Infrastructure Security Application Security
4 Introductions
5 Shared security responsibility Data classification & accountability Client & endpoint protection Identity & access management Application level controls Network level controls Host Security Physical Security
6 Agenda 1. Setup the sample HRPortal application 2. Authentication 3. Auditing & Logging 4. Configuration Management 5. Sensitive Data 6. Communication 7. Host Security
7 HRPortal sample app Architecture diagram Admin Azure Active Directory User Use cases User can login to HR Website User can view salary, edit bank account number, update skills and upload resume AV scan engine scans resumes for malware Admin deploys solution to Azure Azure subscription HR Website AV Scan engine Azure Storage Azure SQL Database
8 Lab: Setup the sample application
9 1. Authentication
10 Authentication - Threats and Countermeasures Countermeasures Admin User Admin Use organizational accounts or corporate identities Azure Active Directory Use strong passwords Use multi-factor authentication Use federated identity pattern... Extend on-premise AD to Azure Azure Portal Cloud Service Virtual Machines... Active Directory Enterprise
11 Use Organizational Accounts or Corporate Identities Microsoft Account (Windows Live ID) Azure Active Directory Azure Active Directory Azure Active Directory Directory sync with password Directory sync with Federation Active Directory Active Directory Enforce password policies Enforce Cloud based Multi factor Authentication Enforce On premise Multi factor Authentication
12 Lab: Azure AD password policy
13 Lab: Enabling MFA for Azure AD users
14 Directory sync with federation Admin logs in on-prem Admin browses to Azure portal Windows Azure Portal Windows Azure Active Directory ADFS (sts.contoso.c om) Active Directory Admin is redirected to AAD AAD redirects to onprem STS since directory sync with SSO is setup. Admin authenticates to on-prem STS On-prem STS returns admin token to AAD AAD has a trust with STS, validates token, redirects to Azure portal
15 Demo: Directory sync with federation
16 Federated Identity Pattern Consumer authenticates and requests token STS returns token Identity Provider (IdP) or Security Token Service (STS) Service trusts IdP or STS Consumer Consumer presents token to service Service
17 Lab: Enabling Azure AD authentication on Azure Website
18 Extend on-premise Active Directory to Azure Application... Availability Set Virtual Network SQL Server... VPN Domain controllers Availability Set... = OR Availability Set AD Replication Enterprise... Active Directory User Enterprise
19 Authentication Summary Threats Improper de-provisioning Credential theft Brute forcing passwords Countermeasures Use organizational accounts or corporate identities Use strong passwords Use multi-factor authentication Use federated identity pattern Extend on-premise AD to Azure
20 2. Auditing & Logging
21 Auditing & Logging - Threats and Countermeasures Countermeasures Admin User Admin Enable logging Transfer logs to storage Azure Active Directory Monitor logs for suspicious activity Subscription Audit logs... Auditing and Activity Logging Azure Portal Cloud Service Virtual Machines Windows Azure Diagnostics Azure Storage Logging Azure storage Azure SQL Database SQL Azure Auditing
22 Demo: Subscription operation logs
23 Demo: SQL database logs
24 Demo: Azure storage logs
25 Demo: Cloud Service logs
26 Auditing and Logging Summary Azure component Logging feature Examples of suspicious behavior Azure Active Directory Auditing and Activity Logging Addition of user, admin, change of group membership Azure Subscription Subscription Operation logs Addition of co-administrator, enabling RDP on cloud service, operation from unexpected IP Address Azure Web Sites Application and Site Diagnostics Performance degradation due to DOS attack Cloud Services Windows Azure Diagnostics Security event for malware, remote login, creation of local user, change of important files, performance Virtual Machines Windows Azure Diagnostics or Windows Event degradation due to DOS attack Forwarding Azure Storage Azure Storage Logging Operation from unexpected IP Address, unexpected operated Azure SQL Database SQL Azure Auditing Operation from unexpected IP Address
27 3. Configuration Management
28 Configuration Management - Threats and Countermeasures Dev cspkg Admin cscfg Countermeasures Protect secrets in config files Use Runtime Reconfiguration pattern Rollover secret keys Visual Studio Online Git repository cscfg Azure subscription cloud service Azure Storage Azure SQL Database
29 Lab: Setting configuration values for Azure Websites
30 Runtime Reconfiguration pattern Dev Admin Admin changes configuration in service configuration file Visual Studio Online cspkg cscfg cloud service Application code subscribes to an event to know if configuration has changed. Code allows change if acceptable. Git repository cscfg Azure subscription If change is not acceptable and may cause configuration issues, code requests a role restart. Azure Storage Azure SQL Database
