Tag Archives: Windows

For Sale – Razer Blade Stealth 13 – Iris Plus, i7-1065G7, 256GB, 16GB, Full HD, White

Brand new boxed and sealed 2020 model

OS – Windows 10 Home
Processor – 25W Quad-Core 10th Gen Intel® Core™ i7-1065G7 Processor
Graphics – Intel® Iris™ Plus Graphics
Display – 13.3″ FHD Matte w/ 4.9mm slim side bezel
Storage – 256GB
Memory – 16GB dual-channel (fixed)
Battery – Up to 10 hours (53.1Wh)
Keyboard – Single-zone RGB powered by Razer Chroma™
Finish – Anodized mercury white finish, tone on tone Razer logo
Dimensions – 0.60″ x 11.99″ x 8.27″ / 15.3mm x 304.6mm x 210mm

£1,100 incl Next Day Delivery UK

Location
Glasgow
Price and currency
£1100
Delivery cost included
Delivery Is Included
Prefer goods collected?
I have no preference
Advertised elsewhere?
Not advertised elsewhere
Payment method
PayPal or Bank Transfer

Last edited:

Go to Original Article
Author:

Wanted – Cheap laptop / Chromebook / tablet with keyboard

I have GeoBook 3X.

The GeoBook 3X is a sleek, silver metal 13.3-inch Windows 10 notebook with a pentium quad-core processor.

I’ve put a WD M.2 240GB and has 32GB SD onboard storage which I used to put a backup copy of the system. Comes with genuine Windows 10 64-Bit Home.

Good for web browsing, YouTube.

£90 collected or £115 delivered. Comes with charger but no box. In perfect condition like new.

Go to Original Article
Author:

How to Run a Windows Failover Cluster Validation Test

Guest clustering describes an increasingly popular deployment configuration for Windows Server Failover Clusters where the entire infrastructure is virtualized. With a traditional cluster, the hosts are physical servers and run virtual machines (VMs) as their highly available workloads. With a guest cluster, the hosts are also VMs which form a virtual cluster, and they run additional virtual machines nested within them as their highly available workloads. Microsoft now recommends dedicating clusters for each class of enterprise workload, such as your Exchange Server, SQL Server, File Server, etc., because each application has different cluster settings and configuration requirements. Setting up additional clusters became expensive for organizations when they had to purchase and maintain more physical hardware. Other businesses wanted guest clustering as a cheaper test, demo or training infrastructure. To address this challenge, Microsoft Hyper-V supports “nested virtualization” which allows you to create virtualized hosts and run VMs from them, creating fully-virtualized clusters. While this solves the hardware problem, it has created new obstacles for backup providers as each type of guest cluster has special considerations.

Hyper-V Guest Cluster Configuration and Storage

Let’s first review the basic configuration and storage requirements for a guest cluster. Fundamentally a guest cluster has the same requirements as a physical cluster, including two or more hosts (nodes), a highly available workload or VM, redundant networks, and shared storage. The entire solution must also pass the built-in cluster validation tests. You should also force every virtualized cluster node to run on different physicals hosts so that if a single server fails, it will not bring down your entire guest cluster. This can be easily configured using Failover Clustering’s AntiAffinityClassNames or Azure Availability Sets, so in the event that you lose that physical server, the entire cluster will not fail. Some of the guest cluster requirements will also vary on the nested virtualized application which you are running, so always check for workload-specific requirements during your planning.

Shared storage used to be a requirement for all clusters because it allows the workload or VM to access the same data regardless of which node is running that workload. When the workload fails over to a different node, its services get restarted, then it accesses the same shared data which it was previously using. Windows Server 2012 R2 and later supports guest clusters with shared storage using a shared VHDX disk, iSCSI or virtual fibre channel. Microsoft added support for local DAS replication using storage spaces direct (S2D) within Windows Server 2016 and continued to improve S2D with the latest 2019 release.

For a guest cluster deployment guide, you can refer to the documentation provided by Microsoft to create a guest cluster using Hyper-V. If you want to do this in Microsoft Azure, then you can also follow enabling nested virtualization within Microsoft Azure.

Backup and Restore the Entire Hyper-V Guest Cluster

The easiest backup solution for guest clustering is to save the entire environment by protecting all the VMs in that set. This has almost-universal support by third party backup vendors such as Altaro, as it is essentially just protecting traditional virtual machines which have a relationship to each other. If you are using another VM as part of the set as an isolated domain controller, iSCSI target or file share witness, make sure it is backup up too.

