SSO is your doorkeeper, watch it with Azure Sentinel

Posted Leave a comment

For many organizations, a Single Sign On (SSO) identification system is used to verify users’ access to applications and services. Everyone uses SSO, such as when you authenticate using a Microsoft account to access outlook.com, or a Google account to access gmail.com (or visa-versa). You can of course use either a Microsoft or a Google […]

A Governance Plan for Managing Overrides to Azure Monitor and Azure Sentinel Rules

Posted Leave a comment

A common and useful concept in management applications is to distinguish between (1) built-in, non-changing monitoring settings and (2) custom, dynamic exceptions to the standard settings. This article details methods to use existing Azure features to achieve this operational necessity. Objective: Keep standard rulesets and environment-specific exceptions separate Once you are using Azure Monitor and […]

SCOM Service Account Password Freedom at Last

Posted 5 Comments

Microsoft System Center Operations Manager (MOM and SCOM) administrators have for almost two decades needed to manage up to four (4) domain service accounts requiring passwords. A feature called Group Managed Service Accounts (gMSA) introduced in Windows Server 2012 is now supported by SCOM 2019 with its latest update (UR1). Converting existing SCOM 2019 instances […]

Using Azure Sentinel: How much does it cost?

Posted Leave a comment

Microsoft’s cloud-based SIEM, Azure Sentinel, achieved general availability (GA) on 9/24/2019. Two previous articles Azure Sentinel: New Microsoft SIEM almost free to trial and Azure Sentinel updates: New Data Connector UX, AWS live, CyberArk coming walked through the Azure Sentinel basics and evolution during it’s almost 9 month preview period. Now that the product is […]

Windows 10 platform: Getting value from Microsoft Stores for Business and Education

Posted Leave a comment

As many enterprises nearly complete their migrations to Windows 10, IT pros are turning their attention to optimizing the Windows 10 platform. One of the Windows 10 features that organizations can leverage is the Windows 10 user experience including interacting with the Microsoft Storeā€¦applications downloaded from the store install quickly, and automatically update from the […]

Azure Sentinel updates: New Data Connector UX, AWS live, CyberArk coming

Posted Leave a comment

With little fanfare earlier this month, Microsoft released a significant UX (user experience) update to the Data Connectors component of Azure Sentinel, their new flagship cloud-based SIEM: Connect Data Sources to Azure Sentinel. Read more about the Sentinel Preview in my previous article. The new connector selection and configuration features are a big improvement and […]

Azure Sentinel: New Microsoft SIEM almost free to trial

Posted Leave a comment

2019 is the year to invest in learning about Azure Sentinel. A key reason: during the Public Preview period Azure Sentinel services are provided at no extra charge. The economic motivation: popular cloud-based Enterprise SIEM services (Security information and event management) are among the most expensive and business critical cloud services large and high-value organizations […]

Speaking at MMS 2019

Posted Leave a comment

I’m leaving tomorrow for Minneapolis to speak at the Midwest Management Summit in the Mall of America next week. I will be co-presenting at 3 breakout sessions and co-hosting a panel session. In order when they appear in the schedule, here are my sessions: Tuesday, May 7 ā€¢ 12:00pm – 12:45pmNerds of a Feather – […]

SCOM 2019: Fast track setup on an Azure VM

Posted 1 Comment

The newest release of System Center Operations Manager, SCOM 2019, recently became available to install and evaluate in March 2019. Microsoft continues to invest in the System Center product line and SCOM 2019 is a nice delivery of improved performance and new features. The most significant updates to SCOM seem to be in the hybrid […]

WHITE PAPER: Automatic Remediation Tasks in the Hybrid Environment

Posted 2 Comments

Azure and SCOM solutions detailed and compared Situation: You have an Azure VM running Windows Server hosting a high-value website. You need to do two things: (1) monitor that the website is running, and (2) if the site is discovered to be stopped, you want to send a start command to the website. Tools available: […]