Macrosoft Modern Network Security and Management

By G.N. Shah, Ronald Mueller

This technical note provides an overview of Macrosoft’s recent implementations of two new leading-edge security and network management platforms for enhancing our security profile and controlling our endpoint network protection. These are critical upgrades given everyone in the company is now working remotely and will likely continue for the foreseeable future. In effect, we are now a distributed enterprise. These technologies help us to protect/mitigate malware, viruses, exploits, and ransomware.

Download as PDF

Download the entire blog as a PDF for future reference absolutely free of cost.

The first technology implementation is the Microsoft Endpoint Manager Platform. We describe the major features this cloud technology platform provides and how and where we are currently using it. Macrosoft has been a Microsoft Gold Partner for over a decade. As a Gold Partner, our technology team continually tests most Microsoft technologies for us to be ready if and when our clients need them. For some time now we have been evaluating the latest version of Microsoft Endpoint Manager. It became clear to us that this is a key technology for us to implement for our own internal network and security needs since our company is now a distributed enterprise. Endpoint Detection and Responses (EDR) and Extended Detection and Response (XDR) are essential to implement on each device to protect our network and our client services.

The second technology we have recently implemented is SonicWall which is a next-generation firewall for mitigating intrusion risk and protecting everyone in our remote workforce. We provide a brief overview of the security features this platform provides us and how and where we have implemented it. Macrosoft developers use laptops from their homes to do their work, and so covering these laptops is our focus for SonicWall. [1]

Macrosoft Profile

Macrosoft has 2 large diverse international development centers in Lahore Pakistan and Trivandrum India. Both contain well over 100 technical staff. We also have over 150 technical staff in the US, but nearly all these staff members work directly for our US client base, and so are subject to the security and network standards of the clients they work for. There is also a group of about 30 technical and business staff in the US that oversee all development work done out of our two international development centers and staff overall corporate business functions including Sales, Marketing, HR, Finance, etc.

The implementation of these two tech platforms is intended for everyone in the two international development centers as well as for the 30 or so members of the technical and business organizations in the US. As noted, it is not intended for the ~125 US technical consulting members that work for our US client base. While nearly all these technology consultants also work remotely at the present time, they are subject to the security and network processes of the clients they are working for and usually use laptops provided by the clients.[2]

Microsoft Endpoint Manager

Microsoft Endpoint Manager is a cloud-enabled platform for unified and secure endpoint management. It can secure, deploy, and manage all users, apps, and devices. A key reason we were attracted to Endpoint Manager in the first place is that it is fully cloud-enabled with a diverse and growing set of cloud-based features. Our company is predominantly cloud-based at this point. Over the last few months, we have been moving more and more endpoints and workloads to the cloud and expect to have most of this done by 3rd Q 2021.

We are using this platform as our path to modernize the management of our network and devices. By modern management we mean, among other things, the ability to quickly and easily automate tasks, set priorities on tasks, and most importantly, closely connect our IT and Security teams and priorities. To us, it also means continually improving the user experience. All these points are now more important than ever given the remote and dispersed nature of our work environment.

1    Endpoint Manager Capabilities

The main capabilities of Endpoint Manager that we have found to be major advantages to our company are the following:

CapabilityShort Description of Capability and How we are benefiting from it
Cloud security Across EndpointsProtects devices against threats using Microsoft Zero Trust technology and Microsoft Defender ATP. Secure and intelligent and has native integration with cloud-powered security controls and risk-based conditional access and controls for apps and data.
Comprehensive Windows 10 Mgt.Simplifies automated provisioning, configuration management, and software updates for all our endpoints. Provides unified management of all endpoints.
Streamlined and FlexibleFlexible support for diverse and BYOD scenarios. (We have a workforce of over 300 developers working remotely with individual laptops so this is a critical capability.)
Fast Rollout of ServicesThe fast rollout of new services and devices with end-to-end integration across Microsoft stack (our standard tech stack).
Advanced AnalyticsRich UI includes advanced analytics. Has productivity scores, including technology experience.
Zero Touch ProvisioningRich UI to set up automated provisioning for new endpoint devices, apps, and processes.
Deep Microsoft 365 IntegrationModernize developers’ and business users’ environments within Microsoft 365.

2    Microsoft Endpoint Manager Cloud Management Journey

The architecture diagram below shows the three main stages of the cloud management journey using Configuration Manager and Intune in a single unified endpoint management solution. The first stage uses tenant-attach capabilities that provide the most flexible path for Configuration Manager to allow us to start gaining cloud benefits without necessarily enrolling all our Windows clients with Intune. We simply need to connect the Configuration Manager site to the cloud and immediately gain access to a host of remote actions and analytics. This is the path we used in implementing Endpoint Manager.

In the second stage, we can use co-management to manage Windows using both Configuration Manager and Intune. The Windows 10 device is managed by both Configuration Manager and mobile device management (MDM) systems in this second stage. This is not a relevant stage for us since, as noted, we are not integrating mobile smartphone devices into the platform at this point.

The third stage is for new endpoints to go directly to the cloud with Intune, which is what we are doing. We are also flexibly moving more and more workloads to the cloud which is normal in the third stage.