A (guest) cluster-wide backup is also the easiest solution for scenarios where you wish to clone or redeploy an entire cluster for test, demo or training purposes by restoring it from a backup. If you are restoring a domain controller, make sure you bring this back online first. Note that if you are deploying copies of a VM, especially if one contains a domain controller, that any images have been Sysprepped to avoid conflicts by giving them new global identifiers. Also, use DHCP to get new IP addresses for all network interfaces. In this scenario, it is usually much easier to just deploy this cloned infrastructure in a full isolated environment so that the cloned domain controllers do not cause conflicts.

The downside to cluster-wide backup and restore is that you will lack the granularity to protect and recover a single workload (or item) running within the VM, which is why most admins will select another backup solution for guest clusters. Before you pick one of the alternative options, make sure that both your storage and backup vendor support this guest clustering configuration.

Backup and Restore a Guest Cluster using iSCSI or Virtual Fibre Channel

When guest clusters first became supported for Hyper-V, the most popular storage configurations were to use an iSCSI target or virtual fibre channel. iSCSI was popular because it was entirely Ethernet-based, which means that inexpensive commodity hardware could be used and Microsoft offered a free iSCSI Target server. Virtual fiber channel was also prevalent since it was the first type of SAN-based storage supported by Hyper-V guest clusters through its virtualized HBAs. Either solution works fine and most backup vendors support Hyper-V VMs running on these shared storage arrays. This is a perfectly acceptable solution for reliable backups and recovery if you are deploying a stable guest cluster. The main challenge was that in its earlier versions, Cluster Shared Volumes (CSV) disks and live migration had limited support by vendors. This meant that basic backups would work, but there were a lot of scenarios that would cause backups to fail, such as when a VM was live migrating between hosts. Most scenarios are supported in production, yet still make sure that your storage and backup vendors support and recommend it.

Backup and Restore a Guest Cluster using a Shared Virtual Hard Disk (VHDX) & VHD Set

Windows Server 2012 R2 introduced a new type of shared storage disk which was optimized for guest clustering scenarios, known as the shared virtual hard disk (.vhdx file), or Shared VHDX. This allowed multiple VMs to synchronously access a single data file which represented a shared disk (similar to a drive shared by an iSCSI Target). This disk could be used as a file share witness disk, or more commonly to store shared application data used by the workload running on the guest cluster. This Shared VHDX file could either be stored on a CSV disk or SMB file share (using a Scale-Out File Server).

This first release of a shared virtual hard disk had some limitations and was generally not recommended for production. The main criticisms were that backups were not reliable, and backup vendors were still catching up to support this new format. Windows Server 2016 addressed these issues by adding support for online resizing, Hyper-V Replica, and application-consistent checkpoints. These enhancements were released as a newer Hyper-V VHD Set (.vhds) file format. The VHD Set included additional file metadata which allowed each node to have a consistent view of that shared drive’s metadata, such as the block size and structure. Prior to this, nodes might have an inconsistent view of the Shared VHDX file structure which could cause backups to fail.

While VHD Sets was optimized to support guest clusters, there were inevitably some issues discovered which are documented by Microsoft Support. An important thing when using Shared VHDX / VHD Sets for your guest cluster is that all of your storage, virtualization, and clustering components are patched with any related hotfixes specific to your environment, including any from your storage and backup provider. Also, make sure you explicitly check that your ISVs support this updated file format and follow Microsoft’s best practices. Today this is the recommended deployment configuration for most new guest clusters.

Backup and Restore a Guest Cluster using Storage Spaces Direct (S2D)

Microsoft introduced another storage management technology in Windows Server 2016, which was improved in Windows Server 2019, known as Storage Spaces Direct (S2D). S2D was designed as a low-cost solution to support clusters without any requirement for shared storage. Instead, local DAS drives are synchronously replicated between cluster nodes to maintain a consistent state. This is certainly the easiest guest clustering solution to configure, however, Microsoft has announced some limitations in the current release (this link also includes a helpful video showing how to deploy a S2D cluster in Azure).

First, you are restricted to a 2-node or 3-node cluster only, and in either case you can only sustain the loss or outage of a single node. You also want to ensure that the disks have low latency and high performance, ideally using SSD drives or Azure’s Premium Storage managed disks. One of the major limitations still remains around backups as host-level virtual disk backups are currently not supported. If you deploy the S2D cluster, you are restricted to only taking backups from within the guest OS. Until this has been resolved and your backup vendor supports S2D, the safest option with the most flexibility will be to deploy a guest clustering using Shared VHDX / VHD Sets.

