• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Hackers Cryptojack Microsoft Azure ML Clusters

Everything You Need to Know About Azure Infrastructure – November 2020 Edition

December 25, 2020
Microsoft Declares ‘General Availability’ of Threat Experts Security Service

Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

March 1, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

March 1, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

March 1, 2021
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

March 1, 2021
How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

February 26, 2021
Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

February 26, 2021
Innovative solutions for IT workers at home

What is database encryption?

February 26, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Microsoft Releases Azure Firewall Premium in Public Preview

February 26, 2021
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

February 25, 2021
8×8 makes raft of updates to platform

Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

February 25, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

February 25, 2021
Innovative solutions for IT workers at home

ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

February 24, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Tuesday, March 2, 2021
  • Login
Azure Security News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    Microsoft Cloud Announces Three New Vertical Cloud Solutions

    Innovative solutions for IT workers at home

    Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

    Innovative solutions for IT workers at home

    What is database encryption?

    A moment of reckoning: the need for a strong and global cybersecurity response

    Cloud Security in Banking Market to Witness Huge Growth by 2026 | Microsoft Azure, Trend Micro, Salesforce

    Innovative solutions for IT workers at home

    ZEDEDA Announces Integration with Microsoft Azure IoT to Seamlessly and Securely Orchestrate Distributed Edge Computing Workloads at Scale

    A moment of reckoning: the need for a strong and global cybersecurity response

    ZEDEDA integrates with Microsoft Azure IoT to provide full lifecycle management capabilities

    Innovative solutions for IT workers at home

    SolarWinds Attack: Proof That On-Premises Active Directory Still an Effective Initial Access Vector

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code

    8×8 makes raft of updates to platform

    Indonesian Mobile Operator Selects NTT for Microsoft Security Project

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Microsoft Declares ‘General Availability’ of Threat Experts Security Service

    Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Releases Azure Firewall Premium in Public Preview

    Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

    Veeam Backup & Replication 11: Enhanced data management for a multi-cloud environment

    8×8 makes raft of updates to platform

    Advancing the Orchestration of Distributed Edge Applications, ZEDEDA Integrates with Microsoft Azure IoT

    How to use Microsoft Sysmon, Azure Sentinel to log security events

    OPS101 – Securing your Hybrid environment – Part 1 – Azure Security Center

    A moment of reckoning: the need for a strong and global cybersecurity response

    Microsoft Ending Azure Information Protection Connections to Microsoft Defender for Endpoint

    Microsoft To Open Azure Cloud Data Center Region In Spain

    EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

    A moment of reckoning: the need for a strong and global cybersecurity response

    Azure Engineer at VillageMD

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News

Everything You Need to Know About Azure Infrastructure – November 2020 Edition

by AZURE SECURITY NEWS EDITOR
December 25, 2020
in News
0
Hackers Cryptojack Microsoft Azure ML Clusters
492
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

It’s not even 4:30PM as I write this and it’s dark outside my office. Winter has come. The night is dark and full of … Azure VM and SAP HANA backup news … ok, it’s full of terrors.

Azure Bastion & VNet Peering

If you have virtual machines running in The Cloud, then you need to be able to log into them over a network connection via RDP or SSH. Those who are new to network security, The Cloud, or just don’t care about security, will likely just connect directly to those machines across the Internet, possibly without any firewall. Various innovations have appeared to secure SSH and RDP access to Azure virtual machines but some of us settled on the use of a Remote Desktop Gateway (RDGW) to “air gap” or bounce into IaaS in the cloud.

RDGW is far from perfect:

  • It requires more virtual machines.
  • Multi-factor authentication (MFA) with Azure AD is not a smooth experience, administration or operations-wise, using Network Policy Server with the Azure AD MFA extension.
  • There just isn’t a good story for third-party vendor support.