Microsoft Endpoint Manager

SonicWall Capture Client (Advanced)

SonicWall Network Security Manager (NSM) gives us what we need for comprehensive and centralized firewall management. It is a next-generation firewall mgt platform. Among the key capabilities are the following:

  Capability  Description and how we are using this capability    Additional Details
Firewall Mgt.Onboard and manage all firewalls centrally from one interfaceThe platform has Capture Security Center which is a scalable cloud security management system. It delivers robust security management, analytics, and real-time threat intelligence for your entire portfolio of network, email, endpoint, mobile, and cloud security resources.
Zero Touch ProvisioningDeploy and administer firewalls remotely with Zero-Touch DeploymentMinimal user intervention is required.
Configuration AutomationSimplify the setup of firewalls with configuration wizards. Quickly and easily deploy any new firewalls using custom configuration templates.Fully automated to operationalize firewalls in four easy deployment steps.
Analytics of Security RiskIdentify and remedy security risks through analytics capabilities in the UIAccess SonicWall from a single function-packed interface – a ‘single pane of glass Establish content filtering and access policies for risky users and applications easily and quickly.
DashboardAn intuitive dashboard with key metrics displayed and trackedIt has Risk Meters customized to show threat data and risk scores based on live threat data compared with the present level of protection. Web application and internet usage are revealed on the dashboard. Drill-down capabilities to pivot and investigate data points of interest down to the user level.
Audit ReportingAutomate audit-ready reporting, very useful when clients ask us for our security statusThe broad range of predefined reports. Customization using any combination of auditable data to acquire various use-case outcomes. Pull data with deep granularity Uncover anomalies with historical user records and application activity for long-term traffic and security gap analysis. Can conduct drill-down risk analysis and generate compliance audits
Gateway SecurityGateway Security Services – Get real-time protection with gateway anti-virus, anti-spyware, intrusion prevention (IPS), and application intelligence and control.Cloud App Security (CAS).   Enables quick discovery and evaluation of risky applications with “Shadow IT Discovery”.   Set allow/block policies in real-time.
Advanced Threat ProtectionCapture Advanced Threat Protection (ATP) – Defend against unknown and zero-day attacks at the gateway with automated remediation using multi-engine sandboxing.Analyze and measure security posture Perform what-if analysis Identify security actions to reduce network threat surface and susceptibility to cyberattacks through known threat vectors.
Content FilteringContent Filtering Service – Manage access to inappropriate, unproductive, and even illegal and malicious web content.Automate content filtering services
Anti-Spam ServiceComprehensive Anti-Spam Service – Remove junk email at the gateway with one-click activationNext-Gen Security for Office 365
Smarter DataSmarter Data leads to Faster DecisionsAll network traffic that passed through firewalls —in real-time. Detect performance issues and hidden risks with high accuracy via pivoting and drill-down tools.
Actionable InformationFirewall Data into Actionable InformationAggregate Data; Contextual Data Stream Analytics; User Analytics Dynamic Visuals Detection and Remediation

Concluding Comments

This is another paper in our series describing technology innovations at Macrosoft. This paper deals with our implementation of Microsoft Endpoint Manager and SonicWall Capture Client Advanced for enhancing our security profile and automating our network management of endpoint devices and applications. There will be many more technical papers from Macrosoft over the coming months on innovations now being pursued in our ‘skunkworks’ including in the following areas: robotic process automation; NLP; chatbots; AI for document understanding; and many more. Many of these innovations we are now pursuing will lead to new products and services for our company. Stay tuned!

Download as PDF

Download the entire blog as a PDF for future reference absolutely free of cost.

[1]  We are not currently using either platform to cover the smart phones of our technical community.

[2]  For these tech consultants their main interactions within Macrosoft are through MS Outlook 365. 

Share this:

By G.N. Shah, Ronald Mueller | October 12th, 2021 | General

About the Author

G. N. Shah Chief Technology Officer of Macrosoft

G.N. Shah

Shah is a forward-thinking corporate leader with twenty years of experience delivering top-notch customer solutions in large scale and enterprise business environments. As a technology visionary and driver of strategic business systems development, allow Macrosoft to deliver best-in-class software solutions. Shah’s profound expertise includes business strategy, product development, enterprise-wide architecture, application migration, IT transformation, and international development management. Shah holds multiple professional and technical certifications, scholastic degrees, and an MBA.

Dr. Ronald Mueller Chairman and Founder of Macrosoft

Ronald Mueller

Ron is the Chairman and Founder of Macrosoft, Inc. He heads up all company strategic activities and directs day-to-day work of the Leadership Team at Macrosoft. As Macrosoft’s Chief Scientist, Ron defines and structures Macrosoft’s path forward. Ron's focus on new technologies and products, such as Cloud, Big Data, and AI/ML/WFP. Ron has a Ph.D. in Theoretical Physics from New York University and worked in physics for over a decade at Yale University, The Fusion Energy Institute in Princeton, New Jersey, and at Argonne National Laboratory.

Ron also worked at Bell Laboratories in Murray Hill, New Jersey., where he managed a group on Big Data. Ron's work focused around the early work on neural networks. Ron has a career-long passion in ultra-large-scale data processing and analysis including predictive analytics, data mining, machine learning and deep learning.

Recent Blogs

Balancing Multiple Content Distribution Goals with Quadient Inspire: A Detailed Guide
Read Blog
Enhancing Communication in Pharmaceuticals with CCM
Read Blog
Boosting Efficiency in the Insurance Industry: A Deep Dive into RPA
Read Blog
Overcoming Common Challenges in CCM
Read Blog