Cybersecurity Talk With Raymond Comvalius: Between On-Premises And In The Cloud. We Find Out Which Active Directory Is Safer

Raymond Comvalius is a multi-focused ICT specialist/architect, being engaged in IT totally for approximately 30 years, and being in Microsoft technologies for over 20 years. Raymond is also an author of a lot of books.

Watch the video where Raymond is talking about active directory.

If your goal is to become a cybersecurity expert, that’s definitely a place to be. This time I’m with Raymond Comvalius. We are going to talk about, among others, active directory and the cloud. Thank you for coming.

Raymond C.:

Thank you for inviting me.

Paula J.:

Thank you. And just a couple of words about Raymond. Raymond is an independent architect and trainer, also being engaged in IT totally for approximately 30 years, being in Microsoft technologies for over 20 years, which is really exciting and that’s a lot of time, I must admit. Raymond is also an author of a lot of different types of books.

Raymond C.:

For books, yes.

Paula J.:

Yeah, that’s great. And you are also writing a blog, which is nextxpert.com.

Raymond C.:

Nextxpert.com, and I’m quite active still on Twitter with the nextxpert handle.

The future of Active Directory

Paula J.:

You should definitely go check it out. And, let’s dig into the discussion, yes? So, let’s start over. I’ve got for you a couple of questions that are related to The Cloud and since this is also what you are talking about, do you think it is, in general, a good idea to fully get rid of Active Directory On-Prem?

Raymond C.:

You cannot yet, I think.

Paula J.:

Okay. Would this be possible in the future? What is your prediction?

Raymond C.:

My prediction is that it will be possible in the future, starting with companies that actually start a new infrastructure, that are starting from scratch. If you don’t have anything now, then you might consider starting without Active Directory, but I’m not sure you will make it today, but at least within a year or two years, it will be possible without it.

Paula J.:

So, this is all coming in this direction, yeah?

Raymond C.:


Paula J.:

My concern from the security perspective is that: in Active Directory you’ve got plenty of different kinds of security operations like monitoring, raw separation and who can do it and so on. Do you apply the same ones on Azure AD? Do you have that possibility?

Raymond C.:

I think Microsoft is moving towards that situation, and they’re moving fast, The Cloud’s moving really, really fast, so if it isn’t there today, it might be there tomorrow. That’s just the way it is nowadays.

The matter of safety: The Cloud or On-Prem?

Paula J.:

Okay, cool. The question that is, I guess, concern for a lot of people — which Active Directory is safer? The one On-Prem or in The Cloud?

Raymond C.:

I would trust the one in The Cloud more than the one On-Prem. The one On-Prem is built like, in 1999, built on technology and security standards of 1999. And the one in The Cloud is built like two, three years ago.

Paula J.:

Yeah, absolutely.

Raymond C.:

With the technology, which is way further than they were in 1999.

Paula J.:

Yeah, absolutely, and so, continuity, it could be also better. If your Active Directory, one the domain control is down, in The Cloud, it’s less probable, yeah?

Raymond C.:

Yeah, and if it happens in The Cloud, it’s built in such a way that it’s supposed to handle it, not in a way that you do it On-Prem, at least, and the thing is if you do it On-Prem, you build it yourself, you create the whole topology yourself and there may be mistakes in there.

Paula J.:

Oh for sure there are. I’m sure you have seen them a lot.

Raymond C.:

And the chances of making mistakes are, at least, less in The Cloud because there were lots of people involved there, and it’s better tested, tested by more people. And you get something that’s more proven than when you build it On-Prem.

Where to start? A piece of advice from Raymond Comvalius

Paula J.:

Yeah absolutely, makes sense. Okay, so, two more questions. One is related to the guys that are beginners. Since you got, and you do all the stuff about The Cloud and Windows infrastructure and so on, there are the young guys that are looking at you and they’re like, “Wow, I want to be like him,” and so on, what would you advise them? Where should they start?

Raymond C.:

Start with the old stuff.

