Secure Azure Virtual Network and create DMZ on Azure VNET using Network Security Groups (NSG)

At TechEd Europe 2014, Microsoft announced the General Availability of Network Security Groups (NSGs) which add security feature to Azure’s Virtual Networking capability. Network Security Groups provides Access Control on Azure Virtual Network and the feature that is very compelling from security point of view. NSG is one of the feature Enterprise customers have been waiting for.

What are Network Security Groups and how to use them?

Network Security Groups allow us to control traffic (ingress and egress) on our Azure VNET using rules we define and provide segmentation within VNET by applying Network Security Groups to our subnet as well as Access Control to VMs.… [Keep reading] “Secure Azure Virtual Network and create DMZ on Azure VNET using Network Security Groups (NSG)”

Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2

This post is part of the series. Part 1 can be found here. As I mentioned on previous post, this post to wrap up my session at TechEd Sydney 2014 DCI315 Azure VM Security ad Compliance Management with Configuration Manager and SCM.

Let’s jump to our next focus:

Patch Azure VM

ConfigMgr  is long famous for its capability for patch management. Three points on how the patch management lifecycle is running with ConfigMgr 2012 R2 for our Azure VMs:

  • Scan and Measure
    Scan&Measure
  • Remediate Non-Compliant – Patch the non-compliant
  • Reporting
    reportdefinition

Patch is straight forward and utilize ADR (Automatic Deployment Rules) to set schedule update/patch.… [Keep reading] “Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2”

Deploy Hardened HA-Proxy Azure VM from VM Depot (Microsoft Open Technologies)

In this post, we will discuss how to deploy various VM image developed by community from VM Depot (Microsoft Open Technologies).

Microsoft Azure Cross Platform Command Line (X-Plat CLI)

I blogged Microsoft Azure Cross Platform Command Line previously. This post will continue to explore Microsoft dedication on Open-Source technologies.

Firstly let’s prepare quickly our tools to run Azure X-Plat CLI:

1. I am using my Windows machine. I run my Azure Command Prompt or You can use node.js[Keep reading] “Deploy Hardened HA-Proxy Azure VM from VM Depot (Microsoft Open Technologies)”

Static DIP Request, VIP Reservation on Microsoft Azure

 

Firstly, what is Azure VIP (Virtual IP address) and DIP (internal IP address assigned by Azure DHCP) on Microsoft Azure?

Microsoft Azure VM has two known IP addresses:

  • VIP: Public IP address pointing to Azure Cloud Service where VM is deployed. Every Cloud Service has a VIP and every Cloud Service can have several VMs. A VIP assigned to Cloud Service won’t be released until last VM on that Cloud Service is Stopped (De-allocated)
    or Deleted
  • DIP: Internal IP address assigned to the VM by Azure DHCP.
[Keep reading] “Static DIP Request, VIP Reservation on Microsoft Azure”

Microsoft Azure Cross Platform Command Line Step by Step

Microsoft Azure is not just about Windows, Microsoft Azure also supports Linux workloads. Spinning up Linux VMs in Microsoft’s fabric offers alternative options for open-source technologies with Microsoft Azure services.

Microsoft also provides Azure Cross-Platform Command-Line Interface (X-Plat CLI) which is a set of Open-Source, Cross-Platform commands for managing Microsoft Azure platform. X-Plat CLI has few top-level commands which correspond to different set of Microsoft Azure features. Typing “azure” will list each of the sub commands.[Keep reading] “Microsoft Azure Cross Platform Command Line Step by Step”

Do It Yourself Cloud Accelerator

This intro is unashamedly lifted from a Microsoft article but I couldn’t say it any better: “The cloud has enormous potential to reduce operational expenses and achieve new levels of scale, but moving workloads away from the people who depend on them can increase networking costs and hurt productivity. Users expect high performance and don’t care where their applications and data are hosted” Cloud is a journey, to get there takes more than just migrating your workloads to the cloud.[Keep reading] “Do It Yourself Cloud Accelerator”