When Azure Bastion preview was announced, I hoped that it would end the need of RDGW. Alas, that was not the case. I work with enterprise clients that run hub & spoke architectures. Running a Bastion in every spoke would be too expensive. But now a preview release of inter-subscription VNet peering support has been launched for Bastion.

Things are not perfect! The Bastion resource must be deployed into the hub – thus ruling out Azure Virtual WAN hubs today. And the RBAC requirements are poorly documented. And yes, Bastion has other limitations such as:

  • Not supporting desktop clients
  • No support for RDP channels (file transfer for example)

But overall, Bastion is an imperfect but better experience than RDGW.

Encryption Over ExpressRoute

It seems that many people are not aware that ExpressRoute circuits:

  • Are not encrypted: The data transfers “in the clear”
  • Do not terminate at a Microsoft data center: Edge data centers are hosted in third-party locations, which means that even if your ISP could encrypt the circuit as far as Microsoft’s enterprise edge (MSEE) router, the data would return to the clean until it transited a circuit (not necessarily owned by Microsoft) to reach the Azure region.

This is a topic that has taken up a lot of my time lately. The original two options were:

  • Implement IPsec encryption, which is an operational nightmare and useless with PaaS.
  • Use ExpressRoute Direct, which will be 5x more expensive than ExpressRoute Standard – and that’s just the Azure charges.

In November, a new option was made generally available: VPN over ExpressRoute private peering. The concept is that you run a VPN Virtual Network Gateway alongside the ExpressRoute Virtual Network Gateway. The on-premises edge network creates a VPN tunnel to the VPN Virtual Network Gateway across the ExpressRoute circuit. Yes, there will be an overhead of encryption, but you can use a lower cost ExpressRoute tier. There is some additional BGP complexity where you need to ensure that on-premises routes are advertised only through the VPN tunnel to avoid ExpressRoute taking priority, which is automatically does if it propagates an identical set of on-premises prefixes.

The downside of the solution is that the VPN Virtual Network Gateway must be one of the AZ SKUs – that means that the solution is limited to regions that support zone redundancy. That’s where the core concept of this feature falls apart. Many of the organisations that will require encryption for compliance are the same organisations that have driven Microsoft to deploy Azure regions into more localities. Those local regions are smaller and mostly do not support zone redundancy. That leaves VPN over the Internet as the best option – you can still do VPN over ExpressRoute to a virtual appliance, but that leaves you with a single point of failure (the appliance) that cannot propagate BGP routes into your virtual network(s).

Other Announcements from Microsoft

Here are other Azure IaaS headlines from the past month:

Azure Storage

  • SMB Multichannel preview is now available on Azure Files premium tier
  • More IOPS at no additional cost for Azure Files premium tier
  • Azure Resource Manager template support for Azure file share backup

Networking

  • New Azure Firewall capabilities will be generally available in Q4 CY2020
  • General availability: VPN over ExpressRoute private peering
  • Multiple new features for Azure VPN Gateway are now generally available
  • Unified Connection Monitor in Network Watcher is now generally available

Azure Virtual Machines

  • VNet peering and Azure Bastion (Preview)
  • PowerShell support for Server Migration with Azure Migrate is now generally available
  • New constrained vCPUs capable VMs now available
  • SQL Server Reporting Services Virtual Machine images now available
  • New SAP HANA Certified Memory-Optimized Virtual Machines now available
  • Performance tiers for Premium SSDs is now generally available
  • Azure Shared Image Gallery–New features are now generally available
  • Azure Hybrid Benefit now generally available for Linux

Backup And Site Recovery

  • Azure Backup—Soft delete for SQL Server and SAP HANA running in Azure VM
  • Azure Backup for SAP HANA databases now supports Incremental backups – Public preview
  • Azure Backup for SAP HANA backup – User management improvements
  • Azure Site Recovery – Support for increased disk size in Azure VM disaster recovery is now generally available

App Services

  • App Service Environment v3 public preview
  • NAT Gateway and app integration

Databases

  • Azure Backup for Azure PostgreSQL long-term retention in preview

Management

  • Azure Monitor for Virtual Machines Guest Health is in public preview

Miscellaneous

  • Azure Security Center—News and updates for October 2020
  • New recommendations from Azure Advisor are now available
  • The Azure Cloud Shell image has been updated
  • Azure portal November 2020 update
  • Microsoft to establish its first datacenter region in Sweden
  • Export and manage Azure Policy as code with GitHub

And Now for Something Different

Do you know how to do a “DCPromo”? Can you create and troubleshoot GPOs? Are you able to engineer AD sites & site links?