Summary

Microsoft is striving to improve guest clustering with each subsequent release. Unfortunately, this makes it challenging for third-party vendors to keep up with their support of the latest technology. It can be especially frustrating to admins when their preferred backup vendor has not yet added support for the latest version of Windows, and you should share this feedback on what you need with your ISVs. It is always a good best practice to select a vendor with close ties to Microsoft, as they get provided with early access to code and always aim to support the latest and greatest technology. The leading backup companies like Altaro are staffed by Microsoft MVPs and regularly consult with former Microsoft engineers such as myself, to support the newest technologies as quickly as possible. But always make sure that you do your homework before you deploy any of these guest clusters so you can pick the best configuration which is supported by your backup and storage provider.


Go to Original Article
Author: Symon Perriman

7 PowerShell courses to help hone skills for all levels of expertise

PowerShell can be one of the most effective tools administrators have for managing Windows systems. But it can be difficult to master, especially when time is limited. An online PowerShell course can expedite this process by prioritizing the most important topics and presenting them in logical order.

Admins have plenty of PowerShell courses from which to choose, offered by well-established vendors. But with so many courses available, it isn’t always clear which ones will be the most beneficial. To help make the course selection process easier, here we offer a sampling of popular PowerShell courses that cater to varying levels of experience.

Windows currently ships with PowerShell 5.1, but PowerShell Core 6 is available for download, and PowerShell 7 is in preview. PowerShell Core is a cross-platform version of PowerShell that runs on multiple OS platforms. It isn’t an upgrade to Windows PowerShell, but a separate application that runs on the same system.

Some of the PowerShell courses listed here, as well as other online classes, specify the PowerShell version on which the course is based. But not all classes offer this information, and some courses provide only a range, such as PowerShell 4 or later. So, before signing up for an online course, be sure to verify the PowerShell version.

Learning Windows PowerShell

This popular PowerShell tutorial from Udemy is designed for beginners. This course targets systems admins who have no prior PowerShell experience but want to use PowerShell to manage Windows desktops and servers. This course is based on PowerShell 5. But this shouldn’t be an issue when learning basic concepts, which is the primary focus of this PowerShell tutorial.

Admins have plenty of PowerShell courses from which to choose, offered by well-established vendors.

The course provides background information about PowerShell and explains how to set up the PowerShell environment, including how to configure the console and work with profiles. The course introduces cmdlets, shows how they’re related to .NET objects and classes, and explains how to build a pipeline using cmdlets and other language elements. With this information, systems admins will have the basics they need to move onto the next topic: PowerShell scripts.

The tutorial on scripting is nearly as extensive as the section on cmdlets. The course examines the details of script elements, such as variables, constants, comparison operators, if statements, looping structures and regular expressions. This is followed by details on PowerShell providers and how to work with files and folders, and then a discussion of administration basics. This course can help provide participants with a solid foundation in PowerShell so they’re ready to take on more advanced topics.

Introduction to Windows PowerShell 5.1

This Udemy tutorial is based on PowerShell 5.1, so it’s more current than the previous course. The training is geared toward both beginner PowerShell users and more experienced admins who want to hone their PowerShell skills. The course covers a wide range of topics, from understanding PowerShell syntax to managing Active Directory (AD). Participants who sign up for this course should already know how to run PowerShell, but they don’t need to be advanced users.

The course covers the basics of how to use both the PowerShell console and the Intelligent Scripting Environment (ISE). It explains what steps to take to get help and find commands. This is followed by an in-depth look at the PowerShell command syntax. The material also covers objects and their properties and methods, as well as an explanation of how to build a PowerShell pipeline.

Participants can move onto the section on scripting, which starts with a discussion on arrays and variables. Users then learn how to build looping structures and conditional statements, and how to use PowerShell functions. This course demonstrates how to use PowerShell to work with AD, covering such tasks as installing and configuring server roles.

PowerShell version 5.1 and 6: Step-by-Step

This tutorial, which is one of Udemy’s highest rated PowerShell courses, is geared toward admins who want to learn how to use PowerShell to perform management tasks. The course is broad in scope and covers both PowerShell 5.1 and PowerShell Core 6. Users who sign up for this course should have a basic understanding of the Windows OS — both desktop and server versions.

