Masterclass Description

Join us for a deep, practical training focused on securing and managing modern Windows Server environments presented by Microsoft MVP Mikael Nystrom. This two-day training combines Windows Server hardening, Active Directory security, hybrid management, Azure Arc, and Azure Update Manager into a practical, operations-focused course based on real-world experience.

In this LIVE Online Training, you will learn how attackers target Windows Server and Active Directory environments, how to reduce the attack surface, how to securely operate servers in production, and how to modernize management using Azure services. The training includes practical configuration examples, real-world troubleshooting, demonstrations, and operational guidance throughout.

If you want to improve the security and operational stability of your Windows Server environment while also preparing for hybrid management scenarios, this training is for you.

Added Bonus
You will receive access to sample scripts, configuration examples, and reference material used during the training.


This Live Online Training runs for two days and includes:

  • Live technical sessions with deep, practical content
  • Real-world demonstrations and troubleshooting scenarios
  • Architecture and configuration walkthroughs
  • Direct access to ask questions during the sessions
  • Access to scripts, tools, and reference material


This LIVE Online Training is for YOU if you want to:

  • Secure Windows Server and Active Directory environments
  • Reduce the attack surface and harden server infrastructure
  • Understand how modern attacks target Windows environments
  • Implement secure administrative workflows
  • Manage updates using Azure Update Manager
  • Use Azure Arc for hybrid server management
  • Improve visibility, logging, and operational security
  • Build a more secure and manageable server platform

...and so much more!


Prerequisites

Basic understanding of Windows Server and Active Directory. No prior experience with Azure Arc or Azure Update Manager is required.

Masterclass Schedule

Date and Time for Live Webinars

Date and start time for the next Masterclasses:

  • November 3-4, 9:00 AM-4:00 PM Central Time (US and Canada)

Sign Up Today!


Masterclass Outline

Module 1: Windows Server Threat Landscape

  • How Modern Attacks Progress from Initial Access to Server and Domain Compromise
  • Why Windows Servers and Active Directory Are High-Value Targets
  • Credential Theft and Lateral Movement
  • Lessons Learned from Real Incident Response Cases


Module 2: Core Security Principles for Windows Server

  • Least Privilege for Server Administration
  • Role Separation and Administrative Tiering
  • Reducing the Attack Surface on Servers
  • Designing Security for Daily Operations


Module 3: Secure Installation and Baseline Configuration

  • Secure Deployment and Initial Configuration
  • Local Security Policy and Baseline Hardening
  • Disabling Unnecessary Roles and Services
  • Firewall and Network Security Configuration
  • Hardening Management Interfaces


Module 4: Hardening Common Windows Server Roles

  • File Server Security Fundamentals
  • IIS Hardening Basics
  • Remote Administration Security
  • Service and Scheduled Task Security


Module 5: Active Directory Security Essentials

  • Common Active Directory Attack Techniques
  • Securing Domain Controllers
  • Protecting Privileged Groups
  • Group Policy Security Best Practices
  • NTLM, Kerberos, and LDAP Hardening


Module 6: Logging, Auditing, and Detection

  • Security-relevant Logging on Windows Server
  • Audit Policy Configuration
  • Event Forwarding and Centralized Visibility
  • Logging for Detection and Response


Module 7: Secure Server Operations

  • Operating Hardened Servers in Production
  • Secure Troubleshooting Techniques
  • Break-Glass and Emergency Access
  • Managing Operational Risk


Module 8: Patch and Update Management Strategy

  • Why Patching Is Critical to Server Security
  • Designing Update Rings and Maintenance Windows
  • Update Compliance and Reporting
  • Aligning Patching with Business Requirements


Module 9: Introduction to Azure Arc

  • What Azure Arc Is and Is Not
  • Supported Scenarios and Requirements
  • Security and Governance Benefits
  • Azure Arc Compared to Traditional Tools


Module 10: Managing Windows Server with Azure Arc

  • Onboarding Servers to Azure Arc
  • Centralized Inventory and Visibility
  • Policy-based Configuration and Governance
  • Monitoring and Security Integrations


Module 11: Azure Update Manager

  • Azure Update Manager Architecture and Components
  • Scheduling and Controlling Updates
  • Monitoring Update Compliance
  • Operational Considerations and Limitations


Module 12: Hybrid Governance and Security

  • Identity and Access Control for Hybrid Servers
  • Consistent Policy Enforcement
  • Compliance, Monitoring, and Reporting
  • Aligning On-Premises Servers with Cloud Security Standards

Instructor

Mikael Nystrom

Mikael is a Principal Technical Architect at TrueSec, with an extremely broad field of competence. He works in-depth with System Center suite, virtualization, cloud platforms, and operating system deployment. Mikael is a very popular instructor, is frequently used by Microsoft for partner training, and speaks at major conferences such as TechEd, Microsoft Ignite, MMS, and TechDays. He also spends a lot of time in communities, like deploymentbunny.com and itproffs.se. Mikael has been awarded Microsoft Most Valuable Professional (MVP) since 2005.

Mikael Nystrom

Principal Technical Architect