31 Roll over secret keys Dev Admin Azure storage has primary and secondary access keys cspkg cscfg Change configuration to secondary access key Visual Studio Online Git repository cscfg Azure subscription cloud service Configuration changes at runtime Regenerate primary access key and change configuration to new primary access key Azure Storage Azure SQL Database Configuration changes at runtime Regenerates secondary access key
32 Demo: Re-generating storage access keys
33 Lab: Using Key Vault to store secrets
34 Configuration Management Summary Threats Secret keys compromised from repository Improper de-provisioning Countermeasures Protect secrets in config files Use Runtime Reconfiguration pattern Rollover secret keys
35 4. Sensitive Data
36 Sensitive Data - Threats and Countermeasures Admin User Countermeasures Use Valet Key pattern Encrypt sensitive data at rest Application... cloud service Web application SQL Server... Azure Storage Azure SQL Database
37 Valet Key Pattern SAS SAS User cloud service User requests a resource Application checks validity of request, generates Shared Access Signature (SAS) and returns to user User directly accesses resource using SAS Application Azure Storage
38 Demo: Shared Access Signatures
39 Encrypt sensitive data at rest BitLocker Drive Encryption Admin User SQL Server Transparent Data Encryption or Column Level Encryption Application... Web application cloud service Application level encryption using.net Crypto API or other languages or Azure SQL TDE SQL Server... Azure Storage Azure SQL Database
40 Lab: Encrypting data using Key Vault
41 Encrypt sensitive data at rest Scenario Encryption technology Key management Azure VMs with sensitive files BitLocker Drive Encryption 3rd party solutions Sensitive data in SQL Server on Azure VM Sensitive data in Azure Storage, NoSQL, Azure SQL Database SQL Server Transparent Data Encryption or Column Level Encryption Application level encryption using.net Crypto API or other languages or Azure SQL TDE Can use Extensible Key Management and existing on-premise HSM Azure Key Vault
42 5. Communication
43 Communication - Threats and Countermeasures User cloud service Admin Countermeasures Use SSL Disable remote desktop Limit input endpoints Use IP based restrictions Azure Storage Azure SQL Database Service Bus Relay App Server Enterprise
44 Demo: Configuring Azure Website to use SSL
45 Demo: SQL Database Firewall
46 Communication Summary IP based restriction Encrypt data in transit Azure Web Sites IIS IP Restrictions Upload SSL certificate and use custom domain Cloud Services Configure host firewall using Start-up task or use IIS IP Restrictions Upload SSL certificate and use custom domain Virtual Machines Network Access Control List Configure SSL certificate Virtual Network Inbound and Outbound IP restriction using Network Security Group Use SSL Azure SQL Database Azure SQL Firewall Use Encrypt=true; TrustServerCertificate=False in SQL Connection string
47 6. Host Security
48 Host - Threats and Countermeasures Countermeasures Patch management User Enable Anti-malware Application... cloud service Machine policy management Web application
49 Lab: Machine policy management using start-up tasks
50 Lab: Enabling Anti-malware on Cloud Services
51 Host Security Summary Threats Unpatched VMs Malware Insecure host settings Countermeasures Patch management Enable Anti-malware Machine policy management
52 Summary
53 Security Frame Threats and Countermeasures Security category Threats Countermeasures Authentication Auditing & Logging Configuration management Sensitive Data Improper de-provisioning Credential theft Brute forcing passwords Repudiation Logs lost due to recycle or deleted Improper de-provisioning Secret keys compromised from repository Shared secrets are only line of defense Use organizational accounts or corporate identities Use strong passwords Use multi-factor authentication Use federated identity pattern Extend on-premise AD to Azure Enable logging Transfer logs to storage Monitor logs for suspicious activity Encrypt secrets in config files Use Runtime Reconfiguration pattern Rollover secret keys Use Valet Key pattern Encrypt sensitive data at rest Communication Host Security Data sniffed on network Remote desktop password compromised Unpatched VMs Malware Insecure host settings Use SSL Disable remote desktop Limit input endpoints Use IP based restrictions Patch Management Enable Anti-malware Machine policy management
54 Summary Understand what you are responsible for Understand threats and implement countermeasures Use Azure security features, patterns and practices
55 References Related references for you to expand your knowledge on the subject Azure Trust Center, Azure Security Guidance, Azure Identity, Azure Multi-factor authentication, Cloud Design patterns, Security best practices for Windows Azure solutions, FDDEEE8F70C1/SecurityBestPracticesForWindowsAzureSolutionsFeb2014.docx Security Best Practices For Developing Windows Azure Applications, technet.microsoft.com/en-in aka.ms/mva msdn.microsoft.com/
56
Course 20533: Implementing Microsoft Azure Infrastructure Solutions
Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
More informationImplementing Microsoft Azure Infrastructure Solutions
Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently
More informationThis module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud.
