Microsoft Sentinel for Microsoft 365 – a must have!

Microsoft Sentinel is a cloud-native SIEM and SOAR solution. Microsoft 365 offers integrated security functions for Azure Active Directory (Entra), Microsoft Defender for Office 365, Microsoft Defender for Endpoint and Microsoft Cloud App Security. However, these features do not cover all possible attack vectors and vulnerabilities that hackers could exploit. In this blog post, I explore how Microsoft Sentinel extends the capabilities of Microsoft Defender XDR (and other Defender products).

Azure Files and Kerberos Support - A Cloud Story

AZ Files and Kerberos - Header

Back in 2021, Kerberos support for Azure AD was available as a preview. A lot has happened since then and the three-headed hellhound continues to make its way and shake up the cloud. This article is a collection of information on what Azure AD with Kerberos and Azure Files already provides and where the journey will go. This is because support for Azure Files with Kerberos has also recently been publicly communicated, although at the time of writing this article it is still in preview.

Application Gateway WAF v2 Custom Rules

Header - AppGW WAF v2 Custom Rules

The Application Gateway WAF v2 has brought some new features compared to v1, including the ability to create "WAF Custom Rules". In this short article I would like to discuss these "Custom Rules" and show how you can successfully create them. I have added some hints to the article that are difficult or impossible to find in the Microsoft documentation.

Certificate-based Point to Site Azure VPN through Intune

P2S VPN through Intune header

As the business world becomes increasingly mobile, cloud services are becoming even more attractive. But what if, as is often the case, there are still dependencies on an enterprise network - on Azure, for example? The solution is obvious: a point-to-site VPN ensures communication for mobile workers. In this how-to post, I discuss how a certificate-based point-to-site VPN to an Azure VPN gateway can be automatically rolled out to mobile clients through Intune. I also discuss how certificates can be automatically issued and renewed by a Certificate Authority in combination with Intune.

App Service PHP-Version Update

AppService-PHP-Update-Banner

Von Zeit zu Zeit benötigt jede Webseite ein Update. Sei das inhaltlich, oder das System im Hintergrund. Beispielsweise solltest du, wenn immer möglich die aktuelle PHP-Version verwenden. In diesem Blogpost zeige ich auf, wie du ein App Service PHP-Version Update auf Azure ganz einfach und schnell durchführen kannst, per GUI oder CLI.

Restore Azure App Service MySQL In-App Database

Header-AppSvc-MySQL-Restore

The Azure App Service offers the possibility to have backups created automatically by Azure. This backup also includes the MySQL in-app database, which is often used for a simple WordPress site. But when testing the restore, the surprise that WordPress needs to be reinstalled. This is because the database is not restored during the restore, only the backed up file structure. But more about that later. The following tutorial shows how you can test what problem occurs and how restoring the Azure App Service MySQL in-app database works anyway.

ARM template deployment – Hub and Spoke with Bastion

ARM Template Hub and Spoke with Bastion

With an Azure Resource Manager (ARM) template, you can create a specific infrastructure on Azure with the click of a button. The template defines the infrastructure as code and Azure is thereby told the target state of the resources. I have created such a template and published it via Github. The ARM template deployment includes a hub and spoke network topology with a central Azure bastion for secure access to VMs. This post shows you step by step how to use the template for yourself.

Use Azure Bastion with VNet peering

Azure Bastion with VNet peering

The Microsoft PaaS "Azure Bastion" is a popular service to make your Azure networks more secure. However, until now there was a drastic limit. Azure Bastion could only be used in the same VNet. VMs in a peered network could not be accessed via Bastion. This circumstance pushes up the costs, because with a hub-and-spoke topology you have to place a bastion in each VNet. But these times are over. Use Azure Bastion with VNet peering (since 05.11.2020 in preview).

Azure Bastion - Secure access to Azure VMs

az bastion secure access vms

The work forms "home office", "remote work" or even "work anywhere" are becoming increasingly important, especially in recent months. This change affects not only users, but also IT staff and system administrators. However, I am often confronted with mistrust and security concerns when dealing with such issues. This is where Azure Bastion comes into play. Bastion not only enables "work anywhere" for system administrators, but also provides increased security and secure access to your Azure VMs without the need for a VPN!

en_GBEnglish