We just published a new whitepaper that describes best practices for securing and hardening the Network Device Enrollment Service (NDES) server role for use with Microsoft Intune and System Center 2012 Configuration Manager. The whitepaper details how Microsoft’s policy module secures certificate deployment through NDES as well as best practices for how to secure NDES behind a reverse proxy such as Windows Server 2012 R2 Web Application Proxy or Azure Active Directory Application Proxy.
You can get all the details as well as a download link here:
Whitepaper: Securing and Hardening NDES for Microsoft Intune and System Center Configuration Manager
J.C. Hornbeck| Solution Asset PM | Microsoft GBS Management and Security Division
Get the latest System Center news onFacebookandTwitter:
System Center All Up: http://blogs.technet.com/b/systemcenter/
Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
Data Protection Manager Team blog: http://blogs.technet.com/dpm/
Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
Operations Manager Team blog: http://blogs.technet.com/momteam/
Service Manager Team blog: http://blogs.technet.com/b/servicemanager
Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
WSUS Support Team blog: http://blogs.technet.com/sus/
The RMS blog: http://blogs.technet.com/b/rms/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Surface Team blog: http://blogs.technet.com/b/surface/
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/
System Center 2012 Configuration Manager ConfigMgr 2012 R2