msandbu.org

CVE-2020-0796 remote code execution vulnerability in SMB Protocol 3.0

Leave a Comment / 11. March 2020 11. March 2020

Yesterday a big new vulnerability in the SMB protocol stack was published. The security flaw, tracked as CVE-2020-0796, is not included with this month’s March 2020 Patch Tuesday updates, and is unclear when it will be patched. The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet. The information about …

CVE-2020-0796 remote code execution vulnerability in SMB Protocol 3.0 Read More »

The Enterprise ready browser Microsoft Edge for business – How to configure for Edge

Leave a Comment / 24. February 2020 24. February 2020

With Microsoft now releasing Microsoft Edge built on top of Chromium which is an open-source browser project together with its own enterprise security features, I see it as the main browser for enterprises moving forward. So how do we get started roll-out Edge to the enterprise? Deployment As part of a deployment strategy, there are multiple …

The Enterprise ready browser Microsoft Edge for business – How to configure for Edge Read More »

Storage services and considerations for Microsoft Azure

Leave a Comment / 21. February 2020 21. February 2020

Within Microsoft Azure there are numerous storage options which can be used for different workloads such as Container workloads for stateful storage, or big data solutions which requires high IOPS for calculation of workloads or even traditional blob storage which is useful for backup or archive data. Even sometimes you would also need to build …

Storage services and considerations for Microsoft Azure Read More »

The battle for Hybrid PaaS and Kubernetes workloads?

Leave a Comment / 8. February 2020 8. February 2020

In december I had a blogpost about the battle for Hybrid PaaS services https://msandbu.org/the-battle-for-hybrid-paas-is-here/ where I described some of the capabilities that the different cloud providers are aiming for when it comes to Hybrid PaaS services such as Google Anthos, Azure Arc and Amazon Outposts. So I wanted to do a update on that part and also …

The battle for Hybrid PaaS and Kubernetes workloads? Read More »

Upcoming change – Microsoft to disable use of unsigned LDAP port 389

Leave a Comment / 20. January 2020 20. January 2020

In March 2020, Microsoft is going to release a update which will essentially disable the use of unsigned LDAP which will be the default. This means that you can no longer use bindings or services which binds to domain controllers over unsigned ldap on port 389. You can either use LDAPS over port 636 or …

Upcoming change – Microsoft to disable use of unsigned LDAP port 389 Read More »

Delivering Citrix ICA/HDX using Traffic Manager, Frontdoor or Azure VWAN?

Leave a Comment / 8. January 2020 8. January 2020

This was a topic that came up during a discussion earlier today, and looking at the Google Search Results on my blog It seems like that this is something that some people are looking for some answers for, so therefore I decided to write a blog post on this. So can we use Citrix NetScaler/ADC …

Delivering Citrix ICA/HDX using Traffic Manager, Frontdoor or Azure VWAN? Read More »

AMD Radeon GPU on Microsoft Azure – NVv4 Series and VDI

Leave a Comment / 1. January 2020 1. January 2020

I’ve previously written about the new upcoming NVv4 series virtual machine instances which are the new series of GPU based instances in Microsoft Azure which are now coming with AMD Radeon based GPU’s (https://msandbu.org/introducing-the-nvv4-azure-virtual-machines/) these new instances are the first coming with support for true GPU partitioning, which is a of somewhat similiar technology to …

AMD Radeon GPU on Microsoft Azure – NVv4 Series and VDI Read More »

Citrix NetScaler (ADC) vulnerability CVE-2019-19781

Leave a Comment / 31. December 2019 31. December 2019

For those that are not aware, but vulnerability (CVE-2019-19781) has come up , which affects Citrix ADC and Citrix Gateway which essentially allows an unauthenticated attacker to run arbitrary code on the appliances. NOTE: That the vulnerability is leveraging the NetScaler ADC Gateway feature, since it is part of the VPN folder which is accessable when …

Citrix NetScaler (ADC) vulnerability CVE-2019-19781 Read More »

Automating Azure Sentinel deployment using Terraform and PowerShell

Leave a Comment / 22. December 2019 22. December 2019

As part of an on-going project I was tasked with to automate a Sentinel setup using Terraform and PowerShell. Now if you haven’t read about Sentinel before, here is a bit more information available –> https://msandbu.org/designing-an-azure-sentinel-solution/ one of the current limitations as of now with Sentinel is that it does not support any form av automation from …

Automating Azure Sentinel deployment using Terraform and PowerShell Read More »

Current limitations with Azure Firewall

Leave a Comment / 21. December 2019 21. December 2019

So been working a lot with Azure Firewall lately and wanted to adress some of the current limitations that is has. Azure Firewall is a layer 4 stateful firewall offering in Azure as a complete PaaS service. Using a native PaaS service for firewall management (outside of NSG rules) in Azure has some advantages. Automatic …

Current limitations with Azure Firewall Read More »