@scottalanmiller said in MDM for Windows and Mobile Devices | Mobile Device Management?:

I've got a customer that needs MDM that is able to lock down devices to the point of controlling what websites that they can visit. It's a small user pool, just two corporate devices that will be off network, but we'd like a lot of control on these devices. They are for singular purpose, essentially.

The company has a number of mobile devices that are less important but they'd like MDM for them as well.

Ideally a single solution that allows us to manage everything off network in a single pane of glass is ideal. What options do people know and/or recommend for something like this?

I personally use MS Intune for device management, but please look at Manage Engine MDM and is free for 25 devices https://www.manageengine.com/mobile-device-management/?pos=MEhome&loc=ProdMenu&cat=UEMS

Re: Microsoft Defender Training Series Part 5: New unified Security Portal

Hope 2022 is treating you all well! Its been a long time I haven't visited ML family. Switched my job and got busy with the transition and new projects! Read a post on Microsoft tech community about a new integration of MS TVM with Vulcan cyber and thought of testing it out. Here's the video of the integration and also with MS Teams integration.

Youtube Video

And it works!

I was almost at the end of getting the new XPS, just clearing up my old devices (seling some of them and giving out a few to close ones), saw a reddit post about installing Win11 on Surface Pro4.

Thought of checking it (previously I tried the Win11 tool and got the message that it is not compatible).

I cleared my TPM and rebooted once, moved my settings to the windows insiders dev channel and checked for updates. Got the Windows 11 downloaded!

While installing, at 35% got a message "What needs your attention" with no other details. The site https://www.howtogeek.com/416169/how-to-fix-what-needs-your-attention-windows-10-setup-errors/ helped me to fix that and get back that error. Now at 41% and hope to get it installed

I've checked the xps 13 and thinking of getting it. The one they have here is 16GB 1TB

But at the same time, since I rarely take the device out, also checking for a powerful mini PC

I've been thinking about replacing my existing laptop which is a surface pro 4 I5 8GB 256GB. Most of my use for this machine:

• Web browsing

• Office 365 Administration

• SSH management for some servers

• screen recording and video editing for my youtube channels

Almost 95% of my time I dock this laptop connected to 2 24" monitors so I rarely use it as a standalone device, but those times I use as independent laptop, I am a bit bothered about the smaller screen size. Even when I travel, I mostly carry my work laptop outsode home.

A readiness check for Win11, my Surface pro4 is not compatible and I guess its time to change my device.

I am still a bit confused if I need to get a 15" when most times it will be docked and never touched and also looking for recommendations if to choose a new Surface or look at something like a Dell XPS series.

@jaredbusch said in PDQ Link:

@Ambarishrh said in PDQ Link:

The only catch I could see is the mandatory port 443 as per their site

The majority of work for Link is done with our installer, but there is one bit that will have to be done by you or your network team. Your external firewall will need to route incoming TCP 443 to your PDQ Link server. 443 is the only port SSTP can utilize. This configuration is mandatory to allow your external clients to connect.

If you already have another service on 443 with a public IP, we need to use an additional IP for PDQ link.

That is what inbound proxy servers are for.

digging an older topic as I am testing this now. Regarding inbound proxy
, what would you suggest to be used?

@scottalanmiller said in Anyone used Infection Monkey?:

@ambarishrh I meant that YOU should make one.

I'm too subtle, I guess.

lol! Yes, will make one for sure! Just need to test it on a lab and see how it goes. Its an interesting project

and a detailed one here https://youtu.be/gOS1c375Hbg

@scottalanmiller said in Anyone used Infection Monkey?:

@ambarishrh have not heard of it, but sounds interesting. I think a video explaining how to use it is in order!

Ive seen few videos https://youtu.be/3tNrlutqazQ

Recently read about a tool called Infection Monkey which is an open source breach and attack simulation (BAS) platform that allows organizations to discover security gaps and fix them.

Github link : https://github.com/guardicore/monkey

Anyone used this? Planning to test this on my lab this weekend

congratulations!

@scottalanmiller Thank you!

My desk now!