Because the course covers so many topics, it’s longer than the previous two training sessions and goes into more detail. It explains the differences between PowerShell and the Windows Command Prompt, how to determine the PowerShell version and how to work with aliases. The course also examines the steps necessary to run unsupported commands and create PowerShell transcripts.

This PowerShell tutorial also examines more advanced topics, such as working with object members, creating hash tables and managing execution policy levels. This is followed by a detailed discussion about the Common Information Model (CIM) and how it can manage hard drives and work with BIOS. In addition, participants will learn how to create profile scripts, functions and modules, as well as how to use script parameters and to pause script execution. Because the course is so comprehensive, admins should come away with a solid understanding of how to use PowerShell to script their daily management tasks.

Udemy course pricing

Udemy distinguishes between personal and business users. For personal users, Udemy charges by the course, with prices for PowerShell courses ranging between $25 and $200. Udemy also offers personal users a 30-day, money-back guarantee.

Udemy also offers two business plans that provide unlimited access to its courses. The Team plan supports between five and 20 users and costs $240 per user, per year. It also comes with a 14-day trial. Contact Udemy for details regarding its Enterprise plan, which supports 21 or more users. Udemy also offers courses to help users prepare for IT certifications, supporting such programs as Cisco CCNA, Oracle Certification and Microsoft Certification.

Windows PowerShell: Essentials

Pluralsight offers a variety of PowerShell courses, as well as learning paths. A path is a series of related courses that provide users with a strategy for learning a specific technology. This path includes six courses ranging from beginner to advanced user. Participants should come away with a strong foundation in how to create PowerShell scripts that automate administrative processes. Before embarking on this path, however, they should have a basic understanding of Windows networking and troubleshooting.

The beginning courses on this path provide users with the information they need to start working with PowerShell, even if they’re first-timers. Users will learn how to use cmdlets, work with objects and get help when they need it. These courses also introduce concepts such as aliases, providers and mapping network drives. The intermediate tutorials build on the beginning courses by explaining how to work with objects and the PowerShell pipeline, and how to format output. The intermediate courses also focus on using PowerShell in a networked environment, covering such topics as CIM and Windows Management Instrumentation.

The advanced courses build on the beginning and intermediate tutorials by focusing on automation scripts. Admins will learn how to use PowerShell scripting to automate their routine processes and tasks. They’ll also learn how to troubleshoot problems in their scripts if PowerShell exhibits unusual behavior. The path approach might not be for everyone, but for those ready to invest their time in a comprehensive program, this path could prove a valuable resource.

Practical Desired State Configuration

Those not suited to a learning path can choose from a variety of other Pluralsight courses that address specific technologies. This highly rated course caters to advanced users and provides real-world examples of how to use PowerShell to write Desired State Configurations (DSCs). Those interested in the course should be familiar with PowerShell and DSC principles.

DSC refers to a new way of managing Windows Server that shifts the focus from point-and-click GUIs to infrastructure as code. To achieve this, admins can use PowerShell to build DSCs. This process is the focus of this course, which covers several advanced topics ranging from writing configurations with custom resources to building dynamic collector configurations.

The tutorial demonstrates how to use custom resources in a configuration and offers an in-depth discussion of securing DSC operations. Participants then learn how to use the DSC model to configure and manage AD, covering such topics as building domains and creating users and groups. The course demonstrates how to set up Windows event forwarding. Although not everyone is looking for such advanced topics, for some users, this course might be just what they need to progress their PowerShell skills.

Pluralsight pricing

Pluralsight doesn’t charge by the course, but rather it offers three personal plans and two business plans. The personal plans start at $299 per year, and the business plans start at $579 per user, per year. All plans include access to the entire course library. In addition, Pluralsight offers a 10-day personal free trial and, like Udemy, courses geared toward IT certification.

PowerShell 5 Essential Training

Of the 13 online PowerShell courses offered by LinkedIn Learning — formerly, Lynda.com — this is the most popular. The course targets beginner and intermediate PowerShell users who are Windows systems admins. Although the course is based on PowerShell 5, the basic information is still applicable today, like other courseware written to this version.

The material covers most of the basics one would expect from a course at this level. It explains how to set up and customize PowerShell, and it introduces admins to cmdlets and their syntax and how to find help. This is followed by installing modules and packages. The course also describes how to use the PowerShell pipeline, covering such topics as working with files and printers, as well as storing data as a webpage.

