Summary

In this chapter, we provided an overview of the traditional on-premise data center and the most current model available, known as the cloud. Within the cloud model, we covered the three primary services, known as IaaS, PaaS, and SaaS, and then finished this section with an overview of the hybrid model. Next, we reviewed secure access management as it relates to both physical and user access to Windows servers and infrastructure. We then covered privileged access models with best practices for secure access management.

The following section covered Windows Server management tools, including Server Manager, Event Viewer, WSUS, and Windows Admin Center. The final section of this chapter moved on to Azure services for managing Windows servers. In this section, we provided details about the Azure portal and Marketplace, Azure RBAC, Azure Resource Manager, Azure Backup, Azure Update Management, and Azure Site Recovery. While we quickly scratched the surface of many available tools, we hope the acknowledgement of these services may spark an interest in you to research further. These concepts may eventually lead to these services being implemented in your own environment, which will increase your overall security posture.

In the next chapter, we will shift our focus away from the server infrastructure to end user device management. This chapter will cover the evolution of device management and the tools that have been used over the years. We will then cover these tools in more detail, specifically the ones regarding device imaging and Windows autopilot, Microsoft Endpoint Configuration Manager (formerly System Center Configuration Manager), and Intune.