From Zero to cyber-security Hero. How Microsoft became a Leader in Security.

Microsoft Security. Now a Leader in 5 Gartner Magic Quadrants

Whatever you may have once thought about Microsoft and Security, (I remember the days when security engineers would say that its due to the amount of security holes in Microsoft that they have a job) Microsoft is now a global leader in cybersecurity, and invest more than $1b annually in security R&D as well as processing more than 6.5Trillion security and threat signals per day to protect organisations and further enhance and develop their platform and their customers businesses.

Gartner has now named Microsoft Security a Leader in five Magic Quadrants which clearly demonstrates breadth and depth of their security portfolio and depth of integration across their platforms. The leader awards include…

  • Cloud Access Security Broker (CASB)
  • Access Management
  • Enterprise Information Archiving
  • Unified Endpoint Management (UEM)
  • Endpoint Protection Platforms

Gartner places vendors as Leaders who are able to demonstrate balanced progress and effort in all execution and vision categories. This means that Leaders not only have the people and capabilities to deliver strong solutions today, they also understand the market and have a strategy for meeting customer needs in the future.

Given this, Microsoft Security doesn’t just deliver strong security products in five crucial security areas only, as you look across the Microsoft 365, Azure and Dymanics platforms but also across customers in premise and 3rd party cloud providers, they are able to provide a comprehensive set of security solutions that are built to work together, from identity and access management to threat protection to information protection and cloud security.

Their services integrate easily and share intelligence from the 6.5 trillion of signals generated daily on the Microsoft Intelligent Security Graph. Customer thst are bought in to the wider Microsoft Security approach can monitor and safeguard identity, devices, applications and data across their end to end infrastructure and cloud solutions whether that is Microsoft Azure, Amazon Web Services, Slack, SAP, Citrix, Oracle, Salesforce, Google or many many others.

They key to this is their ability (like few others) to unify their security tools, bringing end to end visibility into their customer entire environment all drawn together with their new SEIM platform Azure Sentinel.

Where are the gaps?

There are some… Some of the main ones I see are around

1. Web security and DNS security.. The kind of stuff Cisco does really well with Umbrella for example.

2. Network and LAN segmentation. This is possible in Azure but other than some relatively “old” Network Access Control services in Windows Server, this is also an area Microsoft don’t really play in.

3. Industry Specific scenarios where long (99 year or so) retention policies and archiving is required. These are areas where solutions like Proof Point do really well in my experience.

What others do you see? Interested in your views and comments..

2020: Hello Surface Hub 2X. Powered by the new Windows 10X?

After abruptly ending production of the original SurfaceHub in 2017, Microsoft originally announced the Surface Hub 2 in April 2018 with an impressive marketing video. In September 2018, we learned more about the reality and timeline of this new device with a “phased launch plan” which saw the introduction of two models: the Surface Hub 2S and the SurfaceHub2X.

SurfaceHub2S

The SurfaceHub2S arrived this year (we got ours delivered in August). This came with an impressive new premium design, looking for like a giant SurfacePro with a modest internals upgrade, superior new 4k screen, plus ability to have it roam on a lightweight battery powered stand. From a software perspective however, it’s identical to the original Surface Hub.

Surface Hub 2X

The SurfaceHub2X was promised for sometime in 2020 with all the new features showcased in the exciting promo video, complete with a rotating display and a software experience that enables seamless transitions between display modes, in addition to other features like active tiling.

As we come closer to this 2020 date, new details of the SurfaceHub2X are now beginning to come to light such the changes to the OS that are expected to power the new device (or upgrade module that will be available for the SurfaceHub2S). While not a suprise to many (and to honest, expected) Surface Hub 2X could ship with a variant of the Windows Core OS that was originally announced at the tail end of 2018.

What’s the big difference?

Unlike the original SurfaceHub and SurfaceHub2S which runs WindowsTeam edition, it is beleived that a varient of Windows Core OS (Windows 10X) will power the SurfaceHub2X when it ships next year. We also expect this to be an upgrade option (via upgraded interface card) for the existing SurfaceHub2S.

SurfaceHub2X Promo

When in 2020 can I get one?

We need to wait a little longer to hear exactly when. If this is indeed dependant on the release of Windows10X which is not expected until mid 2020 at the earliest we could be in for a longish wait…

… But bear in mind the SurfaceHub2S will have upgrade options…

Want your own dedicated server in Azure.. Now you can!

An Azure Dedicated Host provides a single-tenant, physical server that can be used to host your Azure virtual machines for either Windows and Linux. Unlike normal Azure hosts, the server capacity in a dedicated host is hardware-isolated (as the name suggests) and is therefore not shared with other customers, meaning you can now run general purpose, memory or compute intensive intensive workloads in a hardware-isolated and virtualized server environment dedicated to your organisation.

Azure Dedicated Host, helps organisations address specific compliance requirements while increasing visibility and control over the underlying virtual infrastructure. This has the following key benefits:

  1. Increase control without limiting choice
  2. Deliver against your compliance needs
  3. Reduce cost by leveraging you Azure Hybrid Rights Benefits

Increase control without compromising choice

Azure Dedicated hosts support Windows, Linux, and SQL Server virtual machines on Azure. The full range of options and scale are available, from server type, CPU type, number of cores, plus all the additional features. The underlying hosts are provisioned as single-tenant and dedicated to your Azure VMs and workloads for maximum security, compliance and placement control. All platform-initiated maintenance operations, such as OS patching, or hardware or software reboots can be scheduled as needed so you have full control like you’d have with on-premises workloads.

Deliver against your compliance needs

Azure Dedicated Hosts mean that its easier for your organisation to comply with your corporate or regulatory policies and standards by taking advantage of the vast range of industry certifications that Azure has earned. Add this to the fact that you can now locate Azure VMs on an isolated and dedicated physical server that runs only your workloads, you can be sure you are meeting your compliance guidelines and standards.

Reduce costs by using existing software licenses

With Azure Dedicated Hosts, you can still use your on-premises Windows Server and SQL Server licenses with Software Assurance benefits, or subscriptions with equivalent rights, when you migrate your workloads to Dedicated Host. Azure Hybrid Benefit licensing terms are available only on Azure. Microsoft also give you free extended security updates for Windows Server and SQL Server 2008 and 2008 R2 for another 3 years (bear in mind these go end of support otherwise in January).

How are they priced

  1. Pricing is surprisingly simple..
  2. Dedicated Host is charged at the host level regardless of the number of Azure VMs you run on the host.
  3. Software licenses are billed separately from compute resources at a VM level based on usage.
  4. Use Azure Hybrid Benefit for additional savings if you’re eligible.

That’s it from me.. Hope this helped and please correct me if you spot any errors or omissions.

How Microsoft is further advancing its Unified Threat Protection

Microsoft Threat Protection now unifies your incident response process by integrating key capabilities across Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security, and Azure ATP which is powered by the #IntelligentSecurityGraph processing and responding to over 6.5 Trillion threat signals per day!

Learn more about the Intelligent Security Graph

This is just the latest in an ongoing list of updates and features being rolled out across Microsoft 365 and Azure to protect organisations on premises and cloud environment and is a result of their $1billion investment in security each year.

If you have Microsoft 365 E5 you can take a Sneak peak at the new public preview (you need to be an admin or sec admin of course)!

This unified experience now adds powerful new features that can be accessed from the Microsoft 365 security Centre #intelligentsecurity #microsoft365

Microsoft is now top right in the Gartner Magic Quadrant in 6 areas including Cloud App Security Broker, Unified end point management, information protection, data archiving and Endpoint threat protection. 

You can try it out today.. https://security.microsoft.com/hunting