How do you find the Network and Sharing Center in Windows 11?
Press the ‘Start’ button
Type ‘Control Panel’ and click the shortcut to Control Panel
Click ‘Network and Internet’ (skip this step if your ‘view by’ isn’t set to ‘category’)
Click ‘Network and Sharing Center’
Applies To: Windows 11
The Network and Sharing Center can be a bit hard to find in Windows 11, and there’s several ways to find it. The quickest way is by following the instructions above.
If your Control Panel looks like this, then you can click straight onto ‘Network and Sharing Center’:
The Network and Sharing Center is part of the classic Windows Control panel, and being replaced by the more modern Network & internet area of Settings:
The Microsoft 365 Suite contains a lot of different solutions; and varying levels of security on those solutions, depending which tier of licensing you have. Microsoft’s security answers have varying levels of user experience, technical requirements, and administrative burdens.
For example, if you’ve used Microsoft native solutions to look at mailflow regularly compared to third-party solutions, you’d probably agree that Microsoft do not provide a quick and easy experience in troubleshooting why an email didn’t arrive. If you have to go back more than 2 days, then you’ll potentially have to wait a few hours just to get the results of the mailflow steps.
Third-party solutions must compete with Microsoft in their own space for security solutions, which means they need to be adding value somehow; cheaper, easier to use, more features, and/or quicker.
Hornetsecurity’s answer to this is their 365 Total Protection solution. I’m fairly experienced with Microsoft’s first party offerings, and a few other third-party mail security solutions, so was interested to see how this stacked up and where it might fit.
The above pricing based on the feature set seems quite reasonable to me, and from the page you can click on each feature and see more information including a screenshot.
The free trial process is well documented – the first page lays out what you’re in for which will unsurprisingly require tenant admin access to approve tenant permissions for Hornetsecurity.
Once you accept the permission request, a synchronisation will start. As I’m doing this in my own tenant of 1 user, it took about 20 seconds to perform. You’ll then need to update MX records so mail flows through the Hornetsecurity service, so it can do many of the services listed.
Not all services rely on mail flow, there is also an Outlook add-in. For older versions of Outlook it can be downloaded and installed like a traditional add-in, or there’s the much nicer modern method that’s controlled from inside Microsoft 365 admin center to deploy and show for users (I wish more vendors did this!).
Either way, the Outlook add-in provides several functions such as being able to report emails, block/allow emails, and view archived emails.
Some other notable features of the 365 Total Protection solution:
Email Archiving – something Microsoft can do, but don’t do a great job of exposing the archived emails. 10 years of email retention should be more than enough for most companies, and even if you have archiving enabled in your tenant natively, this gives you a backup of all your emails.
Email Live Tracking – a real time view of mail flow that works quickly and doesn’t require reports to be generated after 2 days that are CSV files.
Individual User Signatures – Centralised signatures that are also monitored for people who decide to change them away from the company standard. Different groups can get their own style of signature too. Microsoft still has nothing in this space natively and is still in the early days of having a signature saved to someone’s profile.
eDiscovery – Being able to search quickly across all emails in the company for keywords is a handy thing. Another one that Microsoft can do, but it’s clunky and far from quick.
Email Continuity Service – If Microsoft’s mail services go down, you can keep going until they’re back – delivering and sending emails directly through Hornetsecurity, then syncing up what happened after the event.
Automated backups for mailboxes, Teams, OneDrive and Sharepoint – this is really where all your Microsoft 365 data will live. Again, it gives you somewhere this data can be backed up and restored outside of Microsoft’s ecosystem.
There is of course a lot of security aspects to the solution such as Forensic Analyses, URL Malware Control and Realtime Threat Reports, but I quite like the Malware ex-post alert and Malware ex-post deletion. Malicious emails that get through on any system (and I’ve seen this with other third-party solutions as well as Microsoft) need to be detected and cleaned up, as well as investigated on whether anyone clicked the link. This ties into URL Malware control, which will do URL rewriting. Microsoft do this natively, but I’ve found the cleanup aspect can take a little while to perform and isn’t a seamless process from detection to cleanup.
One last point – it is good to see that they have a data centre in Australia as I see many of these companies ignore our region, which makes it hard when you need to keep your data in-country.
I look forward to playing around with Hornetsecurity further. If you’re curious too, then check out their free trial here.
