Multi-Factor Authentication Server versions 8.1.11.1 and 8.1.12.1 add support for OATH codes

Reading Time: 2 minutes

Microsoft Azure Multi-Factor Authentication

On January 19th, 2024, Microsoft released versions 8.1.11.1 and 8.1.12.1 of its MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios.

 

Versions 8.1.11.1 and 8.1.12

MFA Server v8.1.11.1 is intended for  use on:

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016

MFA Server v8.1.12.1 is intended for  use on:

  • Windows Server 2019
  • Windows Server 2022

 

What’s New

The release notes mention the following change:

Support for OATH codes

MFA Server versions 8.1.11.1 and 8.1.12.1 add support for OATH codes  in the Microsoft Authenticator app after the user account has been migrated to Entra MFA.

After the first push notification attempt in Entra MFA, the account in the Microsoft Authenticator app starts using SHA-256 to generate OATH codes. MFA Server previously only supported SHA-1 so could not validate these codes. Azure MFA Server has been modified to check both SHA-1 and SHA-256 codes, which allows users to use OATH codes for both Entra MFA and MFA Server scenarios during migration.

 

Known Issues

Windows Authentication for Remote Desktop Services (RDS) is not supported for Windows Server 2012 R2, and up.

 

Upgrade considerations

You must upgrade MFA Server and Web Service SDK before upgrading the User Portal or AD FS adapter. Read the guidance in the How to Upgrade section in this blogpost for more information.

 

Download

You can download Azure Multi-Factor Authentication Server 8.1.11.1 and 8.1.12.1 here.
The download weighs 145 MB.

 

Version information

These are versions 8.1.11.1 and 8.1.12.1 of Multi-Factor Authentication Server.
It was signed off on January 19th, 2024.

Further reading

Existing Azure MFA Server deployments stop working starting September 30, 2024
TODO: Migrate from Azure MFA Server to Azure multi-factor authentication
Multi-Factor Authentication Server version 8.1.10.1 addresses service crashes during activation
Multi-Factor Authentication Server version 8.1.9.1 offers improved migration abilities

Posted on January 22, 2024 by Sander Berkouwer in Entra ID, Multi-Factor Authentication, What's New

0  

Five Truths in Veeam's 2024 Data Protection Trends Report

Reading Time: 2 minutes

Veeam launched its 2024 Data Protection Trends report on January 17th.

For this report, Veeam had a third party interview 1200 IT leaders and implementers accross 10 countries throughout EMA, APJ and the Americas in 2024 – each leading the data protection strategies for their enterprise organization. The data was then compared to the data Veeam has collected on the topics in the report since 2020.

It contains some hidden gems, that data protection admins can benefit from in their daily practices:

 

Backups still matter in 2024!

Cybersecurity events were the most common and the most impactful cause of outages over the past two years for enterprise organizations. Only 25% of organizations believe they were not hit by a cybersecurity event. More organizations were hit quarterly (26%) than believe were not hit at all (25%).  Ransomware is a 'when', not 'if'. and it will likely be worse than you imagine.

 

VMs are only 25% of the problem

In 2024 the expected great migration from VMware's vSphere platform to other hypervisors and/or hyperscale platforms may prompt a different approach to backups.

While Veeam sounds synonymous to VM, organizations have to protect more than just virtual machines (VMs). VMs is typically just 25% of the workload that needs to be restorable, and thus require backups. Another half of the problem is cloud-based workloads, and this may shift fast through 2024. If your backup solutions offer backups for vSphere-based VMs, but no support for Hyper-V, or native support for VM-based cloud workloads, an agent may offer some functionality, but not the performance, reliability or ransomware preparedness that native support offers.

 

74% of enterprise organizations back up Microsoft 365 data

From the interviewed IT leaders, 74% back up using third-party backup product or Backup-as-a-Service solution. This metric is highly skewed because the interviewees work in organizations with 1000+ people. In the small to medium business (SMB) segment, though, that percentage is way lower, as Veeam's previous reports have pointed out. Microsoft's own backup service may shift these numbers in the lower segment, but in the 1000+ people segment they may not put a dent in that percentage.

