Infrastructure + Security - Noteworthy News (April, 2019) - Ask Premier Field Engineering (PFE) Platforms

5/2/2019 Infrastructure + Security: Noteworthy News (April, 2019) | Ask Premier Field Engineering (PFE) Platforms
Server & Tools Blogs > Server &

Management Blogs > Ask Premier Field
Engineering (PFE) Platforms
Sign in
Ask Premier Field

Engineering (PFE)
Platforms
Infrastructure + Security:
Noteworthy News (April,
2019)
★
★★★★
★★
★★★★★
★★★
April 29, 2019 by BrandonWilson // 0 Comments
Share 5 0 0
Hi there! Stanislav Belov here, and you are reading

the next issue of the Infrastructure + Security:
https://blogs.technet.microsoft.com/askpfeplat/2019/04/29/infrastructure-security-noteworthy-news-april-2019/ 1/19
Noteworthy News series!
As a reminder, the Noteworthy News series covers

various areas, to include interesting news,
announcements, links, tips and tricks from
Windows, Azure, and Security worlds on a monthly
basis.
Microsoft Azure
Microsoft Azure portal April 2019 update

This month’s updates include improvements
to IaaS, Azure Data Explorer, Security Center,
Recovery Services, Role-Based Access
Control, Support, and Intune.
Defense in depth security in Azure (Video)

Learn how Microsoft designs and operates
Azure, and get an overview of Azure
services and capabilities to secure, manage
and monitor your cloud data, apps and
infrastructure. In this Azure Essentials, we
also go in-depth on the controls of the

Azure Security Center and explain the
controls you can leverage as well as what
Microsoft does to keep your data, apps,
compute and networking resources secure.
Web application firewall at Azure Front Door

service
WAF with Front Door service leverages the
scale of and the deep security investments
we have made at the Azure edge, and it is
designed to protect you from multiple
attack vectors such as injection type attacks
and volumetric DoS attacks. It inspects each
incoming request at Azure’s network edge,
stops unwanted traffic before they enter
your backend servers, and offers protection
at scale without sacrificing on performance.
Azure AD Password Protection is now

generally available!
To help users avoid choosing weak and
vulnerable passwords, we updated the
banned password algorithm. Using the
global banned password list that Microsoft

updates and the custom list you define,
Azure AD Password Protection now blocks a
wider range of easily guessable passwords.
Read our detailed documentation to learn
more about how password strength is
evaluated and how Azure AD Password
Protection can help block weak passwords
in your organization.
Windows Server
Windows Admin Center 1904 GA update is

now available!
As a platform, version 1904 of Windows

Admin Center is generally available, and
contains all the features and improvements
of the previous monthly preview releases. As
the number of capabilities grow, please note
that some extensions and features are still
clearly marked as “preview” to help
differentiate newer functionality and allow

for flexibility of ecosystem growth.
Windows Client
Introducing the security configuration

framework: A prioritized guide to hardening
Windows 10
In the past, we left defining the security

configuration for Windows 10 as a task for
every customer to sort out. As a result, we
saw as many different configurations as we
saw customers. Standardization has many
advantages, so we developed a security
configuration framework to help simplify
security configuration while still allowing
enough flexibility to allow you to balance
security, productivity, and user experience.
We are defining discrete prescriptive
Windows 10 security configurations (levels 5
through 1) to meet many of the common
device scenarios we see today in the

enterprise.
Improving the Windows 10 update

experience with control, quality and
transparency
While regular updates are critical to keeping

modern devices secure and running
smoothly in a diverse and dynamic
ecosystem, we have heard clear feedback
that the Windows update process itself can
be disruptive, particularly that Windows
users would like more control over when
updates happen. On April 4 we announced
significant changes in the Windows update
process, changes designed to improve the
experience, put the user in more control,
and improve the quality of Windows
updates.
Announcing the public preview of Windows

Virtual Desktop
On March 21, we moved to the next phase
and announced the public preview of
Microsoft Windows Virtual Desktop. Now,
all customers can access this service—the
only service that delivers simplified
management, a multi-session Windows 10
experience, optimizations for Office 365
ProPlus, and support for Windows Server
Remote Desktop Services (RDS) desktops
and apps. With Windows Virtual Desktop,
you can deploy and scale your Windows
desktops and apps on Azure in minutes and
enjoy built-in security.
Security
Improving security by protecting elevated-

privilege accounts at Microsoft
Microsoft Core Services Engineering and

Operations (CSEO) developed and
implemented a defense-in-depth security
approach to help reduce our attack surface

and take enterprise security to the next
level. We are implementing least-privilege
access, using isolated identities for elevated
privilege accounts, and reducing the
amount of persistent elevated access. For
administrators, we are providing secure
workstations that are used to connect to a
dedicated cloud environment in a secure
datacenter.
How Microsoft secures elevated access with

tools and privileged credentials (Video)
Microsoft has been working to establish

secure, isolated environments, credential
management services and policies, and
secure admin workstations to help protect
mission-critical systems and services—
including those used to manage cloud
services, like Azure. Listen in as our experts
answer questions about the strategies we
use to help secure critical corporate assets
and increase protection against emerging

pass-the-hash attacks, credential theft, and
credential reuse scenarios.
Chief Information Security Officer (CISO)

Workshop Training
This Chief Information Security Office (CISO)

workshop contains a collection of security
learnings, principles, established best
practices, and emerging best practices for
modernizing security in your organization
for the cloud age. This workshop is built on
a combination of experience from
Microsoft’s security teams and learnings
from our customers.
Bolster efficiency of security teams with new

Automated Incident Response in Office 365
ATP
Office 365 ATP offers unparalleled

protection from targeted and zero-day
attacks over email and other collaboration
vectors. Building over the massive threat
intelligence signal available in the Microsoft
Intelligent Security Graph and pairing it with
sophisticated Machine Learning algorithms,
Office 365 ATP offers security teams best-in-
class prevention, detection and response
capabilities to keep their organizations
secure with stellar effectiveness and
efficiency. On April 4th, we announced new
Automation capabilities in Office 365 ATP
that further amplify the efficiency of security
teams as they investigate and respond to
threats within their organization.
Protect your documents and email: top 10

actions to secure your environment
The “Top 10 actions to secure your
environment” series outlines fundamental
steps you can take with your investment in
Microsoft 365 security solutions. In “Step 8.
Protect your documents and email,” you’ll

learn how to deploy Azure Information
Protection and use Office 365 Advanced
Threat Protection (ATP) and Exchange
Online Protection to help secure your
documents and emails.
Discover shadow IT and take control of your

cloud apps: top 10 actions to secure your
environment
The “Top 10 actions to secure your
environment” series outlines fundamental
steps you can take with your investment in
Microsoft 365 security solutions. In “Step 7.
Discover shadow IT and take control of
cloud apps,” you’ll learn how to set up
Microsoft Cloud App Security (MCAS) to
identify, access, and manage the cloud
applications used by your organization.
IT Pros can now easily connect to Microsoft

Graph Security with the PowerShell Module!
We now have a new PowerShell module for
the Microsoft Graph Security API that makes
it easier for IT Pros to connect with the API

from a PowerShell console. This module is
available on the PowerShell gallery, thanks
to a community contribution from the
Microsoft Cloud Security’s Customer
Experience Engineering team. The Microsoft
Graph Security API connects multiple
security solutions to enable easier
correlation of alerts, provide access to rich
contextual information, simplify
automations and investigations. This
empowers organizations to quickly gain
insights and take actions across their
security products, while reducing the cost
and complexity of building and maintaining
multiple integrations. For further details on
integrating with the Microsoft Graph
Security API, learn about the API and access
the schema.
Secure access to your enterprise with

Microsoft 365 Enterprise E5
What if we could make user access simpler
for users and simultaneously more secure
for the enterprise? That’s the topic of the

first e-book in a six-part series that
describes how you can use the full Microsoft
365 Enterprise E5 suite to comprehensively
address today’s security challenges without
reducing employee productivity.
Vulnerabilities and Updates
Now available: Microsoft System Center

2019!
As of March 14, 2019, we are pleased to let

you know that System Center 2019 is
generally available. Customers with a valid
license of System Center 2019 can
download media from the Volume Licensing
Service Center (VLSC). We will also have the
System Center 2019 evaluation available on
the Microsoft Evaluation Center.
Support Lifecycle
Windows 7 support will end on January 14,

2020
Microsoft made a commitment to provide

10 years of product support for Windows 7
when it was released on October 22, 2009.
When this 10-year period ends, Microsoft
will discontinue Windows 7 support so that
we can focus our investment on supporting
newer technologies and great new
experiences. The specific end of support day
for Windows 7 will be January 14, 2020.
After that, technical assistance and
automatic updates that help protect your PC
will no longer be made available for the
product. Microsoft strongly recommends
that you move to Windows 10 sometime
before January 2020 to avoid a situation
where you need service or support that is
no longer available.
Extended Security Updates for SQL Server

and Windows Server 2008/2008 R2:

Frequently Asked Questions (PDF)
On January 14, 2020, support for Windows

Server 2008 and 2008 R2 will end. That
means the end of regular security updates.
Don’t let your infrastructure and
applications go unprotected. We’re here to
help you migrate to current versions for
greater security, performance and
innovation.
Products reaching End of Support for 2019
Products reaching End of Support for 2020
Microsoft Premier Support

