Hello Users

Here is some very useful information about office 365 URL & IP to function it properly for users. (Source from MS).

Office 365 requires connectivity to the Internet. The endpoints below should be reachable for customers using Office 365 plans, including Government Community Cloud (GCC).

This is Live document and keep checking it regularly

https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges?redirectSourcePath=%252fen-us%252farticle%252fOffice-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/

Hi Admins

Proteting the IT environment from hackers has been very critical challenge for all the IT Admins and on High Priority.

We will more focus on Citrix NetScaler System protection in this section.

1. Maintain Latest Ciphers: please perform your Citrix website security analysis now in case you have not done. 

https://www.ssllabs.com/ssltest/

TLS 1.0, TLS 1.1 , SSL 2 , SSL3 and some of the TLS 1.2 weak Cipehers should be removed from VIP Ciphers list in order to keep A rating for your website. its important to perform Citrix Client , Browsers analysis before removing Ciphers from VIP Ciphers Group otherwise Handshake will break in case users are using unsupported old browsers or Clients on their machine. (Keep updated).

SECURITY Come 1st and Users should use supported products.

2.  Configure ACL list for NetScaler : its important to strict NetScaler access to all the ports & limit to identified source by using ACL List. even though Mallicious conditates can reach to your netscaler network but cant establish connection by using any port scanner or analyze if you are maintaining ACL list.

3. Perform CIS analysis for NS Devices: its important to perform CIS analysis report for NS device and fillup the GAPS as per vendor recommednation.

4. Configure APPFLOW:- configure the APPFLOW logs collection and analysis in case you are using Syslog Server or any other analysis tool.

5. Upgrade firmware ontime: Citrix Vendor is too much active in identifying the GAPS and filling up them with new firmware versions & more new features so upgrade the NS firmware ontime.

6. Citrix NMAS: its beneficial to use Citrix NMAS integration with NS devices to analyze all the security attacks and get 365 Degree reports for your NS envrionment. lots of automation and better control over NS devices.

Remember Single Loop hole is enough to destroy the environment.

Some Good links from other blogers: https://neil.spellings.net/2014/01/12/penetration-testing-tips-netscaler/

https://docs.citrix.com/en-us/netscaler/12/application-firewall/security-checks-overview.html

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/

Hi Admin

Please find the steps for migrating DHCP server to another host.

Migrating from Win2008 to 2012/ 2016

1. login to Old DHCP server with adminID

2. Open command as administrator

3. netsh dhcp server export c:\dhcp.txt all

4. DHCP role is already installed on new Server.

5. netsh dhcp server import c:\dhcp.txt all

6. Once import is completed

7. Stop the DHCP & remove the role from Old Server

Migrating from Win2012 to 2012/ 2016

1. login to Old DHCP server with adminID

2. Open command as administrator

3. Export-DhcpServer -ComputerName DHCP01 -File "C:\DHCP-Config.xml" -Force

4. DHCP role is already installed on new Server.

5. Stop-Service -Name DHCPServer

6. Set-Service -Name DHCPServer -StartupType "Disabled"

7. Import-DhcpServer -ComputerName newDHCPservername -File "C:\DHCP-Config.xml -Force

8. Once import is completed

Keep visiting blogs for new articles.

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/

Hi Admin

its very common now a days that each company wants to reflects their brand names within their apps or websites.

Why not do this when on Citrix gateway access websites.  another marketing stunts and flow the company theme for corportate users or partners who access to it accross the worlds.

Here are some very good known articles on this along with demo.

Video Link:-

https://www.youtube.com/watch?v=6WFu0mUCaHo

https://docs.citrix.com/en-us/netscaler-gateway/12/vpn-user-config/custom-portal.html

Some Good links:

https://www.jgspiers.com/customizing-gui-themes-citrix-netscaler-11/

How to Customize NetScaler Gateway Logon Page for Various NetScaler Versions:- 

https://support.citrix.com/article/CTX126206

There are many more you can do if you are web developers. please take backup before making any changes.

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/

Hello Admin

Citrix NMAS stands for Citrix netscaler management & Aanlytics System.

Citrix NMAS is next system which replaces Command Center and insight system with lots of new valuables features.

Go through with Citrix Documentation of NMAS to boost your knowledge.

https://docs.citrix.com/en-us/netscaler-mas/12.html

very good Vidoe demo on NMAS:

https://www.youtube.com/watch?v=pcz7jQUxdg4

it is the future for next generation and available in Citrix Cloud as well to integrate with your existing system to get 365 Degree view and management of your netscaler & Citrix envrionment.

Keep visiting my blogs. it is the future.

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/

Hi Admin

In this post , we will talk about moving workload to Azure and why?

Migration has already been focused based on Technology or business. moving from one application to another or moving between Datacenters always add some benefits on business & cost driven.

 Main goal of moving to cloud ot overcome challenges

1. Customer to focus on Core business not IT

2. Avoid H/W lifecycle cost

3. Lack of Agility

4. Avoid cost of projected capacity purchase

5. Expense of maintaining a global presence

6. Enable disaster-recovery scenarios

How Cloud solution mitigate the above challenges

1. Customer to focus on Core business not IT - Hosting workloads in Azure allows non-IT businesses to re-focus their resources. Microsoft, who has been running enterprise-class datacenters since 1989, can handle the datacenter management, freeing up organizations to focus on their business. company dont have to care about backend compute procurements.

2. Avoid H/W lifecycle cost - All the H/W compute is handled by MS Azure so Customer dont have to care and spend cost on H/W lifecycle and limited to MS which results huge cost saving for Customers

3. Lack of Agility - Azure helps IT departments keep up with business demands by enabling infrastructure and platform deployments to occur in minutes. Azure offers rich support for DevOps workflows, natively supporting continuous integration and deployment (CI/CD) toolsets and methodologies. Organizations can build complex network infrastructures and make use of different storage tiers using native options in Azure. IT will have all the tools they need to increase their agility to cloud-speed

4. Avoid cost of projected capacity purchase - No need of procuring capacity to meet business projected requirements or % of reserve capacity.  Its on-demand and avaliable in few minutes

5. Expense of maintaining a global presence - Azure cloud is globally present and well connected. its big relief for cust & get workload spread Geographically in few minutes.

5.  Enable disaster-recovery scenarios : Azure Site Recovery (ASR) democratizes disaster recovery (DR) by allowing organizations to use Azure as their DR datacenter. Workloads are synchronized into Azure, enabling failover with recovery time objectives that are measured in minutes. Until the failover, only licensing and storage costs are incurred, making ASR dramatically lower in cost than traditional DR strategies. If an organization has a second datacenter, ASR also supports synchronizing and failing over to the alternate data center.

more details coming in another post

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/