 

Recovery test results are in – and sobering…

For enterprise organizations, in Disaster Recovery (DR) tests within the last year, 2 of 5 servers could not be recovered. Furthermore, only 32% of organizations can recover a 50-server site within a business week. Through testing consistently, these gaps can be addressed and recovery service level agreement (SLA) percentage improved.

Of these organizations, luckily, only a mere 1% did not perform a DR test in the past year…

 

54% of organizations are very likely to change backup solutions in 2024

The likelihood that organizations will switch its primary backup solutions/services within the next twelve months. 17% of interviewees say they definitely will and 37% will likely do so. These organizations are not perfectly happy with their current solution. They may want to switch from on-premises to Software-as-a-Service. On the other side, not every backup solution offers the ransomware resilience or cloud workload backup features that organizations require. At the lower end, some organizations want to improve the reliability and success of backups.

 

Posted on January 18, 2024 by Sander Berkouwer in Veeam, Veeam Vanguard

0  

I'm speaking at the inaugural Dutch Microsoft Entra Community Meetup

Reading Time: 2 minutes

Dutch Microsoft Entra Community

It's not often that a new community comes to life. Microsoft's rename of Azure AD to Entra, however, has sparked the birth of the Dutch Microsoft Entra Community, run by fellow MVPs Pim Jacobs and Jan Bakker and Microsoft senior product manager Stefan van der Wiele.

 

About the Dutch Microsoft Entra Community

The Dutch Microsoft Entra Community (DMECnl) focuses on organizing meetups around Microsoft Entra technologies throughout the Netherlands. The purpose of these meetups is to share knowledge and experiences on Microsoft Entra, including Entra ID, Entra ID Governance, Entra Permission Management, Entra Verified ID, Entra External ID, Entra Internet Access, and Entra Private Access.

Sessions during the meetup will primarily be hosted in Dutch, with the exception of foreign guest speakers.

 

About the inaugural DMECnl meetup

The Dutch Microsoft Entra Community organizes their first meetup on Thursday February 1st, 2024. This meetup is sponsored by Inspark and hosted by them in their Amstelveen office. Starting at 5 PM dinner will be served. Jan, Pim and Stefan kick off their community at 6 PM with a welcome and a quick overview on what's new in Entra in the past three months.

At 6:15 PM, Guus ter Berge takes the stage to talk for 60 minutes about securing and governing access to applications with Microsoft Entra ID. After a short break, I'll take the stage for another 60-minute session on applying the basics in Entra ID.

At 8:30 PM, drinks are served.

 

About my session

I’ll present a 60-minute session on:

Just apply the Basics in Entra ID, Already!

Thursday February 1st 2024, 7:30 PM – 8:30 PM

With Microsoft's focus on Defender for * and Entra ID Premium P2 features, you might start to believe that you can't be successful in your identity and zero trust journeys when you don't have these products and licenses. The opposite is true: without doing the basics, all these advanced products don't perform as well as you'd think…

It's the basics that most organizations seem to have forgotten, but without these basic measures, their Azure services are at risk in terms of security, privacy, and productivity. For most organizations applying these basics is trivial and relatively easy to start with, but there are caveats!

Come to this session to learn the basics and then apply 'em to your Entra ID.

 

Join us!

The inaugural Dutch Microsoft Entra Community Meetup is a free event.
All 60 currently available seats have been filled, but you can join the waiting list.

Posted on January 17, 2024 by Sander Berkouwer in Community, Entra ID, Microsoft MVP, Personal

0  

What's New in Microsoft Defender for Identity in December 2023

Reading Time: 2 minutes

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority (CA) admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).

 

New Identities area and dashboard in Defender XDR Preview

Organizations with Defender for Identity now have a new Identities area in Microsoft Defender XDR (formerly known as Microsoft 365 Defender) for information about identity security with Defender for Identity.

In Microsoft Defender XDR, select Identities to see any of the following new pages:

  • Dashboard: Shows graphs and widgets to help you monitor identity threat detection and response activities.
  • Health issues: Now moved from the Settings > Identities area, and lists any current health issues for your general Defender for Identity deployment and specific sensors.
  • Tools: Links to helpful information and resources when working with Defender for Identity, including links to documentation, specifically on the capacity planning tool, and the Test-MdiReadiness.ps1 script.

 

Security posture assessments for AD CS sensors Preview

Defender for Identity's security posture assessments proactively detect and recommend actions across your on-premises Active Directory configurations.

Recommended actions now include the following new security posture assessments, specifically for certificate templates and certificate authorities.

  • Certificate templates recommended actions:
    • Prevent users to request a certificate valid for arbitrary users based on the certificate template (ESC1)
    • Edit overly permissive certificate template with privileged EKU (Any purpose EKU or No EKU) (ESC2)
    • Misconfigured enrollment agent certificate template (ESC3)
    • Edit misconfigured certificate templates ACL (ESC4)
    • Edit misconfigured certificate templates owner (ESC4)
  • Certificate authority recommended actions:
    • Edit vulnerable Certificate Authority setting (ESC6)
    • Edit misconfigured Certificate Authority ACL (ESC7)
    • Enforce encryption for RPC certificate enrollment interface (ESC8)

The new assessments are available in Microsoft Secure Score, surfacing security issues and severe misconfigurations that pose risks to the entire organization, alongside detections. Your score is updated accordingly.

Note:
While certificate template assessments are available to all organizations that have Active Directory Certificate Services (AD CS) installed in their environment, certificate authority assessments are available only to organizations who've installed a sensor on an Windows Server-based Certification Authority (CA).

 

Defender for Identity release 2.224

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.223

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.222

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.221

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

Posted on January 5, 2024 by Sander Berkouwer in Active Directory, Active Directory Certificate Services, Defender for Identity, What's New

0  

What's New in Entra ID (Azure Active Directory) for December 2023

Reading Time: 2 minutes

Microsoft Entra ID

Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Entra ID for December 2023:

 

What's Planned

Decommissioning of Group Writeback V2 in Entra Connect Sync

Service category: Provisioning
Product capability: Entra Connect Sync

The public preview of Group Writeback V2 in Entra Connect Sync will no longer be available after June 30, 2024. After this date, Entra Connect Sync will no longer support provisioning cloud security groups to Active Directory.

Another similar functionality is offered in Entra Cloud Sync, called Group Provision to AD, that maybe used instead of Group Writeback V2 for provisioning cloud security groups to Active Directory. Enhanced functionality in Entra Cloud Sync, along with other new features, are being developed.

Organizations who use the preview Group Writeback V2 feature in Entra Connect Sync should switch their configuration from Connect Sync to Cloud Sync. Organizations may choose to:

  • Move all their hybrid sync to Entra Cloud Sync (if it supports their needs), or
  • Have Entra Cloud Sync run side-by-side and move only cloud security group provisioning to Active Directory onto Entra Cloud Sync.

Organizations who provision Microsoft 365 groups to Active Directory may continue using  Group Writeback v1 for this capability.

 

What's New

Configurable redemption order for B2B collaboration Public Preview

Service category: Business to Business (B2B) collaboration
Product capability: External ID

With configurable redemption, admins can customize the order of identity providers that guest users can sign in with when they accept an invitation. This lets organizations override the default configuration order set by Microsoft and use your organization's. This can be used to help with scenarios like prioritizing a SAML/WS-fed federation above an Entra ID verified domain, disabling certain identity providers as an option during redemption, or even only using something like email one-time pass-code as a redemption option.

 

What's Changed

Edits to Dynamic Group Rule Builder General Availability

Service category: Group Management
Product capability: Directory

The dynamic group rule builder has been updated to no longer include the 'contains' and 'notContains' operators, as they're less performant. If needed, admins can still create dynamic group rules with those operators by typing directly into the text box.

 

Posted on January 4, 2024 by Sander Berkouwer in Entra ID, What's New

0  

On-premises Identity-related updates and fixes for December 2023

Reading Time: < 1 minute

Windows Serrer

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.

This is the list of Identity-related updates and fixes we saw for December 2023:

 

Windows Server 2016

We observed the following update for Windows Server 2016:

KB5033373 December 12, 2023

The December 12, 2023, update for Windows Server 2016 (KB5033373), updating the OS build number to 14393.6529 is a monthly cumulative update and includes no Identity-related improvements.

 

Windows Server 2019

We observed the following update for Windows Server 2019:

KB5033371 December 12, 2023

The December 12, 2023, update for Windows Server 2019 (KB5033371), updating the OS build number to 17763.5206, is a monthly cumulative update and includes one Identity-related improvement: It enables Conditional Access polciies for Microsoft Defender for Endpoint (MDE).

 

Windows Server 2022

We observed the following update for Windows Server 2022:

KB5033118 December 12, 2023

The December 12, 2023, update for Windows Server 2022 (KB5033118), updating the OS build number to 20348.2159, is a monthly cumulative update and includes one Identity-related improvement: It enables Conditional Access polciies for Microsoft Defender for Endpoint (MDE).

Posted on January 2, 2024 by Sander Berkouwer in Active Directory, What's New

0  

Entra Connect Sync v2.3.2.0 includes Functional and Other changes

Reading Time: < 1 minute

Entra Connect Sync v2.3.2.0 includes functional and other changes.

 

What’s New

Entra Connect Sync v2.3.2.0 offers functional and other changes.

 

Accessibility improvements

Application scaling with Windows Accessibility font size setting has been added. Now, when admins make text bigger in the Ease of Access settings, Entra Connect Sync's windows and pop-ups now automatically scale too.

 

Group Writeback v2 is deprecated

The Group Writeback v2 feature in Entra Connect Sync can no longer be enabled as the feature is being decommissioned.

 

SQL-related driver updates

The SQL-related drivers shipped with Microsoft Entra Connect have been updated:

  • ODBC to v17.10.5
  • OLE DB to v18.6.7

 

Entra Connect Health upgrade

Entra Connect Health, shipped with Microsoft Entra Connect, has been updated to v4.5.2428.0.

 

Bug fix for Seamless Single Sign-on with Azure in China

Entra Connect Sync v2.3.2.0 fixes a bug with Seamless Single Sign-on for Azure in China.

 

Version information

Version 2.3.2.0 of Entra Connect Sync (previously known as Azure AD Connect Sync) was made available for download only on December 12th, 2023.

You can download the latest version of Entra Connect Sync here.

Posted on December 18, 2023 by Sander Berkouwer in Uncategorized

0  

Backing up and Restoring Entra ID objects and their attributes in 2023

Reading Time: 5 minutes

Microsoft Entra ID

In recent years, if you wanted to make backups of objects in Microsoft Entra ID (Azure AD) and be able to restore them reliably, there was only one vendor that met the bill. Now, at the end of 2023, I'm seeing other companies offering help with backing up and restoring objects in Microsoft Entra ID. In this blogpost, I'm sharing my views on the solutions that are now available.

 

Why Entra ID backup and restore matters

Hybrid Identity scenario

When organizations operate Hybrid Identity environments, consisting in most cases of Active Directory, Entra ID (Azure AD) and Entra Connect (Azure AD Connect), it’s critical for security and compliance purposes that they can ensure the availability and integrity of both on-premises Active Directory as well as Entra ID (Azure AD).

Regardless of the Hybrid Identity configuration, some attributes and some objects are not synchronized or synced back. Typical user attributes include strong authentication settings. Typical group attributes include memberships and dynamic group definitions. Entra-joined devices live in Entra ID only. Conditional Access policy definitions live in Entra ID only. When a user account is disabled in Active Directory on-premises, all the Teams memberships for the corresponding user object in Entra ID are irrevocably removed at that time.

Without the ability to backup and restore objects and attributes in Microsoft Entra ID, this information is lost forever when removed, inadvertently changed or improperly managed. As Entra ID provides authentication and authorization to all Microsoft 365, Dynamics 365  and Azure resource, this is increasingly seen as an unacceptable risk.

Cloud-only scenario

For organizations that merely have cloud-only objects and attributes that aren’t synchronized to an on-premises Identity store, the availability and integrity of objects and attributes in Entra ID is even more critical. When Entra ID is unavailable, all sign-ins stop and thus all access stops.

 

Products and Services

Today, in the last month of 2023, I'm aware of the following companies offering help with backing up and restoring objects in Microsoft Entra ID (sorted by founding date):

 

Quest

Quest Software Inc. is a privately owned company with its headquarters in Aliso Viejo, California. It was founded in 1987.

Quest On Demand Recovery for Azure Active Directory has been the solution for organizations wanting to make backups of objects in Entra ID (Azure AD). It provides restores of entire objects and roll-back of changes to objects. This functionality has been available since 2019 and offers backups and restores of user objects, group objects and Conditional Access policies. Quest On Demand is a Software-as-a-Service (SaaS) solution.

 

Commvault

Commvault is a public US company, founded in 1996 and headquartered in New Jersey.

Commvault is the only company in this overview that offers both an on-premises and a Software-as-a-Service (SaaS) solution for backing up and restoring objects in Entra ID (Azure AD):

  1. Commvault Backup & Recovery
    Commvault's software solution to run by organizations in their own datacenters and on their own storage supports backing up and restoring Entra ID (Azure AD) user objects, groups, enterprise applications and application registrations. This feature has been part of Commvault v11.20, dated June 15, 2020.
  2. Commvault Cloud
    After introducing Metallic as a data protection solution for business of all sizes in 2019, in November 2023, Commvault folded Metallic back in under the Commvault Cloud monniker. In June 2021, Metallic introduced their backup-as-a-service of Azure AD users and groups as part of their Software-as-a-Service solution. In December 2023, backup and recovery for Conditional Access policies and privileged roles was added to the solution.

 

ManageEngine

ManageEngine is a subcompany of ZOHO, focusing on enterprise management software. ZOHO Corporation Pvt. Ltd. is a private company that was founded in 1996 and headquartered in Pleasanton, California.

RecoveryManager Plus is ManageEngine's solution for backing up and restoring objects in Entra ID (Azure AD). It offers to back up all Entra ID objects like user objects, groups, devices, enterprise applications, application registrations, privileged roles, Subscribed SKUs, Conditional Access policies, Administrative Units (AUs), and domains. It is solution is to be run by organizations in their own datacenters and on their own storage.

 

AvePoint

AvePoint Inc is a public US company, founded in 2001 and headquartered in New Jersey. On July 2, 2021, AvePoint went public (AVPT).

AvePoint's Azure Backup service includes Azure Entra ID (Formerly Azure AD), Azure Virtual Machines, Azure Storage, AWS VMs and much more, as a Software-as-a-Service (SaaS) solution. However, its Microsoft 365 Backup Express service, does not include it.

 

Keepit

Keepit A/S is a Danish company, founded in 2007 and headquartered in Copenhagen, Denmark.

Keepit specialized in cloud-to-cloud backup and recovery services. They talked about their upcoming Azure AD Backup and Recovery solution at the 2022 European SharePoint Conference in Copenhagen late November 2022.  They launched their solution as Backup and Recovery for Azure AD (now Entra ID), a Software-as-a-Service (SaaS) solution that provides resilience in the face of Entra ID (Azure AD) outages, compromises, and misconfigurations, as your organization needs access to data.

Keepit's solution offers backups and restores of user objects, groups, roles, administrative units (AUs), audit logs and sign-in logs. Along with backup and restore capabilities for other cloud services, like Microsoft 365, Dynamics 365, Power Platform, Azure DevOps, Zendesk, Google Workspace, and Salesforce, Keepit provides a wide range of capabilities for most cloud services in use.

Their data locations are located in Australia (for customers in the Asia-Pacific region), in Copenhagen, Frankfurt and London (for EU customers) and in Ashburn and Toronto (for customers in the Americas). This way, for their EU customers, Keepit promises data sovereignty.

 

Semperis

Semperis Inc. is a US company, founded in 2014 and headquartered in New Jersey and operates internationally. Their research and development teams are distributed between San Francisco and Tel Aviv and may also be known from Purple Knight, a free cybersecurity assessment tool downloaded by 10,000+ users, and Forest Druid, a first-of-its-kind Tier 0 attack path discovery tool.

Semperis offers Active Directory Security and Recovery solutions. Their new Recovery for Azure AD Software-as-a-Service (SaaS) solution provides backups and restores of user objects, groups and roles.

The Recovery for Azure AD solution adds Entra ID backup and restore capabilities as an addition to their award-winning Directory Services Protector (DSP) and Active Directory Forest Recovery (ADFR) products.

 

Rubrik

Rubrik Inc is a private US company, founded in 2014 and headquartered in Palo Alto, California,

In May 2023, Rubrik unfolded its plans to build support for Entra ID user objects, groups, enterprise apps, and application registrations directly into Rubrik Security Cloud as a Software-as-a-Service (SaaS) solution. Its Rubrik Security Cloud now supports Entra ID, with caveats.

 

Concluding

Currently, six SaaS solutions and two on-premises solutions are readily available to backup and restore objects and their attributes in Microsoft Entra ID.

Further reading

Why Azure AD Backup is Needed | Practical365
How to Back Up and Restore Azure Active Directory
EntraExporter: PowerShell module to export a local copy of an Entra (Azure AD)
Recoverability best practices in Microsoft Entra ID

Posted on December 12, 2023 by Sander Berkouwer in Enterprise Security, Entra ID, Tools I Use

1  

What's New in Veeam Backup and Replication v12.1 for Identity Admins

Reading Time: 2 minutes

Veeam Backup & Replication

The Veeam Data Platofrm 23H2 update was released on Tuesday December 5th, 2023.

11 products received updates, including Veeam Backup & Replication v12.1, Veeam ONE v12.1, Veeam Recovery Orchestrator 7, Veeam Agent for Windows 6.1, Veeam Agent for Linux v6.1, Veeam Agent for Oracle Solaris v4.1, Veeam Agent for IBM AIX v4.1, Veeam Agent for Mac 2.1, Veeam Backup for AWS v7, Veeam Backup for Microsoft Azure v6 and Veeam Backup for Google Cloud v5.0.

The focus of this release is on security, with features like Inline Malware Scan, Four eyes authorization. Additionally, the best practices analyzer is not whe Security & Compliance Analyzer. Veeam ONE v12.1 now offers a Threat Center Dashboard that provides a central view on the data protection security status.

v12.1 is touted as the biggest minor release in the history of Veeam Backup & Replication (VBR) and it sure offers a lot of new functionality: It's What's New documentation spans 24 pages. Not every feature is as interesting as other features, so I decided to provide you with the five features that sparked my interest as an Identity admin:

 

Sensitive data protection

Saved credentials stored in the configuration database in an encrypted form using Microsoft Data Protect API (DPAPI) are now additionally protected with a randomly generated entropy value providing additional key derivation. This entropy is stored in the backup server registry key only accessible to the Local Administrators group, providing protection against attacks by unprivileged users and processes.

However, a newly installed backup server cannot decrypt such information if attached to the existing database, so any encrypted information must be supplied manually. To work around this, use the configuration backup and restore functionality for backup server migrations.

 

Restore mailbox to any domain from Enterprise Manager

Backup admins can now restore Microsoft Exchange items to any domain. To enable this option, select the corresponding checkbox in the Active Directory account settings and the restore wizard will prompt you for the admin credentials of the desired domain.

 

Gmail and Microsoft 365 email notifications

For Veeam Explorer email notifications, in addition to basic SMTP servers, v12.1 now supports Google Gmail and Microsoft 365 with their OAuth 2.0 protocol-based secure authorization and access-token-based authentication.

 

Entra ID authentication to Object Storage

Backup admins can now leverage service principals (application registrations) to access Microsoft Azure Blob Storage resources, which is a more secure approach recommended by Microsoft over using shared keys.

 

Google Service Credentials for the Backup server's REST API

Backup server REST API has been expanded with support for Google Cloud Platform (GCP) service account credentials in REST API. Backup admins can specify a JSON account key generated by Google Cloud and use it in their resources.

Posted on December 8, 2023 by Sander Berkouwer in Veeam, Veeam Vanguard, What's New

0  

What's New in Microsoft Defender for Identity in November 2023

Reading Time: 2 minutes

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority (CA) admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).

 

Defender for Identity release 2.220

Defender for Identity release 2.220 includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.219

Defender for Identity release 2.219 includes improvements and bug fixes for cloud services and the Defender for Identity sensor. It also includes an Identity timeline feature:

Identity timeline includes more than 30 days of data Preview

Defender for Identity is gradually rolling out extended data retentions on identity details to more than 30 days.

The identity details page Timeline tab, which includes activities from Defender for Identity, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint, currently includes a minimum of 150 days and is growing. There might be some variation in data retention rates over the next few weeks.

To view activities and alerts on the identity timeline within a specific time frame, select the default 30 Days and then select Custom range. Filtered data from more than 30 days ago is shown for a maximum of 7 days at a time.

 

Defender for Identity release 2.218

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

Posted on December 7, 2023 by Sander Berkouwer in Defender for Identity, What's New

0