Overview I’ve uploaded the Defender Baseline Here (and yes 24H1 is the latest) Last week I posted a how to on implementation of the new Windows 24H2 Baseline in sections so that…
Intune 24H2 Baseline as Individual Settings Catalog Profiles
Around a year ago I posted the Windows Intune 23H2 Baseline as individual catalog files, I’d put all the configurations from each section into the Device Configuration Settings Catalog format and exported…
Strong mapped certificates Intune NDES SCEP
For quite some I’ve been considering writing about Microsoft’s Strong Mapping changes to certificates With the first enforced changes via Patch Tuesday just around the corner (Feb 11 2025), I felt compelled…
USB Security Using Microsoft Defender for Endpoint
Defender Attack Surface Reduction is a good choice for USB restrictions, because it will report back to Defender and give a good audit if users are attempting to repeatedly write data out…
NDES SCEP For Intune – The safer way
Step by step guide for getting Certificates on Intune machines from your Internal PKI. I’ve tried to add only minimal rights as I see many blogs adding things like the machine accounts…
Intune Baseline 23h2 as Settings Catalog
With the release of the Microsoft Version of the 23h2 Baseline, I’ve put all the configurations from each section into the Device Configuration Settings Catalog format and exported them as JSON so…
Quick summary on example of Microsoft AI for use as a chat assistant for your internal docs
Overview I’ll start by saying this is heavily influenced by Jannik Reinhard who is an incredible Intune and Modern Device Consultant you can check his posts here with all sorts of useful…
Microsoft Entra Private Access – A quick look at accessing internal resources without VPN
This post is a quick look at Microsoft Entra Private Access with which you can implement to access company resources such as apps file shares etc without a VPN. Microsoft describe the…
Microsoft Entra Internet Access – quick look at Web Filtering for Internet traffic
This post will focus on Entra Intenet access (currently in public preview) with the aspect of providing a Content filtering Secure Web Gateway similar to perhaps Zscaler. Microsoft describes this in the…
Defender for Endpoint, Windows Servers Migration from Configmgr to MDE Management
In this post we will look at moving your Windows servers into being managed directly by Defender security policies rather than Configmgr. Overview Many enterprises have been using Microsoft Configuration Manager to…