Jump to content
Sign in to follow this  
  • entries
    142
  • comments
    0
  • views
    80127

About this blog

Remarks from a Cloud Architect daily encounters

Entries in this blog

 

Ασφάλισε την Azure SQL Database μέσα σε ένα VNET χρησιμοποιώντας service endpoints

Για πολλούς, ένα πρόβλημα στο να χρησιμοποιήσουν την Azure SQL, είναι η δημόσια πρόσβαση. Μετά τα τελευταία Azure updates μπορούμε να χρησιμοποιήσουμε τα service endpoints ώστε να ασφαλίσουμε την Azure SQL μέσα σε ένα VNET. Ας ξεκινήσουμε λοιπόν να βάλουμε την Azure SQL μέσα σε ένα VNET. Ανοίγουμε το Azure Portal και ξεκινάμε να δημιουργήσουμε ένα VNET. Στο τέλος της σελίδας δημιουργίας έχει προστεθεί μια νέα επιλογή που λέγετε service endpoints. Το ενεργοποιούμε και επιλέγουμε το Microsoft.Sql.

proximagr

proximagr

 

Ασφάλισε την Azure SQL Database μέσα σε ένα VNET χρησιμοποιώντας service endpoints

ΑΣΦΆΛΙΣΕ ΤΗΝ AZURE SQL DATABASE ΜΈΣΑ ΣΕ ΈΝΑ VNET ΧΡΗΣΙΜΟΠΟΙΏΝΤΑΣ SERVICE ENDPOINTS February 6, 2018 Pantelis Apostolidis Microsoft, Ελληνικά Leave a comment   Για πολλούς, ένα πρόβλημα στο να χρησιμοποιήσουν την Azure SQL, είναι η δημόσια πρόσβαση. Μετά τα τελευταία Azure updates μπορούμε να χρησιμοποιήσουμε τα service endpoints ώστε να ασφαλίσουμε την Azure SQL μέσα σε ένα VNET. Ας ξεκινήσουμε λοιπόν να βάλουμε την Azure SQL μέσα σε ένα VNET. Ανοίγουμε το Azure Portal και ξεκινάμε να δημιουρ

proximagr

proximagr

 

Azure Update Management

Azure Update Management Have you checked the update management system for your Azure and On-Premises server that supports both Windows and Linux operating systems? And it is completely free! Please find the full list of supported operating systems and prerequisites here: https://docs.microsoft.com/en-us/azure/operations-management-suite/oms-solution-update-management#prerequisites. Lets get started. The easiest way is to start from an Azure VM. Go to the VMs blade and find “Update management”.

proximagr

proximagr

 

Azure Update Management

Azure Update Management Have you checked the update management system for your Azure and On-Premises server that supports both Windows and Linux operating systems? And it is completely free! Please find the full list of supported operating systems and prerequisites here: https://docs.microsoft.com/en-us/azure/operations-management-suite/oms-solution-update-management#prerequisites. Lets get started. The easiest way is to start from an Azure VM. Go to the VMs blade and find “Update management”.

proximagr

proximagr

 

Custom pfSense on Azure Rm | a complete guide

Custom pfSense on Azure Rm | a complete guide A complete guide on how to create a pfSense VM on a local Hyper-V server, prepare it for Microsoft Azure, upload the disk to Azure and create a multi-NIC VM. Download the latest image from https://www.pfsense.org/download/ Open Hyper-V Manager create a Generation 1 VM. I added 4096 ram, 2 cores, use VHD, add an extra NIC (for second interface) and select the downloaded ISO. (create a fixed VHD as Azure supports only fixed VHDs for custom VMs) Star

proximagr

proximagr

 

Azure File Sync & DFS Namespace

Azure File Sync & DFS Namespace Azure File Sync is a new Azure feature, still in preview, that allows to sync a folder between your local file server and Azure Files. This way your files are accessible both locally at your file server and publicly at Azure Files using an SMB 3.0 client. Also the files can be protected online using Azure Backup. The idea of this post is to have the files of two file servers to sync to Azure Files using Azure File Sync and in addition use the DFS Namespace fea

proximagr

proximagr

 

Azure File Sync & DFS Namespace

Azure File Sync & DFS Namespace Azure File Sync is a new Azure feature, still in preview, that allows to sync a folder between your local file server and Azure Files. This way your files are accessible both locally at your file server and publicly at Azure Files using an SMB 3.0 client. Also the files can be protected online using Azure Backup. The idea of this post is to have the files of two file servers to sync to Azure Files using Azure File Sync and in addition use the DFS Namespace fea

proximagr

proximagr

 