I went to my first IT conference in 2004. It was WinConnections at Lake Las Vegas where IT luminaries such as Mark Minasi, Jeremy Moskowitz, and more spoke about the latest things in Windows Server. I was there mainly to advance my skills in Active Directory Domain Services (ADDS), because it was at the heart of the global IT system that I was responsible for.

Enterprise IT has not changed all that much since then. Sure, Azure AD has come along and we have stuff like MFA, Intune (or whatever it’s called this month), and all that jazz. But in an enterprise, where is identity created? Yup, ADDS. What is used as the authentication/authorization engine for the billions of legacy business systems? Yup, ADDS. And what skill is disappearing from our business? Yup, ADDS.

I’ve been involved in a few engagements over this year where I’ve been amazed at how this critical system, central to the organizations in question, is relatively unknown to those who own it. Even in my team, only a few of us grey-beards (hair on the top of the head is in short supply) know our way around a domain controller. Back in the Spring, I walked a 20-something colleague through his first forest creation for a client.

You could argue that AAD should be killing off ADDS. But that’s not possible. Too many legacy systems, including Citrix and Windows Virtual Desktop, rely on ADDS. Azure AD Domain Services doesn’t even offer the same single-scope experience.

And meanwhile, those of us who do know the tech are getting older, retiring, or … let’s not go there. Are any of you starting to feel old?

Reference: https://petri.com/everything-you-need-to-know-about-azure-infrastructure-november-2020-edition

Share197Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Cloud Security in Banking Market Next Big Thing | Major Giants- Sophos, Boxcryptor, Microsoft Azure

by AZURE SECURITY NEWS EDITOR
March 1, 2021
0

The Global Cloud Security in Banking Market Report provides a holistic evaluation of the market for the forecast period (2020–2026)....

How to use Microsoft Sysmon, Azure Sentinel to log security events

Microsoft Cloud Announces Three New Vertical Cloud Solutions

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

Microsoft is boosting its industry-cloud solutions with the announcement of three new programs. To help get these new Azure offerings...

Innovative solutions for IT workers at home

Privacera Announces Partnership with Talend for Rapid Cloud Data Integration and Governance with Automated Privacy and Compliance

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

 Privacera, the cloud data governance and security leader founded by the creators of Apache Ranger™, today announced a technology partnership...

Innovative solutions for IT workers at home

What is database encryption?

by AZURE SECURITY NEWS EDITOR
February 26, 2021
0

Database encryption protects sensitive information by scrambling the data when it’s stored, or, as it has become popular to say,...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021
Microsoft Launches Host of Security Products in Time for RSA

Microsoft to add two new Microsoft 365 security, compliance bundles to its line-up

November 26, 2020

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Microsoft Declares ‘General Availability’ of Threat Experts Security Service

Mindware Partners with Cibecs to Help Regional Organizations Manage and Protect Distributed Endpoint Devices and Data

March 1, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Enterprise Key Management Solution Market 2021 Industry Growth Analysis, Future Predictions, SWOT Analysis, By Top Players- EMC Corporation Townsend security Hewlett-Packard Enterprise Gemalto N.V. Microsoft Azure Google Thales e-security International Business Machines (IBM) Broadcom

March 1, 2021
A moment of reckoning: the need for a strong and global cybersecurity response

Intel Calls Silicon ‘Greatest Weapon Against Security Threats’

March 1, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In