News
We are happy to announce the release of
three new Onboarding Accelerator solutions

to implement and operate Microsoft
Advanced Threat Detection technologies:
Onboarding Accelerator – Advanced
Threat Detection – Implementing and
Operating Azure ATP, Onboarding
Accelerator – Advanced Threat Detection
– Implementing Advance Threat Analytics
& the Onboarding Accelerator –
Advanced Threat Detection – Operating
Advance Threat Analytics.
Does your organization struggle to

effectively apply security baselines? Has
your organization’s journey towards
cybersecurity resiliency been hampered by
environmental or operational roadblocks
within your infrastructure? If you answered
yes to one or both questions then the
Onboarding Accelerator – Implementing
Security Baselines
can help you. This offering provides a
repeatable, scalable solution to quickly and
cost-effectively help mitigate security
blockers by designing a plan to implement

Microsoft hardening best practices across
your Domain connected Operating Systems.
Check out Microsoft Services public blog for

new Proactive Services as well as new
features and capabilities of the Services
Hub, On-demand Assessments, and On-
demand Learning platforms.
Recent Posts
Infrastructure + Security: Noteworthy News (April,

2019) April 29, 2019
MSIX Packaging Tool Update April 23, 2019
Troubleshooting Session: App-V on M.A.D. Day in
Hamburg #1 April 23, 2019
Windows Server 2016 – WUSA Event ID 3: “The
referenced assembly could not be found” April 17,
2019
Tags #proudmicrosoftemployee
Active Directory AD Azure
Azure Active Directory Azure AD
defense Microsoft 365
Office 365 PowerShell Premier
Premier services Security
SQL Server Stanislav Belov
support lifecycle VDI
virtual desktop Windows
Windows 10 Windows 7
windows server
Windows Server 2008
Windows Server 2008 R2
Windows Update
Join the conversation
Add Comment
© 2019 Microsoft Corporation.
Terms of Use Trademarks Privacy & Cookies

Infrastructure + Security - Noteworthy News (April, 2019) - Ask Premier Field Engineering (PFE) Platforms

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Infrastructure + Security - Noteworthy News (April, 2019) - Ask Premier Field Engineering (PFE) Platforms

Uploaded by

Copyright:

Available Formats

5/2/2019 Infrastructure + Security: Noteworthy News (April, 2019) | Ask Premier Field Engineering (PFE) Platforms

Server & Tools Blogs > Server &

Ask Premier Field

April 29, 2019 by BrandonWilson // 0 Comments

Hi there! Stanislav Belov here, and you are reading

Noteworthy News series!

As a reminder, the Noteworthy News series covers

Microsoft Azure portal April 2019 update

Defense in depth security in Azure (Video)

also go in-depth on the controls of the

Web application firewall at Azure Front Door

Azure AD Password Protection is now

global banned password list that Microsoft

Windows Admin Center 1904 GA update is

As a platform, version 1904 of Windows

differentiate newer functionality and allow

Introducing the security configuration

In the past, we left defining the security

device scenarios we see today in the

Improving the Windows 10 update

While regular updates are critical to keeping

Announcing the public preview of Windows

Improving security by protecting elevated-

Microsoft Core Services Engineering and

approach to help reduce our attack surface

How Microsoft secures elevated access with

Microsoft has been working to establish

and increase protection against emerging

Chief Information Security Officer (CISO)

This Chief Information Security Office (CISO)

Bolster efficiency of security teams with new

Office 365 ATP offers unparalleled

Protect your documents and email: top 10

Protect your documents and email,” you’ll

Discover shadow IT and take control of your

IT Pros can now easily connect to Microsoft

it easier for IT Pros to connect with the API

Secure access to your enterprise with

for the enterprise? That’s the topic of the

Vulnerabilities and Updates

Now available: Microsoft System Center

As of March 14, 2019, we are pleased to let

Windows 7 support will end on January 14,

Microsoft made a commitment to provide

Extended Security Updates for SQL Server

and Windows Server 2008/2008 R2:

On January 14, 2020, support for Windows

Products reaching End of Support for 2019

Products reaching End of Support for 2020

Microsoft Premier Support

We are happy to announce the release of

three new Onboarding Accelerator solutions

Does your organization struggle to

blockers by designing a plan to implement

Check out Microsoft Services public blog for

Infrastructure + Security: Noteworthy News (April,

Active Directory AD Azure

Azure Active Directory Azure AD

defense Microsoft 365

Office 365 PowerShell Premier

Premier services Security

SQL Server Stanislav Belov

support lifecycle VDI