Security updates for Exchange 2013, 2016 and 2019 are out, and as always, there’s exploits these mitigate. Note that https://aka.ms/ExchangeUpdateWizard will ask what you’re upgrading from and to, and talk you through the process – although it does expect you’ve done this before with some high level ‘Update your AD schema with this switch’ instructions that require you to go work out how to do that – which does involve downloading the latest ISO for Exchange, mounting it, then running the setup.exe with some switches. It also notes that these patches don’t fix the January 2022 transport queue buildup issue (Y2K22). Get patching!
This one’s a really neat idea – use GitHub Pages for free, to have a static online resume. No fees, no special hosting stuff – it’s what I run msportals.io off of. Good practise in doing something fairly simple on GitHub Pages. A workshop is available to work through it all.
I’m not someone who dabbles in SQL too often, but this is a nice clear post demonstrating simply how SQL Injection can work by searching with the string ‘ or 1=1 or 1=’ – then how to avoid it in code, and how Microsoft Defender for Cloud can detect and notify on those sort of attacks.
Really good idea from Microsoft here – an exam sandbox so you can get a feel for how the exams work (without actual exam questions) which can help people be prepared for what they’ll experience doing their first real Microsoft exam. I’ve added this to https://msportals.io too :)
This is a great addition to the security Azure AD provides. Instead of just assessing risk at the time of login, Azure AD will now continually assess risk, and force re-auth if something changes that it decides has increased the risk of the account such as location change or password change. It’s auto-enabled so you don’t have to do anything, but good to be aware of.
I personally haven’t even looked at Windows 365 yet – so if I was going to get started, this is the perfect sort of blog post to get things going. It looks pretty easy without too many steps, so check this out if you want to have a play.
Defender for Endpoint P1 is now in M365 E3/A3 licenses. If you’re wondering what P1 is, the article has a comparison table. That means if you have Defender for Endpoint already, it’s probably now P2. Microsoft Defender for Endpoint P1 is looking pretty cheap at $3US per user per month if you don’t already have E3/A3. This still goes to show that Microsoft licensing is hard and confusing, with so many factors to consider.
This year, I’m going to pick the most interesting TechCommunity Blog Posts on a weekly basis, and talk about them. There’s so much good content that gets posted and can be missed. This is of course from my point of view and the things I care about, but I hope it’ll help others pick up on some things they might have otherwise missed.
I also have a dedicated Twitter feed that posts all TechCommunity and Azure Blog Posts at https://twitter.com/MSITTechNews if you’d rather see everything.
Yikes, not a great way to start the year off – referred to as the Y2K22 bug, Exchange On-Premises servers (including ones for hybrid) were getting stuck in transport queues and eventually rejecting emails due to a date issue in malware scanning – it didn’t like the year 2022. Amusingly, the fix sets the date on the signature file as December 33rd, 2021 to get around it. The latest CU11 for Exchange 2019 doesn’t fix it, so unlikely other CUs for other versions of Exchange fix it either.
This is about using Quick Assist to remote onto someone’s computer as part of Autopilot. It’s interesting we don’t have a nice native way of remoting into a computer we control still without requiring user input – but it does make sense if the machine is still being configured. It’d be better if one of the first things Autopilot did was allow remote controlling by an administrator without having to talk the user through opening command prompt with key combos and typing in commands.
Using Microsoft Endpoint Manager to deploy Defender to iOS devices without any user input – I love the idea, but this one needs careful planning, testing and communication. What does Defender on iOS actually do? Check out the capabilities such as Web Protection, Threat and Vulnerability Management, and Jailbreak Detection.
A simple post showing an error when trying to enable Advanced Threat Protection (we’re still apparently calling it that because it’s a pain to update everything with constant name changes!) and workaround. I’ve posted there suggesting they have a readable screenshot of the actual error, and put it there in plain text too so it’s searchable.
“New recordings will automatically expire 60 days after they are recorded if no action is taken, except for A1 users who will receive a max 30-day default setting. The 60-day default was chosen because, on average across all tenants, 99%+ of meeting recordings are never watched again after 60 days. However, this setting can be modified if a different expiration timeline is desire”
I’ve gone and turned off the auto-expiring of meeting recordings. Why would I want that? Microsoft’s argument quoted is that people don’t watch them after 60 days 99%+ of the time – except what about the < 1% when you do need it? I only need to lose one meeting to be angry that this setting was ever there. There’s also a slight error in the post:
“To change the default auto-expiration setting for your tenant, go to admin.teams.microsoft.com, navigate to Meetings > Meeting Policies > Add in the left navigation panel”
Add isn’t in the left navigation panel, and we probably shouldn’t be adding a new policy, but instead adjusting the Global (Org-wide default). Creating a new policy that’s not applied to anyone won’t do much :)
I’ve posted the above there and hopefully will get updated.
