Tuesday, 30 December 2014

3rd Book Reviewed: Hyper-V Security

 

2014 is still a day left before move to next challenging year: 2015.  We just received a goods news from Pack Publication that our 3rd Book that we have worked on for the past last couple of month as “Technical Reviewer” has finally published to public and has available in the market.

[ Book cover – Hyper-V Security]

Hyper-VSecurity

Let welcome “Hyper-V Security” as our 3rd book reviewed.

[ Credit page ]

image

[ Reviewer Biography ]

image

image

image

[Table of Content]

Keeping systems safe and secure is a new challenge for Hyper-V Administrators. As critical data and systems are transitioned from traditional hardware installations into hypervisor guests, it becomes essential to know how to defend your virtual operating systems from intruders and hackers.

Hyper-V Security is a rapid guide on how to defend your virtual environment from attack.

This book takes you step by step through your architecture, showing you practical security solutions to apply in every area. After the basics, you'll learn methods to secure your hosts, delegate security through the web portal, and reduce malware threats.

Chapters:-

  • Introducing Hyper-V Security
  • Securing the Host
  • Securing Virtual Machines from the Hypervisor
  • Securing Virtual Machines
  • Securing the Network
  • Securing Hyper-V Storage
  • Hyper-V Security and System Center VMM
  • Secure Hybrid Cloud Management through App Controller

[Where to Buy ]

Currently Pack Pub offered USD 5 during year end promotion. Get it before the offer ends on January 6th 2015. Click here :- https://www.packtpub.com/virtualization-and-cloud/hyper-v-security

Enjoy reader and Happy New Year 2015

From – Virtual Lai

Posted by at 1 comment:

Tuesday, 23 December 2014

Configure Azure Site Recovery (ASR) Without VMM

 

To implement ASR one of the requirement is customer must has System Center Virtual Machine Manager. But this is no longer require. Microsoft has upgraded ASR and provide flexibility to SMB customer adopt ASR without the System Center requirement and use Azure as your DR site.

ASRWithoutVMM

Interested to know more, please feel free to check out:- http://www.ms4u.info/2014/12/configure-azure-site-recovery-asr.html (parent site).

Posted by at No comments:

Saturday, 20 December 2014

Hybrid RemoteApp Deployment

 

With recent RemoteApp has GA, it is time for us to test configure it and setup hybrid deployment whereby we are require to setup site to site vpn, on-premise DC sync via Dirsync and application will reside in Microsoft Azure. Microsoft Azure RemoteApp delivers your Windows application from the Azure Cloud.

RA5

Our next round of testing is configure Hybrid RemoteApp. Let begin our journey…

[ Create RemoteApp Collection]

Click +NEW | App Services | RemoteApp | Create with VPN

Enter remoteapp collection name, select subscription and select Plan.

image

Once remoteapp collection has created, follow this 4 simple steps:-

image

[Link A RemoteApp Virtual Network]

  • Click Create a new RemoteApp virtual network
  • Enter Virtual Network detail

image

image

image

image

Wait 30 min – 1 hour for the virtual network to create. In the meantime, prepare the virtual disk

[ Virtual Disk Preparation ]

Requirement on Virtual Disk Preparation:-

  • Windows Server 2012 R2 operating system
  • Virtual disk – VHD
  • Virtual disk size not more than 127GB
  • Virtual disk must initialize as MBR
  • Generation 1 VM
  • Enable Remote Desktop Protocol
  • Install Remote Desktop Session Host roles and Desktop Experience features

1

2

  • Disable Windows Encrypting File System (EFS)
Fsutil behavior set disableencryption 1

image






sysprep /oobe /generalize /shutdown

[ Configuration in Microsoft Azure ]


Next step is upload a virtual disk to Azure. Follow below step to upload.



  • Install Azure Powershell on the machine
  • Go Azure Portal | Click on RemoteApp | Template Images | Upload a template image
  • Get the script and run in an elevated Azure Power shell and point to virtual disk which was created in earlier step

image


image


image


image


Uploading of virtual disk will take a bit longer depend on your existing bandwidth and virtual disk size.



  • Our virtual disk size was 23GB
  • Bandwidth – 10 Mbps
  • Total uploading time is 6 hours+

This process is going to take a while. Let proceed to configure Dir Sync


[ Configure AD Connect / Dir Sync]


Next preparation is setup Dir Sync to sync the user account from on-premise to Azure AD. Refer to this link:- http://www.ms4ucloud.info/2014/12/azure-active-directory-connect-ad.html


[ Link to virtual network ]


Now let check our previous setup on virtual network. You can proceed to configure site to site vpn between on-premise and Azure. Make sure the connection is ready before click Join local domain and enter an account which has permission to add a computer. Remember to use FQDN


image


image


[Link a RemoteApp Template Image ]


Step 2 is a link the uploaded remote app custom image. Click Link an existing template image and select your custom image.


