Archives for Azure - Page 2
Top Governance Tasks for a New Azure Subscription
Also see - Subscription approaches in Azure Network Design Comes First Apart from a hub spoke network design to protect your resources at a network level (with associated FW rules…
Routes in Azure – A poor man’s DMZ
Apart from firewall rules, routes are the key networking component that need to be configured for your subnets/VNET. To build a poor man's DMZ, one could simply have an Azure…
Azure AD Connect – Getting Corporate Identities in Azure AD
See also Top Governance Practices on Azure SubscriptionsWhat is AAD Connect?Azure AD Connect is a service that syncs identities between your corporate AD and your cloud AD (AAD).The Azure AD…
Azure Subscription Strategies
See also Top Governance Practices on Azure Subscriptions Subscription Layout Considerations Workload separation strategy As an organization adds new workloads to the cloud, different ownership of subscriptions or basic separation…
Azure Security Audits – What should be included?
Also read Governance Tasks for any Azure Subscription - Azure Data Protection Services Overview What should you include in a detailed cloud security audit? This post focuses on an Azure…
Azure Data Protection Native Services
Which service in Azure should you use for different types of data protection? Database encryption - SQL TDE and Always Encrypt, built into the SQL Server Engine File encryption -…
Next Gen Firewalls for Cloud Hosted Resources
Also read Azure Firewall versus NSGs and GCP Firewall Policies versus VPC Firewall Rules Traffic Filtering is what Next Gen Firewalls provide ( Palo Alto). Whether you need Next Gen…
Azure Firewall versus NSGs
Also read A Reusable Hub Spoke Network Design on Azure NSGs at instance level and at Subnet Level NSG rules can become difficult to manage in larger VNETs with multiple…
Azure Firewall versus NSGs
NSGs are layer 3 and layer 4 rules - that are also true ALLOW DENY rules, just like in any firewall appliance Azure Firewall - is Layer 3, 4 and…
GCP Foundation via Terraform
Google has put out a few examples of cloud foundational components - integrated into a single terraform solution that is called from a bootstrap module. Need an experienced AWS/GCP/Azure…