Module 1: Overview of service and cloud technologies This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud. Key Components of
More informationMicrosoft Enterprise Mobility Suite
Microsoft Enterprise Mobility Suite Standalone - overview Peter Daalmans http://configmgrblog.com, peter@daalmans.com IT-Concern John Marcum Enterprise Client Management Architect / johnmarcum@outlook.com
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationAzure Powershell Command Line Reference
Name Description Add-AzureEnvironment Creates an Azure environment Disable-AzureWebsiteApplicationDiagnostic Disables the website's application diagnostics Enable-AzureWebsiteApplicationDiagnostic Enables
More informationQuick Start Guide: Utilizing Nessus to Secure Microsoft Azure
Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure Introduction Tenable Network Security is the first and only solution to offer security visibility, Azure cloud environment auditing, system
More informationImplementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led
Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led Course Description This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.
More informationMicrosoft SharePoint Architectural Models
Microsoft SharePoint This topic is 1 of 5 in a series Introduction to Fundamental SharePoint This series is intended to raise awareness of the different fundamental architectural models through which SharePoint
More informationCourse 20533B: Implementing Microsoft Azure Infrastructure Solutions
Course 20533B: Implementing Microsoft Azure Infrastructure Solutions Sales 406/256-5700 Support 406/252-4959 Fax 406/256-0201 Evergreen Center North 1501 14 th St West, Suite 201 Billings, MT 59102 Course
More informationCourse Description. Course Audience. Course Outline. Course Page - Page 1 of 5. Microsoft Azure Fundamentals M-10979 Length: 2 days Price: $ 1,295.
Course Page - Page 1 of 5 Microsoft Azure Fundamentals M-10979 Length: 2 days Price: $ 1,295.00 Course Description Get hands-on instruction and practice implementing Microsoft Azure in this two day Microsoft
More informationManaging trust relationships with multiple business identity providers (basics) 55091A; 3 Days
Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Managing trust relationships with multiple business identity providers (basics)
More informationAssignment # 1 (Cloud Computing Security)
Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual
More informationCourse Outline. Microsoft Azure Fundamentals Course 10979A: 2 days Instructor Led. About this Course. Audience Profile. At Course Completion
Microsoft Azure Fundamentals Course 10979A: 2 days Instructor Led About this Course Get hands-on instruction and practice implementing Microsoft Azure in this two day Microsoft Official Course. You will
More informationAgenda. Federation using ADFS and Extensibility options. Office 365 Identity overview. Federation and Synchronization
Agenda Office 365 Identity overview 1 Federation and Synchronization Federation using ADFS and Extensibility options 2 3 What s New in Azure AD? Cloud Business App - Overview 4 Identity Management is
More informationDreamFactory on Microsoft SQL Azure
DreamFactory on Microsoft SQL Azure Account Setup and Installation Guide For general information about the Azure platform, go to http://www.microsoft.com/windowsazure/. For general information about the
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationDeveloping Microsoft Azure Solutions 20532B; 5 Days, Instructor-led
Developing Microsoft Azure Solutions 20532B; 5 Days, Instructor-led Course Description This course is intended for students who have experience building vertically scaled applications. Students should
More informationHow we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)
How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond
More informationDeveloping Microsoft Azure Solutions
Course 20532A: Developing Microsoft Azure Solutions Page 1 of 7 Developing Microsoft Azure Solutions Course 20532A: 4 days; Instructor-Led Introduction This course is intended for students who have experience
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationDeveloping Microsoft Azure Solutions 20532A; 5 days
Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Developing Microsoft Azure Solutions 20532A; 5 days Course Description This
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationMicrosoft 20533 - Implementing Microsoft Azure Infrastructure Solutions
1800 ULEARN (853 276) www.ddls.com.au Microsoft 20533 - Implementing Microsoft Azure Infrastructure Solutions Length 5 days Price $4389.00 (inc GST) Version C Overview This course is intended for IT professionals
More informationWhen your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
More informationMOC 20487 DEVELOPING WINDOWS AZURE AND WEB SERVICES
ONE STEP AHEAD. MOC 20487 DEVELOPING WINDOWS AZURE AND WEB SERVICES Length: 5 Days Level: 300 Technology: Microsoft Visual Studio 2012 Delivery Method: Instructor-led (classroom) COURSE OUTLINE Module
More informationHybrid Cloud Identity and Access Management Challenges
Hybrid Cloud Identity and Access Management Challenges Intro: Timothy P. McAliley timothy.mcaliley@microsoft.com Microsoft Premier Field Engineer, SQL Server, Washington, DC CISA, CISM, CISSP, ITIL V3,
More informationSINGLE & SAME SIGN-ON ASPECTS
SINGLE & SAME SIGN-ON ASPECTS OF AZURE ACTIVE DIRECTORY Harold Baele Senior ICT Trainer JULY 2, 2015 SLIDE 1 TRAINER INFO Harold Baele MCT at RealDolmen Education Harold.baele@realdolmen.com - @hbaele
More informationBig data variety, 179 velocity, 179 volume, 179 Blob storage containers
Index A AADRM. See Azure active directory rights management (AADRM) AADRM PowerShell module Azure AD module, 164 Connect-AadrmService cmdlet, 164 Connect-MsolService cmdlet, 164 PowerShell v2.0 and.net
More informationMS 10978A Introduction to Azure for Developers
MS 10978A Introduction to Azure for Developers Description: Days: 5 Prerequisites: This course offers students the opportunity to learn about Microsoft Azure development by taking an existing ASP.NET MVC
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSHAREPOINT HYBRID AND IMPLICATIONS OF 2016
SHAREPOINT HYBRID AND IMPLICATIONS OF 2016 Dan Charlton Senior Consultant MCSE, MCSA, MCP COMPANY OVERVIEW TOTAL SOLUTIONS OVERVIEW SharePoint Consulting & Development Organization Design Development Administration
More informationMICROSOFT 70-346 EXAM QUESTIONS & ANSWERS
MICROSOFT 70-346 EXAM QUESTIONS & ANSWERS Number: 70-346 Passing Score: 800 Time Limit: 120 min File Version: 58.5 http://www.gratisexam.com/ MICROSOFT 70-346 EXAM QUESTIONS & ANSWERS Exam Name:Managing
More informationGetting Started with Clearlogin A Guide for Administrators V1.01
Getting Started with Clearlogin A Guide for Administrators V1.01 Clearlogin makes secure access to the cloud easy for users, administrators, and developers. The following guide explains the functionality
More informationWebinar Self-service in Microsoft Azure AD Premium
Webinar Self-service in Microsoft Azure AD Premium Hugh Simpson-Wells : CEO Agenda What is Azure Active Directory Premium? Self-service demo basis Self-service security groups Self-service application
More informationSecret Server Qualys Integration Guide
Secret Server Qualys Integration Guide Table of Contents Secret Server and Qualys Cloud Platform... 2 Authenticated vs. Unauthenticated Scanning... 2 What are the Advantages?... 2 Integrating Secret Server
More informationAVG Business SSO Connecting to Active Directory
AVG Business SSO Connecting to Active Directory Contents AVG Business SSO Connecting to Active Directory... 1 Selecting an identity repository and using Active Directory... 3 Installing Business SSO cloud
More informationCourse 10978A Introduction to Azure for Developers
Course 10978A Introduction to Azure for Developers Duration: 40 hrs. Overview: About this Course This course offers students the opportunity to take an existing ASP.NET MVC application and expand its functionality
More informationPI Cloud Connect Overview
PI Cloud Connect Overview Version 1.0.8 Content Product Overview... 3 Sharing data with other corporations... 3 Sharing data within your company... 4 Architecture Overview... 5 PI Cloud Connect and PI
More informationUsing RD Gateway with Azure Multifactor Authentication
Using RD Gateway with Azure Multifactor Authentication We have a client that uses RD Gateway to allow users to access their RDS deployment from outside their corporate network. They have about 1000+ users.