image


image


image


It would took an hour for provisioning remoteapp collection. At this moment, get ready with Dir Sync and install remoteapp client


[Publish RemoteApp Program]


Next step is where the time we publish our app from custom image. It appears to run in their local environment but it is in “Azure”


image


Select which RemoteApp that you would like to available to users


image


To verify RemoteApp that has published, click on Publishing tab


image


Click User Access and enter username which is available in the Azure Active Directory


image 


[ Final Step – Verification by accessing via Remote Desktop Client]


Enter URL:-


https://www.remoteapp.windowsazure.com/


image


For more information,


Posted by at No comments:
Labels:

Video : Azure RMS in Action

 

We have wrote our first post about Azure RMS in here. To better show you the technology, we think it would be best that we try to show it in video format and it currently available to view from http://www.ms4u.info/2014/12/video-azure-rms-in-action.html

Enjoy!

 

Posted by at No comments:

Friday, 19 December 2014

$5 eBook Bonanza–PacktPub (Every Book, Every Topic)

 

image

Good news reader, we just received news from Packt Publishing. They are offering ebook or video for just $5 in this limited offer . If you’re interested on getting Hyper-V, System Center, Cloud or any technical book that you can think of, kindly proceed to their website:- http://www.packtpub.com/packt5dollar

Get as many eBooks and videos as you like before the offer ends on January 6th 2015 -- build your own library of tech knowledge before 2015 begins!

Enjoy!

-Virtual Lai-

Posted by at No comments:

Wednesday, 17 December 2014

64bit Windows Client Computer Support Azure Backup

 

Good news! You can now protect your client computer by backup your important data to Microsoft Azure Backup. Microsoft has announced it in this post: http://support.microsoft.com/kb/3015072

[ Installer ]

Download from here

The above package supported for 64bit edition of

  • Windows 8.1
  • Windows 8
  • Windows 7 SP1

[ Our test scenario]

We are using Windows 10 Technical Preview (Unsupported but it is working fine during our testing)

[ Installation Azure Recovery Services Agent ]

  • Define location of installation folder and cache location
  • Input proxy (if available on your premise)

image

image

image

After installation, you will stop at registration and require vault credential. Proceed with below step

[Create a Backup Vault]

Access Azure Portal and create portal by + NEW | Data Services | Recovery Services | Backup Vault | Quick Create

image

After created a vault, navigate to vault dashboard and download vault credential.

image

Note:- Based on information from Microsoft website,

  • 1 subscription can cater for 25 vault
  • 1 vault can cater for 50 machine

[Back to Wizard]

  • Select vault credential file

image

  • Enter passphase that will encrypt your backup data. Store the key in safe location.

image

image

Once installation complete, you can open Microsoft Azure Backup Console to configure backup and recovery data.

image

[Configure Backup]

  • Click Schedule Backup

image

  • Select backup data

image

  • Enter retention range
  • Enter synchronization frequency
  • Enter Backup time

Note:- We configure the backup to occur everyday, 10.00am (during our break time) with 14 days retention range. For client backup, we recommend to configure the best day/time when your laptop is connected to power source & Internet access. So it is different backup strategy compare to server backup.

image

image

Note:-

  • Limit is 1.7 TB per volume of data that can be backup in one backup operation.
  • Backup operation only occur when plugged to power source and not running in battery mode.
  • Let say if your backup occur when your laptop is running in battery mode, no backup will take place. Your backup job will resume when your laptop is plug to power source.

[ Bandwidth Throttling ]

On the Azure Backup Console, click Change Properties.

image

We are so excited as now we can ensure that outstation laptop data is fully protected in Microsoft Azure. So hurry and try it yourself.

More information:-

Posted by at No comments:
Labels:

Enroll Windows Computer to Manage by Microsoft Intune

 

Our next target is windows computer. Based on requirement, the supported windows client operating system should be running:-

  • Windows Vista (Business, Ent, Ultimate)
  • Windows 7 (Pro, Ent, Ultimate)
  • Windows 8 (Pro or Enterprise)
  • Windows 8.1 (Pro or Enterprise)

You can refer to updated requirement from http://technet.microsoft.com/en-us/library/dn646950.aspx.

Too bad! We ran a test Windows 10 Technical Preview. Well, it does not work well to report back to Microsoft Intune.

You will notice that enrollment of Windows Computer is straight forward and make sure the enrollment machine does not contain SCCM client install and consist of Windows Installer 3.1. Let start the enrollment:-

[ Configuration ]

1. Logon to Company Portal https://portal.manage.microsoft.com

image

2. Click on +Add Device

image

3. Download and Install Microsoft Intune

image

4. Login to Microsoft Intune :- https://manage.microsoft.com

  • Go to Groups | All Devices
  • Approve any updates

image

image

After updating and restart windows computer, you will able to see Microsoft Intune Endpoint Protection has installed and performing definition update.

Icon on taskbar:-

image

[Microsoft Intune Endpoint Protection]

image

[Microsoft Intune Center]

image

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)