The course moves onto objects and their properties and methods. Participants can learn how to create scripts that incorporate variables and parameters so they can automate administrative tasks. Participants are also introduced to PowerShell ISE and shown how to use PowerShell remoting to manage multiple systems at once, along with practical examples of administrative operations at scale.

PowerShell: Scripting for Advanced Automation

This course, which is also offered by LinkedIn Learning, focuses on automating advanced administrative operations in a Windows network. Those planning to take the course should have a strong foundation in managing Windows environments. As its name suggests, the course is geared toward advanced users.

After a brief introduction, the course jumps into DSC automation, providing an overview of DSC and explaining how to set up DSCs. Users can learn how to work with DSC resources, push DSCs and create pull configurations. The course then moves onto Just Enough Administration, explaining JEA concepts and best practices. In this part of the course, participants learn how to create role capability files and JEA session configurations, as well as how to register JEA endpoints.

The final section of the tutorial describes how to troubleshoot PowerShell scripts. The discussion begins with an overview of PowerShell workflows and examines the specifics of troubleshooting PowerShell in both the console and ISE. The section ends with information about using the PSScriptAnalyzer tool for quality control. As with any advanced course, not all users will benefit from this information. But the tutorial could provide a valuable resource for admins looking to refine their PowerShell skills.

LinkedIn Learning pricing

LinkedIn Learning sells courses individually, offers a one-month free trial and provides both personal and business plans. Individual PowerShell courses cost between $30 and $45, and individual subscription plans start at $20 per month. Contact LinkedIn Learning regarding business plans. LinkedIn Learning also offers courses aimed at IT certifications.

Go to Original Article
Author:

For Sale – Dell 3010 DT

I3 3240

–– ADVERTISEMENT ––​

Windows 8.1 upgraded to Windows 10 pro digitally
Dvd writer
8gb ram
1tb hard disk
WiFi
Hdmi
VgA

Collection from Stevenage

Location
Stevenage
Price and currency
60
Delivery cost included
Delivery is NOT included
Prefer goods collected?
I prefer the goods to be collected
Advertised elsewhere?
Advertised elsewhere
Payment method
Cash on collection

Last edited:

Go to Original Article
Author:

Ended support for Windows Server 2008 leaves clients circumspect

It’s understandable that organizations haven’t immediately parted with Microsoft Windows Server 2008.

Microsoft ended support for Windows Server 2008 in January, forcing organizations to consider making wholesale changes to how they manage and control their technology stacks. But as with any trusted technology, the server operating system has been a reliable backbone since its release more than a decade ago, a timeframe that coincided with enterprises increasingly depending on applications and networks to drive business.

Change is always hard, and a change of this magnitude won’t happen overnight, especially when the alternative could mean shifting a large chunk of operations to the cloud, which is what Microsoft hopes for as it promotes its Azure cloud platform as an option. A big embrace of the cloud is a big step for companies that still depend on on-premises mainframes.

“Even though it’s the end of life for 2008, many still think it’s not necessary to move yet,” said Craig McQueen, vice president of innovation for the Toronto-based MSP Softchoice. “Some customers don’t want to move too quickly because it’s difficult to see the business benefits.” And even if a company recognizes they’re more susceptible to security risks with Microsoft no longer providing patches and updates to Windows Server 2008, “the life of an IT person is so busy that migration drags on,” he said.

Customers weigh Window Server 2008 transitions

Craig McQueenCraig McQueen

McQueen and representatives of three other Microsoft partners didn’t offer a number on how many customers have shifted or will soon shift away from Windows Server 2008. But they all said the majority of their customers will, for a little while longer, operate on the side of familiarity.

Many of those customers indicated they will eventually start migrating to Azure or another cloud computing platform, perhaps later this year or next year, but many others still need to make a decision. Microsoft ended support for Windows Server 2008 and 2008 R2 on Jan. 14, coming off the heels of a July 2019 end-of-life date for SQL Server 2008.

Rob LeachRob Leach

Companies that haven’t yet committed to halting use of Windows Server 2008 aren’t ignorant of security risks, according to Microsoft partners. For every day that passes, they know threat actors increase their efforts to exploit vulnerabilities in the old operating system. “[Windows Server 2008 users] know all about security breaches, and they should do everything necessary to protect themselves. They don’t want to be on the front page of The Wall Street Journal,” said Rob Leach, the North American Azure lead for the Seattle IT consulting company Avanade.