Paula J.:


Raymond C.:

I think you should start with the old stuff because the old stuff is still everywhere, and you have to deal with it. So, if you only learn the new stuff, you will have issues because you will come in a situation that there’s lots of old stuff still running and you have to know how it works. You still have to know how Kerberos works, how NTLM works.

Paula J.:

Oh, so the basics of security, and so on…

Raymond C.:

All those basic stuff and the basics are what we are still building on it. If you look at it from now, from my standpoint, last week I’ve been studying new technology, from B2B and I’m quite able to understand it because I know how it used to work in the old way. It’s better to get the new concepts if you can compare it to the way it used to be.

Paula J.:

Yeah, absolutely, its various focus. Because you might even know that something … Or how something works, then you always able to refer to the past, and it’s like, “Oh, in the past it was like that.” So, now I’m able to solve it.

Raymond C.:

So, you recognize old concepts, and that’s good.

Learn new things by working with them

Paula J.:

Yeah, that’s great, and what about advanced guys? So if someone is an infrastructure master and they’re like, “I want to become familiar with The Cloud,” and so on, so what should they do? What do you think?

Raymond C.:

Start working with it. Play with it. Do everything that comes into your mind and try it out. That’s the way I learn new stuff.

Paula J.:

So, the first step that you did, did you subscribe to Azure? What did you do?

Raymond C.:

I subscribed, taking an Azure subscription.

Paula J.:

Yeah, for sure.

Raymond C.:

Create your IS environment, create your own tenant, start using Office 365, build demo environments to see how stuff works together and things fill in.

Paula J.:

Yeah, that’s a good suggestion, but it’s a lot of work, yeah?

Raymond C.:

It’s a lot of work, big time.

Paula J.:

But it has to happen, I mean, The Cloud is everywhere, so there is no other option, other than this. Right?

Raymond C.:


Paula J.:

Yeah? Okay. Perfect. Thank you so much for you being here. Thanks a lot guys. I enjoyed it a lot, yeah. I think it was actually pretty awesome, and let me sum up a couple of things that we were talking about.

active directory

So, still, when we got Azure AD, it cannot replace fully Active Directory that we got in our enterprises, at least not right now.

Raymond C.:

Not today.

Paula J.:

Yes, not today, so we definitely need to stay tuned for what is happening in that area.

Raymond C.:


If you learned something yesterday, it might be different today

Paula J.:

And, also, in order to become an expert, we still need to know things that are currently running in infrastructure, not only focused on the new items, because people still use them, companies still use them, and that knowledge is absolutely necessary, yeah? Okay.

Raymond C.:

You have to be able to make the transition from the old stuff to the new stuff.

Paula J.:

Yeah. Yeah, definitely.

Raymond C.:

And one thing that’s even more important, is that you have to keep up with what’s going on. So, if you learned something yesterday, it might be different today.

Paula J.:

Like today, for example, with The Cloud changes that we have just discussed before this interview, yes?

Raymond C.:

I just got into the situation this morning, because I’ve been prepping my demos for today, yesterday evening even still, and then I woke up this morning, and then there was an announcement that all the new stuff is there in the portal now.

Paula J.:

Sorry, things have changed. You have to just…

Raymond C.:

…deal with it.

Paula J.:

Yeah, deal with it. It’s a good motivation, isn’t it, yes? You have to do it. There is no other option.

Raymond C.:


Paula J.:

Yeah, cool, cool. So, thanks so much guys for watching this interview, hope you like it. Make sure that you’re going to post your questions in the comments sections below. If you got some questions to Raymond or to myself, do not hesitate, we are here for you to answer all the interesting questions that you may have about The Cloud that we didn’t really speak about, yeah?

Raymond C.:


Paula J.:

Okay, cool, yep, stay tuned and we are cooking that content for you. Thank you so much.

Raymond C.:

Thank you!

Protect your Active Directory. Take training from CQURE CyberBytes series and be prepared to fight advanced Active Directory Attacks.

Advanced Active Directory Attacks

