This is cool!
Paul Andrew is a technical product manager on the Office 365 team working on identity.
Today we’re adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.
Multi-factor authentication increases the security of user logins for cloud services above and beyond just a password. With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in.
Multi-factor authentication has been available for Office 365 administrative roles since June 2013, and today we’re extending this capability to any Office 365 user. We’re also enhancing the capabilities that have been available since June. We’re adding App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication. And we’re enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication.
This addition of multi-factor authentication is part of our ongoing effort to enhance security for Office 365, and we’re already working on Office desktop application improvements to Multi-Factor Authentication for Office 365, which we’ll introduce later in this post. Office 365 offers many robust built-in security features for all customers and also optional controls that enable subscribers to customize their security preferences. More information about security in Office 365 is available inthe Office 365 Trust Center.
Let’s take a look at how Office 365 customers can take advantage of multi-factor authentication and configure it, including using App Passwords for Office desktop applications.
After entering your account password, you see a message like this while your phone is being called for acknowledgement.
Multi-Factor Authentication for Office 365
Office 365 administrators enroll users for multi-factor authentication through the Office 365 admin center.
In my previous post we configured clustered Node 1. In this second Part we will complete the cluster configuration in Node 2 and will validate and test the configuration..
If you’ve worked with XenMobile and especially the AppController to deploy WorxMail and WorxWeb you know that these establish a MicroVPN tunnel to reach internal resources when needed.
One thing that I noted today was that when you upgrade your AppController and NetScalers and people also upgrade their Worx Home app on Android you can run into an issue unless you upgrade and align your Worx Home and WorxWeb apps.
The new Worx Home 8.6.1 on Android requires that you run WorxWeb 1.3.3 from Citrix, otherwise the MicroVPN tunnel won’t be established and you won’t reach your internal resources through it.
So it’s more important than ever to ensure that you try your NetScaler, AppController and Worx apps and align their releases.. once they work then you see this great progress and tunnel being established.
It would be nice to get a good table of which versions of each product/component that you should run and which ones that can support all use cases like; XenMobile , ShareFile on prem, ICA/HDX proxy, SSL VPN and SmartAccess for RfW and proxy! I’ve not yet found one combination that delivers everything.
This is a good article, have a look at this if you’re planning some App-V 5.0 capabilities!
The following recommendations can be used as a baseline to help determine capacity planning information that is appropriate to your organization’s App-V 5.0 infrastructure.
|Use the information in this section only as a general guide for planning your App-V 5.0 deployment. Your system capacity requirements will depend on the specific details of your hardware and application environment. Additionally, the performance numbers displayed in this document are examples and your results may vary.|
Determine the Project Scope
Before you design the App-V 5.0 infrastructure, you must determine the project’s scope. The scope consists of determining which applications will be available virtually and to also identify the target users, and their locations. This information will help determine what type of App-V 5.0 infrastructure should be implemented. Decisions about the scope of the project must be based on the specific needs of your organization.
|Determine Application Scope||Depending on the applications to be virtualized, the App-V 5.0 infrastructure can be set up in different ways. The first task is to define what applications you want to virtualize.|
|Determine Location Scope||Location scope refers to the physical locations (for example, enterprise-wide or a specific geographic location) where you plan to run the virtualized applications. It can also refer to the user population (for example, a single department) who will run the virtual applications. You should obtain a network map that includes the connection paths as well as available bandwidth to each location and the number of users using virtualized applications and the WAN link speed.|
Determine Which App-V 5.0 Infrastructure is Required
|Both of the following models require the App-V 5.0 client to be installed on the computer where you plan to run virtual applications. You can also manage your App-V 5.0 environment using an Electronic Software Distribution (ESD) solution such as Microsoft Systems Center Configuration Manager. For more information see Deploying App-V 5.0 Packages by Using Electronic Software Distribution (ESD).|
- Standalone Model - The standalone model allows virtual applications to be Windows Installer-enabled for distribution without streaming. App-V 5.0 in Standalone Mode consists of the sequencer and the client; no additional components are required. Applications are prepared for virtualization using a process called sequencing. For more information see, Planning for the App-V 5.0 Sequencer and Client Deployment. The stand-alone model is recommended for the following scenarios:Full Infrastructure Model - The full infrastructure model provides for software distribution, management, and reporting capabilities; it also includes the streaming of applications across the network. The App-V 5.0..
- With disconnected remote users who cannot connect to the App-V 5.0 infrastructure.
- When you are running a software management system, such as Configuration Manager 2012.