But the desire to break free of Windows Server 2008 and other mainframe servers is often tempered by contractual and budgetary considerations, Leach said. Many Avanade customers haven’t yet entirely shifted to cloud because they are contractually obligated to on-premises servers until those leases expired. But Leach said he expects to see an increase in cloud migrations over the next few years and Azure to be an attractive option because it would be a lift and shift within the Microsoft family.

Even when companies can immediately take advantage of cloud, they nonetheless proceed cautiously, Leach said. Customers want to see specific proof points for how cloud can boost the bottom line over the long haul. “It’s not just about technology,” he said. “It also has to make good business sense.”

David RodriguezDavid Rodriguez

David Rodriguez, the national director of cloud platforms for the consulting firm Core BTS Inc. in Garden City, N.Y., said the effective end of Windows Server 2008 support won’t be the sole driving force behind his customers’ shift to cloud, but having the end-of-service date “hanging over their heads” will be a factor.

How Microsoft partners can support Azure migrations

Core BTS helps customers overcome any hesitations about cloud, Rodriguez said. “We provide detailed reports with not only a line-by-line breakdown of what each [cloud] service will cost, but also what it will take to reinvest in a new VM host,” he said. “We compare side by side the estimated spend if you just upgrade hardware on-premises to what cloud costs.” Some are already making the move to a Microsoft cloud, migrating to either Azure VM or Hyper-V, he added.

With an opportunity to sell the benefits of cloud technology, Microsoft partners say they also have a legitimate opening to upsell other services that are related to cloud, including microservices, containers and AI-supported applications.

“The journey to the cloud is crawl, walk and run,” Rodriguez said. “With the ‘walk’ phase … you start to take applications they have in a VM, in the cloud, and look for more platform offerings.” For instance, some proprietary applications might work well with containerization. The “run” phase could mean making better use of the data in the cloud by integrating it through a suite of AI applications. “The journey to the cloud can be a complete transformation,” he said.

Rory McCawRory McCaw

Rory McCaw, president of enterprise advisory services at Green House Data, a Cheyenne, Wyo., enterprise advisory service, likes to point to client success stories to assuage doubts about cloud migration. One such story centers on an agricultural company in Omaha, Neb., that had relied on mainframe servers, including some usage of Windows Server 2008. The company recently shifted to Azure, on which it built a mobile application that lets its trucking fleet better manage its transport of soybeans, he said.

Still, even though the end of support for Windows Server 2008 is a bridge to cloud, companies will always keep some applications running on premises, McCaw noted. Some applications are so critical and embedded in processes that it sometimes makes sense to leave them alone, at least for now.

McCaw knows some companies that still run Windows 2000 to accommodate those unique apps. “It is firewalled but still going due to the type of application running on it or an inability for it to be modernized,” he said. In some instances, he added, the critical application was built internally, but its creators have since left the company and took their knowledge of the program with them.

Determining what migrates and what stays is part of Microsoft partners’ migration plans for their customers. Executives don’t anticipate problems migrating from Windows Server 2008 as long as the planning process is thorough and the client’s goals are considered. “It’s really just about trying to understand what they want to accomplish,” McCaw said. “It’s collecting as much information as possible, and not [really] selling anyone … anything, but instead presenting them with ideas they haven’t considered … [so] they can then decide with their knowledge of their own business.”

Go to Original Article
Author:

What are Windows virtualization-based security features?

Windows administrators must maintain constant vigilance over their systems to prevent a vulnerability from crippling their systems or exposing data to threat actors. For shops that use Hyper-V, Microsoft offers another layer of protection through its virtualization-based security.

Virtualization-based security uses Hyper-V and the machine’s hardware virtualization features to isolate and protect an area of system memory that runs the most sensitive and critical parts of the OS kernel and user modes. Once deployed, these protected areas can guard other kernel and user-mode instances.

Virtualization-based security effectively reduces the Windows attack surface, so even if a malicious actor gains access to the OS kernel, the protected content can prevent code execution and the access of secrets, such as system credentials. In theory, these added protections would prevent malware attacks that use kernel exploits from gaining access to sensitive information.

Code examining, malware prevention among key capabilities

Virtualization-based security is a foundation technology and must be in place before adopting a range of advanced security features in Windows Server. One example is Hypervisor-Enforced Code Integrity (HVCI), which examines code — such as drivers — and ensures the kernel mode drivers and binaries are signed before they load into memory. Unsigned content gets denied, reducing the possibility of running malicious code.

