Now that our root Windows Server 2012 R2 certificate authority is installed and published to Active Directory from Part 1, it is time to bring online our subordinate CA. The subordinate CA will be our online issuing CA, since it will be the CA which issues all certificates, be they for users,...
While I have written a number of articles focused on SSL certificates and templates, I have not done a mini-series on how to actually install a Windows Certificate Authority. For this series I'm using Windows Server 2012 R2, but the steps are pretty much identical for Windows Server 2012. Microsoft...
One of the most critical aspects to securing your VMware vSphere environment is replacing the self-signed certificates with trusted certificates. VSS Labs is releasing a new product, called vCert Manager, which will vastly improve the SSL certificate management experience for VMware customers. Over the years I've written several articles detailing...
Hot off the press DISA has released the VMware vSphere 5 STIG, which includes vCenter, ESXi and VM components. For those of you familiar with U.S. Government IT systems, you've probably heard of the DISA STIGs. STIGs are Security Technical Implementation Guides, which set the baseline for a variety of operating systems, network...
Back a few TechEd conferences ago I learned about a new tool called EMET (Enhanced Mitigation Experience Toolkit) from Microsoft that was designed to add additional layers of protection to Windows operating systems. Given my strong focus on secure solutions, I was a big fan of EMET. Over the years some...
This was a highly technical session going into the depths of a few new Windows 8.1 security features. The session focused on passwords, and how bad they are, and establishing trusted identity with BYOD. Virtual smart cards were also on the agenda, which are really cool. The speaker was very...
This session was presented by Mark Simos, Aaron Margosis from Microsoft. Pass the hash (PtH) is an extremely common method that companies become owned by the bad guys. This session covered what PtH is, how it works, and some mitigation techniques. Microsoft recently released an extensive whitepaper on mitigating PtH...
This session covered new security features in Windows 8, and at the end, some of the new features in Windows 8.1. It was an excellent session, with a very well organized presenter. It was a firehose of information, but clearly laid out and easy to take notes from. The bottom...
If anyone has been following the release of vSphere 5.1, you know it was not exactly a smooth launch. In fact, I would dare to call it a huge debacle. To me, it seems like it was rushed out the door without having components even beta tested, like the required...
Windows 8 and Windows Server 2012 have a number of brand new boot-time security features to help combat malware. While this article is not going to discuss them in depth, I will briefly describe them so you understand what they are and how to configure one feature, Secure Boot. Microsoft...