Option 1: Duo MFA for RDP (fast, easy, proven) Pros: High-level install steps: ▶ Link to official Duo guide:Duo MFA for Windows RDP – Step-by-Step Option 2: Azure MFA with NPS Extension (Microsoft “native” method) Pros: High-level install steps: ▶ Link to official Microsoft guide:Configure NPS…
UEFI Secure Boot is a platform feature within the UEFI specification that ensures the system boots using only the software trusted by the hardware manufacturer. Secure Boot provides a verification mechanism in which the firmware validates a boot loader before executing…
In the evolving threat landscape, vCenter Server and ESXi hosts remain high-value targets in the data center. As the foundational control and compute planes of your virtual infrastructure, securing them is essential. Whether you’re operating in a regulated environment or…
Ever wondered how you can give a user access to some artifacts within a vCenter and then deny the same user access to other artifacts? The access hierarchy in vCenter is role-based, leveraging permissions applied at various object levels in…
Previously, I posted about the replication of two HCIs using array-based or vSphere-based replication. This article addresses a third way or an addition to the two previously mentioned options. Dell Recovery Point for VMs (RP4VMs) synchronizes virtual machines to destination…
As I mentioned in the last article, I will write a new article about a disaster-avoidant solution I am deploying where it makes sense. Disaster avoidance in this setting means that we have a platform that is able to absorb…
To enable the vSphere Native Key Provider on vSphere 8, you can follow these steps. The vSphere Native Key Provider allows encryption-related functionality without needing an external Key Management Server (KMS). The Key provider service is easy to set up…
What is TPM? TPM is an industry-wide standard for secure cryptoprocessors. Since vSphere 6.7 VMware has supported TPM v2.0 A Trusted Platform Module (TPM) is a specialized microcontroller designed to secure hardware through integrated cryptographic keys. It is embedded either…