Other advanced security capabilities that rely on virtualization-based security include Windows Defender Credential Guard, which prevents malware from accessing credentials, and the ability to create virtual trusted platform modules (TPMs) for shielded VMs.

In Windows Server 2019, Microsoft expanded its shielded VMs feature beyond the Windows platform to cover Linux workloads running on Hyper-V to prevent data leakage when the VM is both static and when it moves to another Hyper-V host.

New in Windows Server 2019 is a feature called host key attestation, which uses asymmetric key pairs to authenticate hosts covered by the Host Guardian Service in what is described as an easier deployment method by not requiring an Active Directory trust arrangement.

What are the virtualization-based security requirements?

Virtualization-based security has numerous requirements. It’s important to investigate the complete set of hardware, firmware and software requirements before adopting virtualization-based security. Any missing requirements may make it impossible to enable virtualization-based security and compromise system security features that depend on virtualization-based security support.

At the hardware level, virtualization-based security needs a 64-bit processor with virtualization extensions (Intel VT-x and AMD-V) and second-level address translation as Extended Page Tables or Rapid Virtualization Indexing. I/O virtualization must be supported through Intel VT-d or AMD-Vi. The server hardware must include TPM 2.0 or better.

System firmware must support the Windows System Management Mode Security Mitigations Table specification. Unified Extensible Firmware Interface must support memory reporting features such as the UEFI v2.6 Memory Attributes Table. Support for Secure Memory Overwrite Request v2 will inhibit in-memory attacks. All drivers must be compatible with HVCI standards.

Go to Original Article
Author:

Deploy and configure WSUS 2019 for Windows patching needs

Transcript – Deploy and configure WSUS 2019 for Windows patching needs

In this video, I want to show you how to deploy the Windows Server Update Services, or WSUS, in Windows Server 2019.

I’m logged into a Windows Server 2019 machine that is domain-joined. Open Server Manager and click on Manage, then go to Add Roles and Features to launch the wizard.

Click Next and choose the Role-based or feature-based installation option and click Next. Select your server from the server pool and click Next to choose the roles to install.

Scroll down and choose the Windows Server Update Services role, then click Add Features. There are no additional features needed, so click Next.

At the WSUS screen: If you need SQL Server connectivity, you can enable it here. I’m going to leave that checkbox empty and click Next.

I’m prompted to choose a location to store the updates that get downloaded. I’m going to store the updates in a folder that I created earlier called C:Updates. Click Next to go to the confirmation screen. Everything looks good here, so I’ll click Install.

After a few minutes, the installation process completes. Click Close.

The next thing that we need to do is to configure WSUS for use. Go to the notifications icon and click on that. We have some post-deployment configuration tasks that need to be performed, so click on Launch Post-Installation tasks. After a couple of minutes, the notification icon changes to a number. If I click on that, then we can see the post-deployment configuration was a success.

Close this out and click on Tools, and then click on Windows Server Update Services to open the console. Select the WSUS server and expand that to see we have a number of nodes underneath the server. One of the nodes is Options. Click on Options and then click on WSUS Server Configuration Wizard.

Click Next on the Before You Begin screen and then I’m taken to the Microsoft Update Improvement Program screen that asks if I want to join the program. Deselect that checkbox and click Next.

Next, we choose an upstream server. I can synchronize updates either from another Windows Server Update Services server or from Microsoft Update. This is the only WSUS server in my organization, so I’m going to synchronize from Microsoft Update, which is the default selection, and click Next.

I’m prompted to specify my proxy server. I don’t use a proxy server in my organization, so I’m going to leave that blank and click Next.

Click the Start Connecting button. It can take several minutes for WSUS to connect to the upstream update server, but the process is finally finished.

Now the wizard asks to choose a language. Since English is the only language spoken in my organization, I’m going to choose the option to download updates in English and click Next.

I’m asked which products I want to download updates for — I’m going to choose all products. I’ll go ahead and click Next.

Now I’m asked to choose the classifications that I want to download. In this case, I’m just going to go with the defaults [Critical Updates, Definition Updates, Security Updates and Upgrades]. I’ll click Next.

I’m prompted to choose a synchronization schedule. In a production organization, you’re probably going to want to synchronize automatically. I’m going to leave this set to synchronize manually. I’ll go ahead and click Next.

