Zero-trust with Cloudflare Access and Azure Active Directory
One of the cool things with Azure Active Directory is the risk indicators that can be collected into from different systems such as Identity Protection, Intune, Azure ATP and Defender ATP. With this information collected it means that systems that integrate into Conditional…
Read More »Running Terraform as part of VMware Cloud Automation
As part of the latest version of VMware Cloud Automation it does now support Terraform as a resource and allows you do map directly to TF files and runtime within VMware Cloud Automation. VMware Cloud Automation consists of three products. Cloud Assembly, Service…
Read More »Continuous access evaluation with Azure Active Directory
For sometime Microsoft has had a feature called Continuous access evaluation in Preview as part of Azure Active Directory. Which allows Conditional Access Policies and User Changes be evaluated in realtime compared to the traditional lifetime of a token. Just to illustrate. When a…
Read More »Azure Administrative Units and MyStaff for delegated management
When migrating from Active Directory to Azure Active Directory you move an essentially from a tree based structure where you might have multiple domains, forest and a large OU structure to more a flat tenant structure within Azure Active Directory. This means that…
Read More »Integration Azure Defender with Google Cloud and AWS and Cloud Security Posture Management systems
During Ignite Microsoft released a new set of Cloud integrations from Azure Defender to AWS and Google Cloud. This provides the following advantages when connecting Azure Defender to the different cloud providers. Automatic agent provisioning (Defender uses Azure Arc to deploy the Log Analytics agent…
Read More »Microsoft Tunnel – What is it and how to set it up
Microsoft tunnel is a new feature which was released during Microsoft Ignite 2020. Tunnel is a VPN gateway solution for Microsoft Intune. The tunnel allows access to on-premises resources from iOS/iPadOS and Android Enterprise devices using modern authentication and Conditional Access. As shown…
Read More »Need for Office 365 backup? Altaro backup
With all the ransomware and crypto attacks that are happening these days, I do appriciate more and more the value of having backup of the data. Not just the backup of course, but also ensuring that we can easily restore data when something…
Read More »Audit Log Analytics history
As part of Microsoft Ignite, Microsoft announced a new feature to provide insight into what kind of queries are being run within a Log Analytics workspace. Log Analytics is a centralized log service which can collect audit/log data from many sources, including like…
Read More »Nutanix Clusters vs VMware on Azure?
I’ve previosly written about VMware on Azure using the Cloudsimple deployment https://msandbu.org/building-vmware-on-public-cloud-or-using-cloud-native/ where the cloudsimple solution is using a set of (dedicated hosts maximum 16) bare-metal servers in Azure to provide a VMware validated design setup within Microsoft Azure datasenter. The VMware solution is essentially…
Read More »Protection against Ransomware Attacks, Credential Stuffing and Password Spray Attacks
Lately there have been more and more ransomware attacks, where companies are faced with their systems and data becoming encrypted, and forcing them to pay a ransom to get access back to their data. A couple of weeks ago I started to subscribe…
Read More »