More informationEmployee Active Directory Self-Service Quick Setup Guide
Employee Active Directory Self-Service Quick Setup Guide (V2.0) Last update: 11/5/2014 Copyright 2014 InfraDog Inc. All rights reserved Corporate Phone: +1 (416) 473-4096, Fax: +1 (888) 863-3936, Email:
More informationIT Exam Training online / Bootcamp
DumpCollection IT Exam Training online / Bootcamp http://www.dumpcollection.com PDF and Testing Engine, study and practice Exam : 70-534 Title : Architecting Microsoft Azure Solutions Vendor : Microsoft
More informationSharePoint 2013 Business Connectivity Services Hybrid Overview
SharePoint 2013 Business Connectivity Services Hybrid Overview Christopher J Fox Microsoft Corporation November 2012 Applies to: SharePoint 2013, SharePoint Online Summary: A hybrid SharePoint environment
More informationEnsuring the Security of Your Company s Data & Identities. a best practices guide
a best practices guide Ensuring the Security of Your Company s Data & Identities Symplified 1600 Pearl Street, Suite 200» Boulder, CO, 80302» www.symplified.com» @Symplified Safe and Secure Identity Management
More informationSQL Server Hybrid Features. Luis Vargas, Senior Program Manager Lead Xin Jin, Program Manager @ Microsoft
SQL Server Hybrid Features Luis Vargas, Senior Program Manager Lead Xin Jin, Program Manager @ Microsoft Key Takeaway SQL Server integrates cloud services from Azure providing end-to-end experiences that
More informationMicrosoft Visual Studio Online Data Protection
Microsoft Visual Studio Online Data Protection May 2015 Jeff Beehler, VSO Group Program Manager jeffbe@microsoft.com (c) 2015 Microsoft Corporation. All rights reserved Contents Overview... 1 Our commitment...
More informationImplementing Microsoft Azure Infrastructure Solutions
Implementing Microsoft Azure Infrastructure About this Course This course is aimed at experienced IT Professionals who currently administer their on-premise infrastructure. The course introduces the student
More informationTotal Cost of Ownership Overview ADFS vs OneLogin WHITEPAPER
Total Cost of Ownership Overview vs OneLogin WHITEPAPER Are you really going to double down on machines, software and professional services to extend Active Directory (AD)? Executive Summary Are you planning
More informationTechnology Day 2015 Xylos
Stay in control of your identity with Azure Active Directory (Premium) Technology Day 2015 Xylos Robin Vermeirsch Sr. IT consultant CCM Azure Active Directory Introduction Competence Center Messaging (CCM)
More informationImplementing Microsoft Azure Infrastructure Solutions
Course 20533A: Implementing Microsoft Azure Infrastructure Solutions Page 1 of 7 Implementing Microsoft Azure Infrastructure Solutions Course 20533A: 4 days; Instructor-Led Introduction This course is
More informationSA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide
SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide This document covers steps to configure Citrix VDI on Juniper Network s SA Series SSL VPN platforms. It also covers brief overview of
More informationGetting Started with Sitecore Azure
Sitecore Azure 3.1 Getting Started with Sitecore Azure Rev: 2015-09-09 Sitecore Azure 3.1 Getting Started with Sitecore Azure An Overview for Sitecore Administrators Table of Contents Chapter 1 Getting
More informationHow To Understand Your Potential Customer Opportunity Profile (Cop) From A Profit Share To A Profit Profit (For A Profit)
IT Services Qualifying & COP Form Training April 2011 1 Agenda Purpose for the COP Form & How it Should Be Used Customer Opportunity Profile (COP) Form Identifying Virtualization Opportunities Identifying
More informationHands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services
Hands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services Windows Azure Infrastructure Services provides cloud based storage, virtual networks
More informationSA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide
SA Citrix Virtual Desktop Infrastructure (VDI) Configuration Guide Published July 2015 This document covers steps to configure Citrix VDI on Pulse Secure s SA Series SSL VPN platforms. It also covers brief
More informationAdditional Security Considerations and Controls for Virtual Private Networks
CYBER SECURITY OPERATIONS CENTRE APRIL 2013 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL REFERENCES
More informationWHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD
WHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD TABLE OF CONTENTS 1 In this whitepaper... 3 2 User security... 4 2.1 Authentication... 4 2.2 Authorization & Access Control...
