Matt

 This morning, I noticed this notification in Microsoft Intune started showing.     If you click on the link, it will take you to M365 Admin Center, I reviewed the document to ensure I understand everything before I apply it. So, what to do? According to Microsoft Document, there are changes in IP Ranges and Service Tags for both Public and Government Cloud. These changes are part of the Secure Feature Initiative (SFI) and must be completed before December 2nd, 2025. Entities (companies and government) need to configure their outbound firewall traffic for Intune or Azure to match Microsoft's new ranges. This must be done on the firewall, router, proxy, and NSG levels, also by adding the new ranges without removing any existing network or firewall configuration. Include a new Azure Front Door tag, ‘AzureFrontDoor.MicrosoftSecurity’. To download the document (JSON) file for the government and the public, click the links below. Public clouds: ...

Security – Audit After my first episode, I was busy working on different projects. Today, I decided to start with the security journey and recommendations. After “ Administrative Templates Personalization ," I realized I should discuss another security aspect: Audit. In Intune settings, there are 59 settings related to "Auditing," and in this blog, I selected some of the most important ones, which are also recommended by all Cyber Security and CIS Benchmark. Audit Process Creation(Enable): This policy setting determines what information is logged in security audit events when a new process is created. This setting only applies if the Audit Process Creation policy is enabled. When enabled, the command line information for every process will be logged in plain text within the security event log as part of the Audit Process Creation event 4688, ‘a new process has been created’ on the workstations and servers where this policy is applied. If this policy setting is disa...