Bulletproof manage your Azure VMs

Bulletproof manage your Azure VMs Continuing the Azure Security Center posts, today we will see a new feature of the Security Center, called Just in Time VM Access. As best security practice, all the management ports of a Virtual Machine should be closed using Network Security Groups. Only the ports required for any published services should be opened, if any. However there are many occasions that we are requested to open a management port for administration or a service port for some tests for

proximagr

proximagr

 

Bulletproof manage your Azure VMs

Bulletproof manage your Azure VMs Continuing the Azure Security Center posts, today we will see a new feature of the Security Center, called Just in Time VM Access. As best security practice, all the management ports of a Virtual Machine should be closed using Network Security Groups. Only the ports required for any published services should be opened, if any. However there are many occasions that we are requested to open a management port for administration or a service port for some tests for

proximagr

proximagr

 

Use Azure Security Center to protect your workloads

Use Azure Security Center to protect your workloads At this series of posts we will make a walk along the Azure Security Center, to see some common usage scenarios. Like how we can use it to protect from a Virtual Machine to a whole Data Center. To make it easier to understand we will start with a typical Azure IaaS scenario. A Virtual Machine with IIS role to act as Web Server. The steps to create the VM is out this post’s scope. I will simply describe the process. First we create a Windows Ser

proximagr

proximagr

 

Use Azure Security Center to protect your workloads

Use Azure Security Center to protect your workloads At this series of posts we will make a walk along the Azure Security Center, to see some common usage scenarios. Like how we can use it to protect from a Virtual Machine to a whole Data Center. To make it easier to understand we will start with a typical Azure IaaS scenario. A Virtual Machine with IIS role to act as Web Server. The steps to create the VM is out this post’s scope. I will simply describe the process. First we create a Windows Ser

proximagr

proximagr

 

Use Service Endpoints to protect an Azure Storage Account inside an Azure Azure Virtual Network

Use Service Endpoints to protect an Azure Storage Account inside an Azure Azure Virtual Network As we have already saw at a previews post, we can use the Service Endpoints to protect an Azure SQL Server inside an Azure Virtual Network. Today we will see how we can protect a Storage Account. First we need to enable the Microsoft.Storage Service Endpoint to an existing Virtual Network or create a new Virtual Network and enable it. At this port I am creating a new Virtual Network, so at the Azure P

proximagr

proximagr

 

Use Service Endpoints to protect an Azure Storage Account inside an Azure Azure Virtual Network

Use Service Endpoints to protect an Azure Storage Account inside an Azure Azure Virtual Network As we have already saw at a previews post, we can use the Service Endpoints to protect an Azure SQL Server inside an Azure Virtual Network. Today we will see how we can protect a Storage Account. First we need to enable the Microsoft.Storage Service Endpoint to an existing Virtual Network or create a new Virtual Network and enable it. At this port I am creating a new Virtual Network, so at the Azure P

proximagr

proximagr

 

Protect your Web App using Azure Application Gateway Web Application Firewall

Protect your Web App using Azure Application Gateway Web Application Firewall Web Application Firewall was always a big investment for a small or growing company as most of the top branded companies are charging a lot of money A Web Application Firewall protects your application from common web vulnerabilities and exploits like SQL Injection or Cross site scripting. Azure provides enterprise grade Web Application Firewall through the Application Gateway. It comes in two pricing models, Medium a

proximagr

proximagr

 

Protect your Web App using Azure Application Gateway Web Application Firewall

Protect your Web App using Azure Application Gateway Web Application Firewall Web Application Firewall was always a big investment for a small or growing company as most of the top branded companies are charging a lot of money A Web Application Firewall protects your application from common web vulnerabilities and exploits like SQL Injection or Cross site scripting. Azure provides enterprise grade Web Application Firewall through the Application Gateway. It comes in two pricing models, Medium a

proximagr

proximagr

 

Secure your Azure SQL locally inside your vnet using service endpoints

Secure your Azure SQL locally inside your vnet using service endpoints For many companies, a throwback of using Azure SQL was the Public Access. After the latest Azure updates you can use the service endpoints to Secure your Azure SQL locally inside your vnet! For the time, the feature is available only at the West Central US, West US 2, and East US regions but soon more will follow. So, lets secure your Azure SQL locally inside your vnet! At the VNET creation blade, select the Microsoft.Sql s

proximagr

proximagr

 

Secure your Azure SQL locally inside your vnet using service endpoints

Secure your Azure SQL locally inside your vnet using service endpoints For many companies, a throwback of using Azure SQL was the Public Access. After the latest Azure updates you can use the service endpoints to Secure your Azure SQL locally inside your vnet! For the time, the feature is available only at the West Central US, West US 2, and East US regions but soon more will follow. So, lets secure your Azure SQL locally inside your vnet! At the VNET creation blade, select the Microsoft.Sql s

proximagr

proximagr

 

My First Microsoft Azure MVP award!