Just posted 5th video on Defender training series, this time about the new Microsoft Defender unified security portal

Youtube Video

iOS native contacts sync with Microsoft Outlook for devices enrolled with Intune had few issues and this video explains the solution!
Youtube Video

Part 3 on MDATP series, this time about Attack Surface Reduction basics

Youtube Video

The only catch I could see is the mandatory port 443 as per their site

The majority of work for Link is done with our installer, but there is one bit that will have to be done by you or your network team. Your external firewall will need to route incoming TCP 443 to your PDQ Link server. 443 is the only port SSTP can utilize. This configuration is mandatory to allow your external clients to connect.

If you already have another service on 443 with a public IP, we need to use an additional IP for PDQ link.

Hi all,

Hope all well and everyone safe! Long time haven't gotten a chance to come back here.

Just got an email from PDQ about their new product called PDQ link

From their site and videos it looks like a simplified and automated implementation on built-in Windows Server roles Remote Access Server(RAS) and Network Policy Server(NPS). From the newsletter I got they've mentioned:

Your next question might be, how much is this going to cost me? We’re offering PDQ Link as a free download through 2020. Download it before the end of 2020 and keep using this version of PDQ Link through 2020, 21, 22, 23, and beyond at no cost.

Also asked them few questions I could think of and got the answers as well

1. Does it support change AD password via PDQ link?
   Because PDQ Link relies on user authentication rather than machine authentication, it is only able to communicate with remote devices while a user is logged in. While a user is logged in and connected through PDQ Link, they and their computer will be able to communicate with your domain controllers for things like password changes and group policy updates like normal. Since that connection is not made until after a user is logged in however, you will not be able to remotely reset the password for a user who is not already logged in.

2. Once PDQ link is enabled and connected, assuming we can continue using PDQ deploy & inventory to do its job without additional changes on DHCP/DNS?
   As long as you're making use of AD-integrated DNS zones, PDQ Link is able to update DNS and DHCP as clients connect and disconnect. After the initial configuration, you will not need to make additional changes to DNS or DHCP in order to use PDQ Deploy or PDQ Inventory while connected with PDQ Link.

3. Any limits on concurrent connections?
   While there may be limits based on the bandwidth of the server on which you install PDQ Link, there are no hard caps on the number of connections that PDQ Link allows. PDQ Link can be configured to assign IP addresses to clients either from a static list or using your existing DHCP server, so the only technical limit to the number of connections will be the number of IP addresses available for assignment though whichever method you select at setup.

4. Can we use AD based user authentication (yes, assuming users are given access based on AD group membership)?
   Yes, PDQ Link functions entirely based off of AD user authentication. Machine-based authentication and authentication for non-AD users are not possible at this time. This authentication is managed through the NPS server role that is installed along with PDQ Link on your server.

5. Does the client auto update or via PDQ deploy schedule updates?
   PDQ Link does not currently have any ability to update itself automatically. In the future when updates are released, it should be possible to install these with PDQ Deploy as long as machines are able to maintain a connection to the PDQ Deploy server while disconnected from Link for the update installation.

6. Can we make this VPN transparent to users to ensure that they don't disconnect it? This way, IT department can ensure that its always connected to PDQ for patch management
   There is not currently any way to prevent users from disconnecting from PDQ Link. By default users will be automatically connected at login and will not need to have any interaction with PDQ Link to make the connection, but an icon does exist in the system tray which can be used to open the console that includes an option to disconnect. Even if disconnected in this way, your users will be reconnected the next time they log in.

7. Does it support AD single sign on?
   PDQ Link does make use of AD credentials for authentication. The connection is made using the logged in user's credentials when they log into a computer with the PDQ Link client installed, without any manual entry of credentials being necessary.

8. Will this be part of PDQ suite (PDQ deploy+Inventory paid) or is it a separate product that we need to buy? If separate license, how much does it cost?
   PDQ Link is a separate product independent from PDQ Deploy and PDQ Inventory. It is currently being offered for free until at least the end of 2020, but we're still evaluating the best way to address licensing and costs beyond the end of the year.

What do you guys think?
I am going to test this in my lab!

My second video on #MDATP training series Threat & Vulnerability Management (#TVM) is out

Youtube Video