Datacenter and Private Cloud Security Blog
News and technical content around Windows Server Security and other Datacenter and Private Cloud Security technologies
What is new in Windows 10 1803 for PAW?
In this blog post, I’ll walk you through the new features which are relevant to the PAW solution in...
Date: 06/08/2018
Apply Code Integrity Policy without reboot
There is a new Code Integrity policy option introduced in Windows 10, and it is available in Windows...
Date: 04/27/2018
Connect to Virtual Machines (VMs) on PAW
Continuing the PAW series, this blog post discusses the options to connect to the VMs running on the...
Date: 04/12/2018
Default Code Integrity policy for Windows Server
After Windows Defender Application Control (WDAC, formerly known as Code Integrity) was released in...
Date: 03/10/2018
Shielded VM local mode and HGS mode
With the new capability in Windows 10, version 1709, Windows Client can host shielded VMs while...
Date: 01/05/2018
Building VM template using Assigned Access
Since it took me a couple of attempts to create VM templates for Azure portal management and Remote...
Date: 11/30/2017
Why use shielded VMs for your privileged access workstation (PAW) solution?
It’s great to see customers trying out PAWs and it’s generating a lot of great questions. Many...
Date: 11/29/2017
Improved branch office support for shielded VMs in Windows Server, version 1709
Companies with large branch offices often must make a tradeoff between user experience and security....
Date: 11/15/2017
How to deploy a VM template for PAW
Continuing with the PAW series, after you followed the previous blog to build the PAW device, you...
Date: 11/01/2017
Privileged Access Workstation(PAW)
At Ignite conference last month, Dean and I presented a session on PAW. Originally we were planning...
Date: 10/13/2017
Frequently Asked Questions About HGS Certificates
The Host Guardian Service uses public key cryptography extensively to protect shielded VMs from...
Date: 10/09/2017
Credential Guard lab companion
If you have heard about Credential Guard in Windows Server 2016 (and in Windows 10), but do not have...
Date: 05/15/2017
Leverage PowerShell Just Enough Administration for your Helpdesk
[Today's guest post was authored by Dan Cuomo based on a real-world application of JEA] Hi Folks --...
Date: 04/24/2017
Rest easy with regulatory compliance in Windows Server 2016
[This blog post was originally published at:...
Date: 04/24/2017
Shielded VMs – additional considerations when running a guarded fabric
So you’ve deployed a guarded fabric and your VMs are running happily. Having now reached that...
Date: 04/21/2017
Shielded VMs: A conceptual review of the components and steps necessary to deploy a guarded fabric
[This post was authored by Dean Wells, Principal Program Manager on the Windows Server team] If...
Date: 03/14/2017
Step by Step: Creating a JEA endpoint for DNS management
Just Enough Administration (JEA) provides a way for administrators to delegate certain admin tasks...
Date: 03/07/2017
Join Host Guardian Servers to an existing bastion forest
Shielded VM prevents unauthorized access from the host. To achieve this security assurance, there...
Date: 03/07/2017
Why you should not enable Credential Guard on Domain Controllers?
Credential guard protects the credential derivatives like NTLM hash and Kerberos tickets; this...
Date: 02/21/2017
Use Windows Server 2016 to secure a jump server
When talking to customers about the security features in Windows Server 2016, a common question...
Date: 02/02/2017
Windows Server 2016 security auditing for enhanced threat detection
Windows Server 2016 includes new audit events to help with early detection of malicious activity in...
Date: 01/30/2017
Windows Server 2016 security sessions at Microsoft Ignite 2016
If you're going to Ignite next week, you don't want to miss the Windows Server 2016 security...
Date: 09/22/2016
Overview of Device Guard in Windows Server 2016
With thousands of new malware released every day, it may not be sufficient to only use...
Date: 09/20/2016
Step by Step: Shielding existing VMs without VMM
Continuing on the topic of Shielded VMs from my last blog on creating shielded VMs, this blogpost...
Date: 09/01/2016
Reduce the number of admins on your servers with Just Enough Administration
Least Privilege As part of your information security strategy, you are probably familiar with the...
Date: 08/29/2016
Host Guardian Service - AD-based vs. TPM-based attestation
[This post is authored by Dean Wells, Principal Program Manager for the Windows Server Security...
Date: 08/16/2016
Step-by-step: Quick reference guide to deploying guarded hosts
My original blog post on the topic of deploying Shielded VMs without VMM included the instructions...
Date: 06/08/2016
Step by Step - Shielded VM Recovery
Shielded VMs protect the data and state of a Virtual Machine against inspection, theft and tampering...
Date: 06/07/2016
A closer look at shielded VMs in Windows Server 2016
[This blog post was originally published in the Windows Server Blog] This post was authored by Jeff...
Date: 05/10/2016
Overview of Host Guardian Service (HGS) Diagnostics
[This post is authored by Jim Hughes, Software Engineer for the Windows Server Team] The Host...
Date: 05/04/2016
Step by Step - Configuring Key Protection for the Host Guardian Service in Windows Server 2016
[This post is authored by Sumesh Kumar, Program Manager for the Enterprise and Security Product...
Date: 03/28/2016
Step by Step - Creating Shielded VMs
[This post is authored by Dean Wells, Principal Program Manager for the Windows Server Security...
Date: 03/23/2016
Step by Step - Configuring Guarded Hosts with Virtual Machine Manager 2016
[This post is authored by John Patterson, Program Manager for the System Center Product Team] In...
Date: 03/21/2016
Step by Step - Configuring the Host Guardian Service in Windows Server 2016
For the most up-to-date installation instructions, check out our official documentation at...
Date: 03/16/2016
What are Shielded VMs in Windows Server 2016 Hyper-V?
As Information Technology became the norm, companies have been forced to invest tremendous amounts...
Date: 03/14/2016
Check us out on YouTube!
In addition to the newly created Datacenter and Private Cloud Security Blog, the team is publishing...
Date: 02/24/2016
Securing Privileged Access - A practical approach
Securing privileged access is a critical first step to establishing security assurances for business...
Date: 02/23/2016
Private Cloud Security at the RSA Conference
The RSA Conference takes place next week from Feb-29th to Mar-04th in San Francisco and Microsoft...
Date: 02/22/2016