- When network bandwidth limitations inhibit electronic software distribution.
Continue reading here!
This is a great PoC guide, some thing I would have done differently in detail but overall great work!
You’ve heard of XenDesktop 7.1, experienced a demo and worked through the Reviewer’s Guide. Now where do you turn when you’re ready for a PoC, pilot and preparations for a full-scale rollout?
Here on the Citrix Readiness and Enablement Team, we’re always looking for ways to empower our customers to be successful on their projects. To this end, we’ve taken one of our most popular hands-on lab guides used to train hundreds of internal and external students and reworked it for consumption by the masses. The XenDesktop 7.1 on Hyper-V Pilot Guide can be download fromhttps://citrix.sharefile.com/d/scaa256260df4ab3b. In this guide we cover the following topics with step-by-step instructions and screenshots:
- Configuring System Center Virtual Machine Manager and Installing the Agent
- Setting Up SQL Server Mirroring for a XenDesktop site
- Setting up the XenDesktop Site
- Joining a Controller to an Existing Site
- Configuring StoreFront and Installing Certificates
- Configuring NetScaler for StoreFront Load Balancing
- Installing the VDA Software on Desktop and Server VMs
- Creating Catalogs of Machine for Desktops and Servers
- Creating Delivery Groups for Desktops and Servers
- Delivering Installed and App-V Applications
- Provisioning Services Configuration and Optimizations
- Using the XenDesktop Setup Wizard
- Setting up Remote Access with NetScaler and StoreFront
- Internal and External Connectivity Scenarios
- Load Evaluator Policies
- Monitoring with Director
- Exploring Configuration Logging
- Exploring Delegated Administration
- Working with PowerShell
And much more!
Take a look through the document and let us know your thoughts…
IMPORTANT: This guide is designed to be used as a reference for building PoC and/or pilot environments. Production environments should always be…
Continue reading here!
This is a great addition I must say, but some things are missing!
One thing that I’m missing is the full integration with Azure storage containers! You still have to specify a temp/cache storage location that today ShareFile controller requires to be on a CIFS share when you have multiple controllers. And if you put the controller up in Azure as well, how do you then get that CIFS share and make it highly available? There is no CIFS exposure directly from the Azure storage, you have to setup a couple of VM’s in Azure, do something like DFS to expose is.. and then all of a sudden you have a whole file service to manage there as well.. and to monitor and all of a sudden you need AD and monitoring and reporting of it.. phuuu…
So I hope that in next version we can specify an Azure storage container for that cache/temp storage as well!
The other thing I’d really like to see is NetScaler support in Azure, so that we could do proper AAA/CS/LB of the controllers in Azure as well so that we can get a simple and fully cloud based service in Azure!
BYOD and a growing global workforce are generating demand for instant access to data, offline productivity and seamless collaboration from anywhere. Organizations are challenged with reconciling these forces with leveraging existing investments, protect intellectual property and meet regulatory compliance requirements – driving interest in ShareFile StorageZones. StorageZones offers IT the flexibility to store data in secure Citrix-managed datacenters in multiple worldwide locations, or on-premise within their own datacenters.
At Citrix Synergy 2013, we announced new ShareFile StorageZones options with Microsoft Windows Azure. We are now pleased to announce the general availability of ShareFile StorageZones on Azure with the release of ShareFile StorageZones Controller software version 2.2. This release includes support for Windows Azure storage containers, therefore if you have a Windows Azure account, you can use an Azure storage container for your private data storage instead of a locally maintained share. Hosting ShareFile data natively in your Microsoft Azure account helps IT build the most cost-effective and customized solution for their organization. This customer-managed solution integrates ShareFile with Microsoft Azure’s Binary Large Object (Blob) storage, a cloud service for storing large amounts of unstructured data that can be accessed from anywhere in the world via HTTP or HTTPS.
Azure storage is customer-managed storage hosted in the Windows Azure cloud. File uploads are initially deposited into a temporary storage area shared by all StorageZone controllers. Then, a background service copies those files to the Windows Azure storage container and deletes the local cached copy of the file(s).
Typically with CIFS based StorageZones, the Controller servers are installed on-premise in the customer’s datacenter. However, if a customer is hosting virtual machines in Azure, they could install the StorageZone Controller software on instances running in their Azure account and not necessarily on-premise.
Read the ShareFile StorageZones on Azure Storage Technical Brief and watch the video Installing and Configuring ShareFile StorageZones v2.2 with Microsoft Azure to learn more about this solution.
Check out our Citrix and…
Continue reading here!