-
Posts
-
By Usama Jawad96 · Posted
Windows Server gets DNS over HTTPS (DoH) support by Usama Jawad For the past few months, Microsoft has been previewing DNS over HTTPS (DoH) for Windows DNS Server, touting it as a foundational upgrade for zero-trust enterprise networks. It essentially introduces encrypted, authenticated DNS for the networks rather than transmitting DNS traffic in clear. Now, the company has introduced the general availability (GA) of this feature. The GA of DoH encourages organizations to deploy the solution in production environments without implementing a new client-to-resolver architecture. DoH helps improve the overall security of the network and reduces the risk of spoofing due to its zero-trust design. This is a significant change because pretty much every interaction with the network requires interfacing with DNS. DoH offers several advantages over standard DNS traffic, such as encryption using HTTPS, preventing unauthorized inspection, man-in-the-middle attacks, and traffic analysis. Since it leverages TLS certificates so that clients can verify the identity of the DNS server, it prevents spoofing through this authentication mechanism. Additionally, it's built on the DoH standard defined by the Internet Engineering Task Force (IETF), which means that it should work with modern RFC 8484-compliant clients. Finally, it integrates into the existing network architecture seamlessly and can even run in parallel with standard DNS, so that customers can migrate to the new technology at their own pace. Microsoft says that in the past few months of preview, DoH has become more stable, and customers can confidently deploy it in production environments with proper guidance. Microsoft has emphasized that migrating to DoH is necessary for organizations that are moving toward zero-trust DNS solutions. Windows clients already support DoH, but the latest availability on Windows Server provides encrypted DNS to all endpoints. The company has also mentioned that "while this release focuses on encrypting client-to-resolver communication, support for encrypted communication between Windows DNS Server and upstream DNS resolvers is planned for a future update." You can follow Microsoft's guidance to deploy DoH here, but keep in mind that you need a Windows Server 2025 installation with the latest Patch Tuesday updates installed. -
By binaryzero · Posted
Lol I had one of these turn faulty in Jan, guess it wasn't just bad luck lol -
By Setnom · Posted
I'm team Rossmann all the way. I have the exact same NVME, altough not in an array like him. -
By testman · Posted
It had gone weeks ago. Although thinking about it I'm on the beta. -
By RejZoR · Posted
They thought value of their goods would forever only drop like it used to and didn't account for sudden increase in price because of all the Ai hype. Tough luck Samsung, don't try to weasel this one out. Also American customer protection laws are a**. In Europe, you need to be compensated for a functioning product of same or better characteristics (not same price point as when it was originally bought!) if it can't be repaired and when you receive a replacement product your warranty starts from scratch because you received a different item than you previously had and old warranty thus cannot apply to it anymore. If your actual item was successfully repaired, warranty gets extended for the period the item was in service. If item is repaired to a significant extent, warranty also starts over from scratch because major part of it was replaced. Americans need to fight to get this kind of consumer protections because they are constantly getting screwed over.
-
-
Recent Achievements
-
davidbazooked earned a badge
Week One Done
-
Jamswaz earned a badge
One Month Later
-
Jamswaz earned a badge
Week One Done
-
Marzoid went up a rank
Rookie
-
coch went up a rank
Community Regular
-
-
Popular Contributors
-
Tell a friend
.thumb.png.b7089ebbdf00d96b3b92dddbd04bac02.png)
Recommended Posts