For the last several months Pete Zerger, Tao Yang, Kevin Greene, Anders Bengtsson and me have been working hard to update Inside OMS book. With the latest changes we are now on version 3 of the book and with new name: Inside Azure Management
Category: Hybrid Security
What is OMS and a Brief History of It
While discussing Azure/OMS topics in the community I often see incorrect usage of OMS (Operations Management Suite). That is understandable of course as Microsoft hasn’t done good job at clearing out all the terms but I still think we should be using the correct term when posting questions or discussing OMS in forums and other sites. This can help us communicate better between each other and especially in forums could result to answering question faster. As we the move from OMS Portal to Azure Portal it was about time to write this blog post which I’ve intended to do for quite some time but always delayed due to different circumstances.
OMS Portal Moving to Azure
For quite some time it was clear that the OMS Portal will move completely to Azure and that is good news. We have seen services like Update Management, Azure Security Center (Security & Audit solution is part of it) releasing new functionalities only in Azure Portal. In fact some services that have been part of OMS (OMS is a suite not a product or service) have always been in Azure Portal. Such services are Azure Backup, Site Recovery, Application Insights, etc. Microsoft has documented OMS Portal deprecation but I would like to add some things to the ones documented there:
Mitigate speculative execution side-channel vulnerabilities
Seems the new year bring us some bad surprises in terms of security. There has been some rumors and now turned out to be truth that certain processors are vulnerable to certain attacks. Yes processors. That means that affects a wide variety of Operating Systems. As Microsoft puts it:
Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM. Note: this issue will affect other systems such as Android, Chrome, iOS, MacOS, so we advise customers to seek out guidance from those vendors.
Source: ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities
Continue reading “Mitigate speculative execution side-channel vulnerabilities”
Find if You Are Using Only TLS 1.2 Protocol with Log Analytics
I’ve stumbled on a great article by Brandon Wilson named Demystifying Schannel on which he explains how we can enable verbose logging for Schannel to found out what protocols our machines are using. As I leave and breathe Log Analytics and love to crunch data I thought would be cool example if we can ingest that data into it and show you some cool example with the new query language on transforming data.
Continue reading “Find if You Are Using Only TLS 1.2 Protocol with Log Analytics”