I’m taken to the Finished screen. At this point, we’re all done, aside from synchronizing updates, which can take quite a while to complete. If you’d like to start the initial synchronization process, now all you have to do is select the Begin Initial Synchronization checkbox and then click Next, followed by Finish.

That’s how you deploy and configure Windows Server Update Services.

+ Show Transcript

Go to Original Article
Author:

Windows Server 2008 end of life means it’s time to move

Windows Server 2008 end of life is here, so will you go to the cloud, use containers or carry on with on-premises Windows Server?

Windows Server 2008 and Server 2008 R2 left support recently, giving administrators one last batch of security updates on January Patch Tuesday. Organizations that have not migrated to a supported platform will not get further security fixes for Server 2008/2008 R2 machines unless they have enrolled in the Extended Security Updates program or moved those workloads into the Microsoft cloud for three additional years of security updates. Organizations that choose to continue without support will roll the dice with machines that now present a liability.

In many instances, a switch to a newer version of Windows Server is not an option. For example, many hospitals run equipment that relies on applications that do not function on a 64-bit operating system, which rules out every currently supported Windows Server OS. In these cases, IT must keep those workloads running but keep them as secure as possible using various methods, such as isolating the machine with a segregated virtual LAN or even pulling the plug by air-gapping those systems.

What works best for your organization is based on many factors, such as cost and the IT department’s level of expertise and comfort level with newer technologies.

For some, a cloudy forecast

The decision to stay with the same version of Server 2008/2008 R2 comes with a price. To enroll in the Extended Security Updates program requires Software Assurance and the cost for the updates annually is about 75% of what a Windows Server license costs.

This expense will motivate some organizations to explore ways to reduce those costs and one alternative is to push those Server 2008/2008 R2 workloads into the Azure cloud. This migration will require some adjustment as the capital expense of an on-premises system migrates to the operational expense used with the cloud consumption model.

Mentioning the cloud word doesn’t fill IT with as much apprehension as it once did, but the move might require some technological gymnastics to get some workloads working when one component, such as the database, needs to stay on premises while the application runs in the cloud.

Some other considerations include increasing the available bandwidth to accommodate the need for lower latency when working with cloud workloads and learning how to patch and do other administrative tasks when the system is in Azure.

Application virtualization is another option

While traditional virtualization is the norm for most Windows shops, there’s a relatively new form of virtualization that is another migration option. Putting a Windows Server 2008/2008 R2 workload into a Docker container might not seem as far-fetched as it did when this technology was in its infancy.

Containers versus VMs
Because each virtual machine uses a guest operating system, VMs use more disk space than a container that shares an underlying operating system.

Microsoft added support for Windows containers on Windows Server 2016 and 2019, as well as the Semi-Annual Channel releases. The migration process puts the legacy application into a container, which then runs on top of a supported Windows Server OS.

Administrators will need to get up to speed with the differences between the two forms of virtualization, and the advantages and disadvantages of migrating a server workload to a containerized application. For example, all the containerized applications run on top of a shared kernel, which might not work in environments with a requirement for kernel isolation for sensitive workloads.

Storage Migration Service eases file server upgrades

Microsoft released Windows Server 2019 with a host of new features, including the Storage Migration Service, which attempts to reduce the friction associated with moving file servers to a newer Windows Server operating system.

One standby for many organizations is the on-premises file server that holds documents, images and other data that employees rely on to do their jobs. The Windows Server 2008 end of life put many in IT in the difficult position of upgrading file servers on this legacy server OS. It’s not as simple as copying all the files over to the new server because there are numerous dependencies associated with stored data that must get carried over and, at the same time, avoid disrupting the business during the migration process.

The Storage Migration Service runs from within Microsoft’s relatively new administrative tool called the Windows Admin Center. The feature is not limited to just shifting to a supported on-premises Windows Server version but will coordinate the move to an Azure File Sync server or a VM that runs in Azure.

Go to Original Article
Author:

For Sale – iMac 2017 – 27 5k – Not even 1 month old.

I have tried to move over from windows to mac but it just isn’t for me, I know about bootcamp but that is really not what I want.

I purchased this imac on the 09.01.2020 and it still can have applecare applied until the 09.03.2020 if you wish.

Mint condition and will be fully boxed.

Specs

i5 3.8hz
Radeon 580 pro 8gb
2tb fusion drive
40gb memory
27 5k screen

Not looking for any trades and collection only please due to size, weight & value.

I’ll take some photos in a while.

Go to Original Article
Author: