Azure Just-in-Time VM Access

Azure Security Center provides several threat prevention mechanisms to help you reduce surface areas susceptible to attack. One of those mechanisms is Just-in-Time (JIT) VM Access. Today Microsoft announced the general availability of Just-in-Time VM Access, which reduces your exposure to network volumetric attacks by enabling you to deny persistent access while providing controlled access to VMs when needed. When you enable JIT for your VMs, you can create a policy that determines the ports to be protected, how long ports remain open, and approved IP addresses from where these ports can be accessed. The policy helps you stay in…
Read More

Microsoft Azure Security

As we all know in this day and age our workloads are more likely to migrate to the cloud which I'm sure you all know has it's benefits and it's inherent downsides.  One discussion point on everyone's mind is always security (so it should be), just how secure is the cloud. One thing to bear in mind is that your time and approach to defining security principles should be no different to that of on-premises.  Having worked with Azure for a number years I just wanted to share some pertinent information around the security model specifically with Azure. The following…
Read More

Microsoft Re-Releases Exchange Server Update Rollups Due to Code Signing Issue

In a brief blog post the Microsoft Exchange team has announced the re-release of the latest round of update rollups for Exchange Server. Earlier today we re-released the following Rollup Updates. These updates address an issue in which digital signatures on files produced and signed by Microsoft will expire prematurely, as described in Microsoft Security Advisory 2749655. Update Rollup 4-v2 for Exchange Server 2010 Service Pack 2 (KB2756485) Update Rollup 7-v2 for Exchange Server 2010 Service Pack 1 (KB2756496) Update Rollup 8-v2 for Exchange Server 2007 Service Pack 3 (KB2756497) For further information Paul Cunningham over at ExchangeServerPro.com has covered this in a bit more detail. Thanks…
Read More

Enable Tech Support Mode Timeout

Tech Support Mode is a great feature of ESXi that lets admins and support personnel access the command directly on a ESXi hosts. This can be done via SSH or thru the host console. The security risk is that the console does not shut down automatically by default. There is a simple fix for this however, you can set the auto-timeout so that Tech Support Mode will shutdown automatically after a certain time has passed. You can find a great article on tech support mode here. To enable the Tech Support Mode Timeout via the vSphere Client (from the KB Article):…
Read More

VMware vSphere 5.0 Hardening Guide

Last Friday, VMware released their vSphere 5.0 Security Hardening Guide v1.0. It’s a great and extensive guide to completely secure your VMware vSphere 5 Infrastructure from ESXi host to vCenter server and from the vNetwork to virtual machine. The coincidence is that yesterday I had a discussion with a colleague on enabling root access on a customers ESXi hosts. Following this hardening guide will prevent people from adding vulnerabilities to a great product. With this new release the format of this guide has changed from previous versions. The guide is being released as a Excel spreadsheet only. The guideline metadata from earlier guides has been greatly…
Read More