• 1 Post
  • 2 Comments
Joined 1 year ago
cake
Cake day: July 6th, 2023

help-circle
  • Main thing to consider is where you’re storing the backups. Are you wanting to store the locally or in another cloud service? The other consideration, of course, is cost.

    The most CapEx friendly solution is to buy a Synology with a ton of drives. Their built in software can backup 365 and Google without any additional cost or license. Your only limitations here are bandwidth, storage space, and the fact the data is local. A cheap place you could store this data back in another cloud would be Wasabi, which the Synology can also connect to.

    Veeam can back to up to local or cloud based repos, Wasabi included, but you have to pay a per user license, which can add up.

    A Cloud to Cloud backup solution I’ve worked with is SysCloud. Easy to use interface, especially for plucking out files and folders for recovery. You can pay per user or buy bulk storage. I’ve only used it for Google Suite for Drive/classrooms/and other non-mail stuff, but I know it can do 365 content as well.

    Finally, for strictly email (and not OneDrive/SharePoint, etc), one option is Mimecast. They are a great email security gateway that you can route your email through ahead of 365, and I think for security alone are a good investment if you can afford it. In addition to it handling security functions, you can also buy the archival service for capturing everything that goes through before users interact with them. Being able to near instantly search our entire email archive is super handy when doing legal/hr searches. It ain’t cheap though.

    Another cloud to cloud I know but don’t use for 365 is Druva. We used them for endpoint backup and are quite happy with them in that regard, but I do know they do 365 as well, don’t know much about how that is licensed though.

    Definitely compare some other products but those should be a good list to start with.

    However, I do think the Synology is probably slightly more unique in its space. The software that comes their NAS are really powerful, does all kinds of things without cost beyond buying the hardware it self.



  • murty@lemmy.worldtoSysadmin@lemmy.worldPatch Tuesday Megathread
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    1 year ago

    Starting my updates today (I typically wait a week to let other people be the test bed), I will update at the end tomorrow or the following day, especially if I run into any trouble.

    More importantly though, there’s two substantial changes in Windows Updates this month that you should be aware of if you are not already.

    KB5020805 enters the next phase for patching CVE-2022-37967.

    This month’s patches do the following:

    • Removes the ability to set value 1 for the KrbtgtFullPacSignature subkey.
    • Moves the update to Enforcement mode (Default) (KrbtgtFullPacSignature = 3) which can be overridden by an Administrator with an explicit Audit setting.

    Between now and October is your last chance to look for anything broken by this change, after October 10th patches the ability to undo this change is removed completely.

    For more details see: https://support.microsoft.com/en-us/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efb

    KB5021130 enters final phase of patching for CVE-2022-38023

    This month’s patches are the final phase of mitigation for this issue. Last month it forced the on everyone, so hopefully you’ve seen and found anything broken, as this month removes the ability to turn this change off due to the following:

    • The Windows updates released on July 11, 2023 will remove the ability to set value 1 to the RequireSeal registry subkey. This enables the Enforcement phase of CVE-2022-38023.

    For more details see: https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25

    Check your system logs for both of those KBs (event IDs to look for are outlined later in both articles) before patching.

    Edit 1:

    Just noticed that “CVE-2023-36884 - Office and Windows HTML Remote Code Execution Vulnerability” has additional remediation steps if you are not using Microsoft Defender for Office. More details and regkey included in this article: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884

    Edit 2:

    Finished updates last night with no issues. Basic environment overview: Mix of physical and VMs (split between Hyper-V and VMWare), mostly worked on Windows servers last night, 2012 R2 - 2019. Updated VMs and hosts (on both platforms). Everything seems to be humming along nicely.