Author: Marius Sandbu

Azure Monitoring alerting rule to notify on non-compliant resources

No Picture

When using Azure Policies as part of your govnernance framework, there is always on thing that has bugged me with Azure Policies and that is with regards to alerting about non-compliant resources. From within the portal you get a list of non-compliant resources…

Read More »

Using Cloudflare Access to protect WordPress Admin sites

access-solution-diagram@3x

If you are hosting a blog like me, you can use Cloudflare to protect and accelerate your website which I have described here –> https://msandbu.org/moved-my-blog-to-cloudflare/ that means that front-end traffic is handled by Cloudflare and then to my origin site. Cloudflare recently introduced a new…

Read More »

Automation Azure Sentinel and Terraform

Azure-Sentinel-1170x500

In a previous blog post (https://msandbu.org/automating-azure-sentinel-deployment-using-terraform-and-powershell/)  I wrote how about you can use Terraform to automate the setup of Azure Sentinel and Log Analytics. The issue back then, was that you couldn’t automate Sentinel Analytics rules which you still needed to maintain using…

Read More »

Google Cloud Confidential VMs vs Azure Confidential Computing

Advanced-Security-Features-of-AMD-EPYC™-Processors-Enable-New-Google-Cloud-Confidential-Computing-Portfolio

Yesterday as part of Google Cloud Next’20 On Air, Google introduced a preview of a new set of virtual infrastructure called Confidential VMs which leverage the Secure Encrypted Virtualization (SEV) feature of 2nd Gen AMD EPYC. Confidential VMs run on N2D series VMs and currently support Ubuntu v18.04, Ubuntu…

Read More »

Azure Storage Object Replication

failover-to-secondary

I’ve previosly written about Azure datacenters and especially about the norwegian datacenters (https://msandbu.org/not-all-azure-datacenters-are-equal-what-to-consider-with-regards-to-dr/), where we have two regions where only east is active and west is a passive datacenter which is only used to support the underlying services which require geo redudant services,…

Read More »

SIGRed CVE-2020-1350 Vulnerability in Windows (DNS) Server and fix

what-is-dns2

Yesterday Microsoft released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions (not the DNS Client, and also domain controllers which have…

Read More »

TCP is not just TCP – Accelerate websites with Cloudflare

last ned

This blog site has been using Cloudflare for a while to provide acceleration and protection mechanisms in front of the website, I’ve also been working with NetScaler/ADC for a while to optimize crappy websites. One thing that most people hate when browsing, is…

Read More »

Azure Security Center Overview and Security Ecosystem

last-ned

With all the latest announcements and features that have been added to Azure Security Center lately I decided that I wanted to try and provide an overview of some of the services and integration that is part of Microsoft Azure Security Ecosystem. Most…

Read More »

Architecture of Azure Private DNS and name lookup in Azure

scenario

With the latest addition of DNS Proxy to Azure Firewall (https://docs.microsoft.com/en-us/azure/firewall/dns-settings) and looking at some of the questions I get on this blog I guess it was time to write a bit about how DNS lookup works within Microsoft Azure. How does DNS…

Read More »