More informationAdministering Windows Server 2012
Administering Windows Server 2012 Course Summary Configuring and Troubleshooting Domain Name System Maintaining Active Directory Domain Services Managing User and Service Accounts Implementing a Group
More informationHosting Models. Business Model Software (as a Service) Platform (as a Service) Infrastructure (as a Service) On Premises. Applications. Data.
You manage You manage You manage On Premises Hosting Models Infrastructure (as a Service) Platform (as a Service) Business Model Software (as a Service) Customizations Applications Data Runtime Middleware
More informationHow To Synchronize With Gmail For Business On Shoretel
Voice Mail Synchronization with Gmail for Business Voice Mail Synchronization with Gmail for Business The Synchronization with Gmail for Business feature automatically synchronizes the state of a ShoreTel
More informationOndřej Výšek Sales Lead, Microsoft MVP. vysek@kpcs.cz
Ondřej Výšek Sales Lead, Microsoft MVP vysek@kpcs.cz Azure Active Directory Features Free edition Basic edition Premium edition Directory as a service User and group management using UI or Windows PowerShell
More informationSecurity Whitepaper. NetTec NSI Philosophy. Best Practices
Security Whitepaper NetTec NSI provides a leading SaaS-based managed services platform that to efficiently backup, monitor, and troubleshoot desktops, servers and other endpoints for businesses. Our comprehensive
More informationSecuring Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
More informationMod 2: User Management
Office 365 for SMB Jump Start Mod 2: User Management Chris Oakman Managing Partner Infrastructure Team Eastridge Technology Stephen Hall CEO & SMB Technologist District Computers 1 Jump Start Schedule
More informationSentinet for Windows Azure SENTINET
Sentinet for Windows Azure SENTINET Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model...
More informationMS 20487A Developing Windows Azure and Web Services
MS 20487A Developing Windows Azure and Web Services Description: Days: 5 Prerequisites: In this course, students will learn how to design and develop services that access local and remote data from various
More informationUser Guide. Version R91. English
AuthAnvil User Guide Version R91 English August 25, 2015 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated from
More informationSpeeding Office 365 Implementation Using Identity-as-a-Service
August 2015 www.sarrelgroup.com info@sarrelgroup.com Speeding Office 365 Implementation Using Identity-as-a-Service White paper August 2015 This white paper is sponsored by Centrify. August 2015 www.sarrelgroup.com
More informationWeb Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide
Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide Contents Introduction... 2 Environment Topology... 2 Virtual Machines / System Requirements...
More informationCourse 20532B: Developing Microsoft Azure Solutions
Course 20532B: Developing Microsoft Solutions Five Days, Instructor-Led About this Course This course is intended for students who have experience building vertically scaled applications. Students should
More informationHybrid for SharePoint Server 2013. Search Reference Architecture
Hybrid for SharePoint Server 2013 Search Reference Architecture 2014 Microsoft Corporation. All rights reserved. This document is provided as-is. Information and views expressed in this document, including
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationCompiled By: Chris Presland v1.0. 29 th September. Revision History Phil Underwood v1.1
Compiled By: Chris Presland v1.0 Date 29 th September Revision History Phil Underwood v1.1 This document describes how to integrate Checkpoint VPN with SecurEnvoy twofactor Authentication solution called
More informationABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES
CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML
More informationMOC 20413C: Designing and Implementing a Server Infrastructure
MOC 20413C: Designing and Implementing a Server Infrastructure Course Overview This course provides students with the knowledge and skills to provide an enterprise solution that supports manual and automated
More informationAUTOMATED DISASTER RECOVERY SOLUTION USING AZURE SITE RECOVERY FOR FILE SHARES HOSTED ON STORSIMPLE
AUTOMATED DISASTER RECOVERY SOLUTION USING AZURE SITE RECOVERY FOR FILE SHARES HOSTED ON STORSIMPLE Copyright This document is provided "as-is." Information and views expressed in this document, including
More informationAlex Wong Senior Manager - Product Management Bruce Ong Director - Product Management
Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release
More informationAVG Business Secure Sign On Active Directory Quick Start Guide
AVG Business Secure Sign On Active Directory Quick Start Guide The steps below will allow for download and registration of the AVG Business SSO Cloud Connector to integrate SaaS application access and
More informationXerox Mobile Print Cloud
September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United
More informationTutto quello che c è da sapere su Azure App Service
presenta Tutto quello che c è da sapere su Azure App Service Jessica Tibaldi Technical Evangelist Microsoft Azure & Startups jetiba@microsoft.com @_jetiba www.wpc2015.it info@wpc2015.it - +39 02 365738.11
More informationDirectory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.
Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta
More informationOverview of Microsoft Enterprise Mobility Suite (EMS) Cloud University
Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University www.infrontconsulting.com Global #1 on System Center Trusted for over a decade Microsoft Partner of the year 2012, 2013 & 2014 #1
More informationCollaborating with External Users
Collaborating with External Users Peter Carson March 10, 2015 Gold Sponsor Silver Sponsors Peter Carson President, Envision IT SharePoint MVP Virtual Technical Specialist, Microsoft Canada peter@envisionit.com
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationSQL Server on Azure An e2e Overview. Nosheen Syed Principal Group Program Manager Microsoft
SQL Server on Azure An e2e Overview Nosheen Syed Principal Group Program Manager Microsoft Dedicated Higher cost Shared Lower cost SQL Server Cloud Continuum Hybrid SQL Server in Azure VM Virtualized Machines
More informationEnabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1
Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1 Agenda Introduction PAGE 2 Organization Speakers Security Spectrum Information Security Spectrum Oracle Identity Management
More informationVMware Virtual Desktop Manager User Authentication Guide
Technical Note VMware Virtual Desktop Manager User Authentication Guide VMware Virtual Desktop Manager The purpose of this guide is to provide details of user authentication in VMware Virtual Desktop Manager
More informationCloud Services ADM. Agent Deployment Guide
Cloud Services ADM Agent Deployment Guide 10/15/2014 CONTENTS System Requirements... 1 Hardware Requirements... 1 Installation... 2 SQL Connection... 4 AD Mgmt Agent... 5 MMC... 7 Service... 8 License
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationKaseya IT Automation Framework
Kaseya Kaseya IT Automation Framework An Integrated solution designed for reducing complexity while increasing productivity for IT Professionals and Managed Service Providers. The powerful, web-based automation
More informationCloud Powered Mobile Apps with Azure
Cloud Powered Mobile Apps with Azure Malte Lantin Technical Evanglist Microsoft Azure Agenda Mobile Services Features and Demos Advanced Features Scaling and Pricing 2 What is Mobile Services? Storage
More informationMS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
More informationCLOUD COMPUTING & WINDOWS AZURE
CLOUD COMPUTING & WINDOWS AZURE WORKSHOP Overview This workshop is an introduction to cloud computing and specifically Microsoft s public cloud offering in Windows Azure. Windows Azure has been described
More informationAuthentication Integration
Authentication Integration VoiceThread provides multiple authentication frameworks allowing your organization to choose the optimal method to implement. This document details the various available authentication
More informationBlending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access
Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:
More informationSetup Guide for AD FS 3.0 on the Apprenda Platform
Setup Guide for AD FS 3.0 on the Apprenda Platform Last Updated for Apprenda 6.0.3 The Apprenda Platform leverages Active Directory Federation Services (AD FS) to support identity federation. AD FS and
More informationDecember 2015 702P00860. Xerox App Studio 3.0 Information Assurance Disclosure
December 2015 702P00860 Xerox App Studio 3.0 Information Assurance Disclosure 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and Design and ConnectKey are trademarks of Xerox Corporation
More informationHOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services
HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationTECHNICAL WHITE PAPER. Symantec pcanywhere Security Recommendations
TECHNICAL WHITE PAPER Symantec pcanywhere Security Recommendations Technical White Paper Symantec pcanywhere Security Recommendations Introduction... 3 pcanywhere Configuration Recommendations... 4 General
More information