When I was working with a customer project a couple of weeks back, I was setting up a redudant pair of Citrix ADC in Microsoft Azure which was going to be used publish customer workloads. The reason for setting ADC was because of security capabilities such as web application firewall, ip reputation, HTTP DoS, Rate …
Outbound traffic with Standard Load Balancer Microsoft Azure Read More »
One thing I’ve always tried to solve properly is how to simplify access to customer resources in Microsoft Azure, Office 365, Intune and other online services that Microsoft provides. This while still trying to achive a high level of security in regards to having MFA in place, auditing and avoiding having non-personal accounts and still …
How to manage customer access to Azure, Intune and Office 365? Read More »
Earlier this week Google announced that they will be joining AWS and Azure in being able to deliver VMware based offering to their customers. Source: https://cloud.google.com/blog/topics/partners/vmware-cloud-foundation-comes-to-google-cloud Google will soon be providing a VMware Cloud Foundation solution as part of their plattform, which is essentially that you get a VMware based private cloud within GCP. This solution …
Earlier this month, Microsoft together with NetApp went GA with Azure NetApp files and now I’ve been fortunate enough to use it for a project. NOTE: That Azure NetApp file serivce is still only available in certain regions also you need to register for the resoure provider to get access to the service (Can be …
These next couple of posts will focus on the different load balancing mechanisms that are available in Microsoft Azure. Going from Azure Load Balancer, Application Gateway, Traffic Manager, Front Door, and how these compare with other NVA’s that are available on the market. This first post will focus on Azure Load Balancer. Then I will focus …
Yesterday, Microsoft released Azure Lighthouse aka “Delegated Resource Management” which is a way to provide deleated access to Customers Azure resources either it be individual services, resource groups or even whole subscriptions. The official blog announcements can be found here –> https://azure.microsoft.com/nb-no/blog/introducing-azure-lighthouse/ So how does it work? Essentially you have a master subscription where your Azure …
With the newly released Azure Front door I was eager to see how it could compare to Cloudflare in terms of performance and functionality. I’ve previously moved my blog to Cloudflare https://msandbu.org/moved-my-blog-to-cloudflare/ which means that they are handling all the frontend traffic to blog. Cloudflare has multiple Points-of-presense around the world which allows for incoming traffic …
So thinking about moving from on-premises Active Directory and moving towards using Azure Active Directory Domain Services in Azure? For those that aren’t aware Azure AD Domain Services is a PaaS service that Microsoft delivers in Microsoft Azure which is essentially Managed Active Directory. Now in most scenarioes, Active Directory is the authoritative source for …
Things you need to consider before using Azure AD Domain Services Read More »
The Evolution of RDP RDP is a pretty common protocol, and has been and is still the default way to have remote access to an Windows enviroment and has been a core part of the operating system for many years. RDP as a protocol is based on, and is an extension of, the T-120 family of protocol …
New RDP vulnerabilities – so how can we secure RDP? Read More »
So this is based upon a real-life case where one of my customers had a Linux virtual machine in Microsoft Azure that got compromised and I wanted to use this blogpost to showcase how it was detected and the information that came from Microsoft and what was the reason how it got hijacked. (Really been …
Real-life detection of a virtual machine in Azure with Security Center Read More »
