msandbu.org

Google Cloud Confidential VMs vs Azure Confidential Computing

Yesterday as part of Google Cloud Next’20 On Air, Google introduced a preview of a new set of virtual infrastructure called Confidential VMs which leverage the Secure Encrypted Virtualization (SEV) feature of 2nd Gen AMD EPYC. Confidential VMs run on N2D series VMs and currently support Ubuntu v18.04, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2. So why is […]

Google Cloud Confidential VMs vs Azure Confidential Computing Read More »

Azure Storage Object Replication

I’ve previosly written about Azure datacenters and especially about the norwegian datacenters (https://msandbu.org/not-all-azure-datacenters-are-equal-what-to-consider-with-regards-to-dr/), where we have two regions where only east is active and west is a passive datacenter which is only used to support the underlying services which require geo redudant services, such as Azure SQL, Storage and so on. This poses an issue

Azure Storage Object Replication Read More »

SIGRed CVE-2020-1350 Vulnerability in Windows (DNS) Server and fix

Yesterday Microsoft released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions (not the DNS Client, and also domain controllers which have DNS are also affected) This vulnerability was discovered by security researchers at

SIGRed CVE-2020-1350 Vulnerability in Windows (DNS) Server and fix Read More »

TCP is not just TCP – Accelerate websites with Cloudflare

This blog site has been using Cloudflare for a while to provide acceleration and protection mechanisms in front of the website, I’ve also been working with NetScaler/ADC for a while to optimize crappy websites. One thing that most people hate when browsing, is waiting…. If you also are running a e-commerence website, those seconds of waiting

TCP is not just TCP – Accelerate websites with Cloudflare Read More »

Azure Security Center Overview and Security Ecosystem

With all the latest announcements and features that have been added to Azure Security Center lately I decided that I wanted to try and provide an overview of some of the services and integration that is part of Microsoft Azure Security Ecosystem. Most companies see that the biggest challenge with adopting public cloud is managing

Azure Security Center Overview and Security Ecosystem Read More »

Architecture of Azure Private DNS and name lookup in Azure

With the latest addition of DNS Proxy to Azure Firewall (https://docs.microsoft.com/en-us/azure/firewall/dns-settings) and looking at some of the questions I get on this blog I guess it was time to write a bit about how DNS lookup works within Microsoft Azure. How does DNS lookup work within Microsoft Azure? Azure provides internal name resolution for VMs

Architecture of Azure Private DNS and name lookup in Azure Read More »

The problem with multicloud strategies and products

When working in the IT-industry you are many times faced vendors that are claiming that they have a great product which provides multicloud capabilities. As I’ve seen now with more and more companies which are now moving towards public cloud(s) I see this more and more of an an headache that actually provide value. Many customers are adopting

The problem with multicloud strategies and products Read More »

Restore Deleted Files in Windows 10 using Windows File Recovery

When you delete a file in Windows (Using)NTFS, it is marked as deleted within the MFT entry for that file. The clusters that were allocated to the fille are now marked as free, within the $BitMap. As long as that those clusteres are not overwritten by new data, there might be a change that you can restore the data from

Restore Deleted Files in Windows 10 using Windows File Recovery Read More »

Encryption of virtual infrastructure within Microsoft Azure

For virtual infrastructure in Microsoft Azure, there are different settings one can use to encrypt data for virtual infrastructure. This is dependent on what kind of requirements you have as a business from a security perspective. Also one needs to understand how these different encryption features work together with other features in Microsoft Azure such

Encryption of virtual infrastructure within Microsoft Azure Read More »

Techcon 2020 – Virtuel konferanse

(For Norwegian Readers) Med tanke på dagens situasjon er det mange konferanser og kurs som har blitt avlyst, for mange har dette vært et fast samlepunkt eller måte for å kunne gjøre kompetanseløft på ny teknologi. Derfor ønsker jeg å gjøre noe med dette, ved å prøve å få relevant informasjon og erfaring ut til

Techcon 2020 – Virtuel konferanse Read More »