Last year, I reviewed Synology’s Active Backup for Office 365 which is a cheap way of keeping another copy of Microsoft cloud data, as long as you have enough disks and space to fit it on.
This time, I’m looking at their Synology C2 | C2 Backup solution for businesses – which has a 90 day free trial (credit card details not required). This is a cloud based backup service – so no hardware required. Their support for Microsoft 365 data is quite new, and right now will cover user Exchange Online mailboxes, with OneDrive support coming in Q2 2022. Synology asked me to look at this and answered a few questions around timeframes; they’ve previously given me hardware to review, but this is not paid for content.
C2 Backup is one part of the C2 offerings, but you can pick and choose which components you want without requiring the others:
C2 Password C2 Backup C2 Transfer C2 Identity C2 Storage
At the time of writing, Synology have 3 regions you can choose from for C2 Backup: Europe – Frankfurt, North America – Seattle, and APAC – Taiwan. I’ll run through setting this up while giving a bit more information around what it is.
After creating an account, the first step is to pick your subscription – Monthly or Annual. The rates (which I won’t quote here in case they change, go have a look on their website) is per month and per terabyte, with the minimum at 5TB and the maximum 200TB.
I will note that there is an individual option that works a bit differently, but won’t run through that in this article. The data limits are smaller at 500GB, 2TB or 5TB and I’m sure there are other differences in the service vs the business option.
Next is setting up your domain, which will be a subdomain of c2.tw. You can’t change this later!
As I’m just doing a trial, I’ll skip the payment information, but it warns:
Continue without setting up a payment method? If you do not set up a payment method before the end of your free trial period, your subscription will not be automatically renewed.
Next is setting up the C2 Encryption key. This is like your password, but to all the data the service will hold. Synology point out they don’t store this – so you need to secure it yourself. If you lose it, you can’t decrypt your data and nor can Synology. They do provide a recovery code once this is done, which again you’ll need to keep – think of it as a backup password. This will be prompted to download a txt file containing the recovery code onto your computer.
Next is choosing the source of the data you want to back up. This screen will just jump you to the page for either – you’re not making a single choice between the two – it can do both.
Briefly looking at the On-premises device option, there’s 2 types of backup it can do: Personal Computer or Physical Server. There’s also Backup Policy where you can set the backup rules such as frequency, schedule and scope.
Backing up a computer or server will require an agent to be installed and signed into. Once done, a Backup Policy needs to be configured so the C2 platform knows what to backup and when. The policies are pretty simple, and the default policy will just back up everything daily, and keep all versions forever.
On the Cloud side of backup sources, we have support for Microsoft 365. You’ll need to sign in with an account that can grant access to certain areas of Microsoft 365.
It will need a little bit of time to connect before you can start configuring (about 30 seconds wait for me).
The next screen lets you pick which users to back up – which will most likely be all of them.
You don’t have to worry about adding future users in manually, there’s an option for Auto-Protection which will detect new users daily and just add them in. Note the 250 user maximum on this.
Once done, you’ll see the list of users you chose with the status ‘Not backed up yet’. You can trigger a backup now through the ellipsis button rather than waiting for the daily cycle.
The first backup will probably take quite a while – but after that first one is complete, future backups are incremental so will run a lot quicker.
The recovery portal is viewed in a per user state, you can choose which version you want to browse through (by date), and search if you’re looking for something in particular.
When restoring emails, you can either choose the emails you want to restore, or just restore everything. For specific emails, you can choose where to restore (either where they came from, or in a different restore folder) and if you want to overwrite existing items or not (only when restoring to original folder).
Restoring a single email for me only took a few seconds. Searching for emails was also very quick, with results coming up within a few seconds again.
Leaving the service going for a week, it has backed up successfully each time, and I can wind back to the daily versions for mailbox content with ease:
It also provides self-service restoration portal where end users can browse backups and recover files by themselves.
I’ve reviewed and tested a few other backup solutions; this is one of the easiest to do out there, but I’m also hanging out for some of the features still on the roadmap. If you only care about emails via Exchange Online, then the platform is ready to go.
It will be interesting to see how far Synology takes their C2 Backup service; being quite new I’m impressed that they’ve got the most important items (emails) backing up reliably, with a simple to restore process. If you’re looking for a ‘forever’ copy of everything in a mailbox on a daily basis, this is worth checking out.