Μόλις έλαβα το πρώτο μου Microsoft Azure MVP award! Νοιώθω χαρούμενος και περήφανος που η προσπάθεια και η προσφορά μου στην κοινότητα ανταμείβεται. Πιστεύω στην κοινότητα και στον διαμοιρασμό της γνώσης και αυτό με έχει βοηθήσει πολύ στην ζωή μου και και εγώ με τη σειρά μου προσπαθώ να βοηθήσω στο μέγιστο. Όλα ξεκινάνε με αυτό το υπέροχο email Congratulations! We are extremely pleased to present you with the 2018-2019 Microsoft Most Valuable Professional (MVP) Award! This award is given to exce

proximagr

proximagr

 

Create Azure File Shares at your ARM template using PowerShell

Create Azure File Shares at your ARM template using PowerShell Using Azure Resource Manage template deployment, you can create a Storage account but you cannot create File Shares. Azure File Shares can be created using the Azure Portal, the Azure PowerShell or the Azure Cli. Mainly, the idea is to run a PowerShell script that will create the File Shares. This script will be invoked inside the ARM Template. In order to use a PowerShell script from a template, the script must be called from a URL.

proximagr

proximagr

 

Create Azure File Shares at your ARM template using PowerShell

Create Azure File Shares at your ARM template using PowerShell Using Azure Resource Manage template deployment, you can create a Storage account but you cannot create File Shares. Azure File Shares can be created using the Azure Portal, the Azure PowerShell or the Azure Cli. Mainly, the idea is to run a PowerShell script that will create the File Shares. This script will be invoked inside the ARM Template. In order to use a PowerShell script from a template, the script must be called from a URL.

proximagr

proximagr

 

Add multiple managed disks to Azure RM VM

Add multiple managed disks to Azure RM VM In this post I have created a PowerShell script to help add multiple managed disks to an Azure RM Virtual Machine. The script to add multiple managed disks will prompt you to login to an Azure RM account, then it will query the subscriptions and ask you to select the desired. After that it will query the available VMs and promt to select the target VM from the VM list. At this point I am checking the OS disk and define the storage type of the data disk.

proximagr

proximagr

 

Microsoft Azure Nested Virtualization | VM in Nested VM in Azure VM

Microsoft Azure Nested Virtualization | VM in Nested VM in Azure VM After my main Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post, we saw two usage scenarios. One is running Hyper-V Replica and the other is running Web Server in nested VM on Azure. Now lets have some fun and try to run a VM nested inside a VM nested inside an Azure VM. As a fellow said, VM inception! We will use again the nested VM that we created at the Microsoft Azure Nested Virtualization | Hyper-V VM

proximagr

proximagr

 

Microsoft Azure Nested Virtualization | Web Server

Microsoft Azure Nested Virtualization | Web Server At my previous post, Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM, I described how to create a Hyper-V VM inside an Azure VM with the new Dv3 and Ev3 VM sizes. Now we will see how to use a Hyper-V Nested VM as a Web Server that is hidden behind the Azure VM to secure access to your web application. Starting we will add the IIS Role at the Nested VM. Go to the Server Manager, add Roles and Features and select the Web Server

proximagr

proximagr

 

Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure

Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure After my Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post on how to create a Nested VM inside an Azure VM, I am following with how to have Hyper-V Replica on Azure. To accomplish this we will use the Azure VM and the Nested VM from the Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post. The first step is to create an identical pair of Azure VM and Nested VM to use for replica server. The

proximagr

proximagr

 

Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM

Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM With the new Dv3 and Ev3 VM sizes Microsoft has released the Nested Virtualization, meaning you can simply have a Hyper-V VM inside an Azure VM. In this post I am testing the Nested Virtualization functionality creating a Hyper-V VM inside an Azure VM and have Network and Internet Connectivity. Lets get started. First of all we will need a Dv3 or Ev3 VM and for best Nested Virtualization performance make use of SSD Managed Disks.

proximagr

proximagr

Sign in to follow this  
×
×
  • Create New...